Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Council Teleconference: Application Rationalization — Hidden Costs and Smart Decisions
November 17 at 11:00 am US/Eastern (GMT-5)
Join Honorio Padrón, of The Hackett Group, who will share the drivers for companies to tackle application rationalization and the results of research that define the hidden cost of complexity. Additionally, we will discuss key decision milestones—to start or not, holding the course steady and fulfilling expectations.
Virtual Desktop Cost-Benefit Analysis — Michael Jacobs, Catlin Group
The analysis contained in this presentation measures the cost of everything from the machines and licenses to the infrastructure for virtual vs. traditional desktop environments.
Honor your best senior team members - Apply for the CIO Ones to Watch Award
Get well-earned public recognition for your top up-and-coming team members, your IT organization and your enterprise. Award winners will be announced, publicized and feted in May 2010, great timing to help attract new IT recruits to your company.
Learn more about the CIO Executive Council »
IT Security: A Practical Approach to Protecting Trade Secrets
Trade secret protection depends upon close cooperation between IT security and your company's lawyers.
November 11, 2009 — CIO —
Trade secrets are increasingly becoming a company's most valuable assets, and not surprisingly, threats to those assets have increased concomitantly. The greatest threat to company data is, of course, not outsiders but a company's own employees A company's ability to protect against rogue employees (as well as against unintentional harm) is governed by both federal and state laws, which vary by jurisdiction and, worse, are in a state of flux in many of those jurisdictions.
As with most security challenges, it isn't possible to eliminate the threat. But working together, your IT department and company counsel can and should maximize the establishment and implementation of trade secret protections. Here's how:
Define the Problem
Your company must understand the scope of the problem in order to mitigate its effects. A "trade secret audit" —which includes steps similar to those in any security audit—is a critical tool your company can use to ascertain what confidential information it currently has. Confidential information is defined more broadly than true trade secrets.
To read more on this topic see: Fed Agencies Push New Security Audits and More Than Half of Fired Employees Steal Data.
Though they come in all shapes and sizes, most trade secret audits include the following elements: (i) determination of which information ought to be protected; (ii) review of the procedures already in place to protect that information; and (iii) analysis of the sufficiency of those protections, including identification of gaps in the existing protections, both generally and as applied to the specific information to which the gaps pertain.
The sufficiency of the existing protections turns largely, on the value of the information along with the practical need for and cost of properly protecting it. For example, while Coca-Cola quite properly takes extraordinary measures to protect the secret formula to Coke, no one would expect Coca-Cola to take similar measures to protect trade secrets with only marginal value.
Establish a realistic protection program
After your company has completed assessing the scope of the problem, you can develop a comprehensive protection program. Such a program commonly involves a combination of policies, procedures, and contracts, as well as the IT infrastructure necessary to support each. While these programs share many general characteristics, each is unique to the particular requirements of your company, including the nature of your company's confidential information, the number and circumstances of your company's current and planned personnel, your company's corporate culture, available financial resources, and overall IT infrastructure. In its most basic form, a proper protection program involves:
Upgrading to VMware vSphere with vWire
Using ERP To Gain Competitive Advantage in a Tough Economy
Why BI is Ripe For Businesses of Any Size
Oracle Accelerate
Powerful Software Solutions for Midsize Companies
Today's Risky Data Environment
Extending Client Refresh - 11 Steps to Maximize Savings
CIOs Weigh In On Virtualization
Jim Malone, Editorial Director of CXO Media's C...
Beyond Installing ITPM Software: How a global company reduced risk and successfully implemented ITPM
IT Consolidation Made Easy
Taking a Seat at the Executive Table: The Reality of Virtualization
Who Are the Data Center Leaders?
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Global Warming Research Exposed After Hack
Silicon Valley Abuzz About Tech Video That Lets You Command a Computer With Gestures
Two Approaches to NFC Battle for French Hearts and Mobiles
Palm Pixi Smartphones Now Just $25
FCC: Internet Program for Deaf Cheated Out of Millions
Judge Sets Schedule for Google Book Search Case
Twitter Geotagging: What You Need to Know
Twitter Turns on Geolocation Functionality
Some Nook E-Readers Won't Make it for the Holidays Either
Google's Chrome OS Hits BitTorrent
