As many businesses have thousands, if not hundreds of thousands, of dollars invested in inventory or equipment, one would normally guess that such items would be a business’ most valuable asset and often they are. However, this information can be in the form of intellectual property (patents, copyrights, trade secrets, etc.) or market-related information (customer preferences, vendor relationship details, pricing arrangements, etc.). As a lot of this information is not physically tangible, it can get forgotten about by business owners during the day-to-day struggle of running a business.
However, forgetting to protect this information can leave a business exposed and vulnerable. Information theft of this kind can lead to major issues for business; both from the businesses’ clients and vendors (who may be impacted by the stolen information) and also from with competitors (who may now have access to the stolen information). The types of problems that arise following such a theft can cost thousands of dollars to fix and often there is little, if anything, that can be done once the information has been stolen. In order to avoid this happening to your business, it is important that actions be taken ahead of time.
Below are five (5) steps that can be taken to help protect the information that belongs to your business.
Step #1: Identify Your Assets. The first step is identifying the assets of your business. I recommend starting by preparing a list of all of the known assets of the business and their various locations. Once the list is prepared, it should be shared with all of the owners or top management officials of the business so that everyone has a chance to review it and add items. It is also important to remember that proprietary information is considered confidential information and should be protected as well.
It is often surprising how many different assets are found once a business takes the time to perform an internal inspection and identify everything it owns. The way business is conducted has changed a lot over the past twenty years, so what is considered confidential information has changed too. A good rule to follow when it comes to confidential information is: “Would the business suffer any negative effects if its competitor or the general public knew of or had the ability to use this information?” If the answer is yes, then the information should be considered confidential. If the answer is no, then the information is usually not considered confidential.
It is important to be careful when deciding what is confidential and what is not; one piece of information by itself may not seem that important but when combined with other information, it becomes confidential. If in doubt, I recommend contacting an attorney to verify if an item should be considered confidential and if steps should be taken to protect it.
Step #2: Organize and Document Your Assets. Businesses today can have numerous locations across the country, and sometimes across the globe. This causes information to get disperse over various locations and systems. Often important information belonging to a business is not found on the business’ own computer system but is instead saved within the emails and on the personal devices of their employees. It is recommended, in most situations, that all of the information belonging to the business be regularly collected and maintained in one safe and secure location. The failure of a business to maintain a centralized hub for all of its information can cause several different issues ranging from the business not having all of the relevant information easily available when a decision must be made to the potential “loss” of information as a result of employees leaving.
A good example of information loss can be found by looking at the manufacturing industry; often these companies will perform the same task for several years and will develop a certain or special way of performing this task but fail to prepare anything in writing on behalf of the company documenting the certain way that the business does this task or classifying such method as the confidential information of the business.
If all of the individuals who knew how to perform this task in the specific way the company wanted left: (i) the business would no longer know how to perform the task in the specific way that it used to, and (ii) the individuals who knew such method could freely tell others about it. Obviously, no business wants to share information that it has spent time (or money) developing with others for free. Another example of information loss can be found by look at sales representatives. Sales representatives often accumulate a lot of important information on the clients they serve (preferences, price points, relationship details, etc.) but this information can be easily lost if a system to keep and organize such is not put in place.
Step #3: Restrict Access to Your Assets. Once a business has identified, collected, and documented all of its informational assets, the next step is to restrict who has access to such assets.
Due to the advances in technology, the term “access” can have a variety of different meanings these days. It can mean everything from the ability to view a document to the ability to edit it, and different permissions can be set for each type of access.
As it is better to be safe than sorry when it comes to protecting assets, businesses are encouraged to be as stingy (as restrictive) as possible when granting permission for individuals to access the information. Additional access can always be granted later if it is needed.
For those business owners who want to be extra diligent in protecting their information, there are software programs available that can keep track of who accesses or modifies files belonging to the business and can provide reports showing such in addition to a variety of other information. Certain programs can even inform a business if any information has been copied from a document or if a USB drive (or other external device) has been connected and information transferred to it.
Step #4: Secure Ownership of Your Assets with a Written Agreement.
It almost goes without saying but all business should require their employees and independent contractors to execute written agreement regarding how the business’ confidential information is to be treated. Oral agreements requiring confidentiality are practically worthless and cause more problems than they solve.
When a written agreement is signed, the business is given reassurance that its information will not be shared and that certain consequences can be imposed in the event that such information is inappropriately shared.
The exact topics to address and the language to include within the agreement depends on the type of business and role of the involved individuals. An experienced business attorney can provide valuable advice related to the drafting of the necessary documentation and can help to ensure that the businesses’ assets are properly protected.
Step #5: Verify Return or Destruction of Information by Departing Individuals
In addition to all the steps above, it is recommended that a business have all individuals who leave the business (owners, employees, contractors, etc.) sign a statement certifying that they have not taken any information (confidential or otherwise) belonging to the business and that they have destroyed or returned any information they had previously. This statement can also repeat the confidentiality obligations that the individual agreed to while working for the business and how those obligation apply now that the individual has separated from the business to avoid any misunderstandings.
Should you have any questions about the process of restricting access to your business’ social media accounts, securing ownership of your business’ social media accounts, or how to properly transfer (and document the transfer of) a social media account, or would like to schedule a free initial consultation, please contact Navigant Law Group, LLC at (847) 253-8800 or contact us online.
Navigant Law Group, LLC is a full-service law firm with various areas of service to assist your business, including: Employment Law, Intellectual Property, Commercial Real Estate, Litigation, and general Business Law services. Individual services include Estate Planning, Wills and Trusts, Probate, and Guardianship.
This article constitutes attorney advertising. The material is for informational purposes only and does not constitute legal advice.