Insider Risk

Can you keep a secret?

By Veriato Team

Do you know what secrets your company has? Where they are stored? If they are protected?

I’m not referring to the affair going on between the sales rep and the graphic designer. We’re talking about Trade Secrets here.

According to USPTO.gov, trade secrets consist of information and can include formulas, patterns, compilations, programs, devices, methods, techniques or processes. To meet the most common definition of a trade secret, it must be used in the course of business, and it must provide at least an opportunity to obtain an economic advantage over competitors who do not know or use it.

Do you have any trade secrets? For some companies, the entirety of their success may be attributable to a trade secret. Think about the formula for Coca-Cola. Never patented. Never revealed. They’ve done a pretty good job of keeping the formula to themselves, and built a nice little business around it.

Now, not every company has a secret formula locked away. Every company does have a customer list, though. Is your customer list a trade secret? It might be.

Most court rulings on this seem to fall along the lines that a mere list of company names is not a trade secret, but a customer list that contains information about your customers that is not readily available to the public (for example, an insurance company that has information about the amount and type of insurance customers purchased, along with policy information) and / or that required significant investment to assemble is likely protectable under the Uniform Trade Secrets Act.

Customer information is typically pretty accessible within an organization. More often than not, the need for productivity overrules attempts to lock the CRM down tight. Sales, Marketing, Support, and Finance – at minimum – all have access. With access comes opportunity – if someone wants to take CRM data and get it off network, it’s just not that hard anymore in most places.

From a common sense perspective, if you believe it would harm your business if a sales rep resigned, and took your detailed customer information with them to a competitor, you should (a) protect your customer list and (b) look into injunctive relief from a court if you think this has happened to your business.

An important first step is to identify your trade secrets. A quick Google search for “identifying your trade secrets” will return a wealth of advice on this topic. Once you have your trade secrets identified, you can move on to protecting them. And if your goal is too secure without locking things down so tightly that productivity is hampered, we’ll be here to help.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Insider Risk & Employee Monitoring Resources

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Key Takeaways: Closing the Gaps in Traditional Security Tools: IAM, SIEM, and DLP are vital but insufficient in addressing insider risks. They focus on access control, event logs, and data protection without understanding the behavioral context that signals insider...

Insider Risk Management: Addressing the Human Side of Risk

Insider Risk Management: Addressing the Human Side of Risk

Key Takeaways: Proactive Over Reactive: Shifting from a reactive to a proactive approach is essential in managing insider risks. Continuous monitoring and analysis of human behavior are key to detecting potential insider risks before they escalate. The Power of AI:...