Five steps to guard against IP theft
October 29, 2015
By Salo Fajer Digital Guardian
Oct. 29, 2015 – For every manufacturing firm, sensitive data is the most valuable asset. If this critical information – in particular, intellectual property (IP) – is lost or stolen, manufacturers not only face significant fines and penalties, but also suffer a hit to their reputations and public trust. Most importantly, they risk losing their competitive advantage, which can lead to business failure.
Hackers are becoming more sophisticated and determined than ever before, as we’ve witnessed in the latest high-profile data breaches to major retailers and government agencies. Hitting closer to home, a study found that more than one in five manufacturing firms reported a loss of IP in a cyber-attack in 2014. Additionally, the study revealed that IP and internal operational information are the two types of data that manufacturers most fear losing.
When thinking like a hacker, getting one’s hands on IP – whether in the form of confidential business plans, designs or formulas – is almost always the attackers’ intent. It’s important to remember: they are not after any devices – they’re after the data that contains sensitive proprietary information and IP. Once they’ve successfully breached a target company’s systems and located the sensitive data, they will attempt to exfiltrate it. After the data is in their hands, there are several monetization schemes that can lead to profit, including reselling the stolen IP to a third party, which could be a competing corporation or another nation-state with competing global markets.
Below are five steps that can be immediately implemented to ensure manufacturing firms are better prepared to secure their IP and other business-critical data:
1. Encrypt sensitive data
Encrypting sensitive data is critical to protecting IP. Using encryption helps protect the confidentiality of information on a network, by making it difficult for an unauthorized user to decrypt or make sense of the data if they intercept it in transit.
Encryption should be full disc and file-based for endpoints, in addition to enforcing encryption for emails and devices. Although encryption isn’t a full-proof method and there are ways of cracking it, it can go a long way to safeguarding sensitive data if it falls into the wrong hands.
2. Use data protection software
Antivirus software is not enough for attackers who are targeting IP. They use more sophisticated methods to penetrate systems and exfiltrate sensitive data, and antivirus software can be easily bypassed during these attacks. Use data protection software that resides on the kernel level of endpoints and provides full visibility of all data being accessed and transmitted. The software should have the capability to fully lock-down confidential data, both structured and unstructured, and place enforcement policies on it to completely prevent it from leaving the corporate IT environment.
3. Practice good password hygiene
Reusing passwords (or slightly modified passwords) across different accounts is a major concern during a breach. Attackers will attempt to access multiple accounts (such as cloud storage drives, Windows credentials, etc.) by using password credentials obtained for a single, original account. If employees reuse passwords, a simple credential breach of a non-sensitive account grants hackers access to the manufacturing companies’ corporate network. Practice good password hygiene and use complex combinations and different logins across every account.
4. Regularly monitor activity across user accounts
Monitoring user behaviour for anomalous or suspicious activity is a quick way to detect a breach before it can cause damage. If suspicious activity is identified, all parties involved should be notified immediately. Even with other protections in place, vigilant monitoring is often the fastest way to identify a compromise. Be on the lookout for signals such as credentials being used on multiple machines, employees accessing databases they’ve never accessed before, or employees logging in at off-hours when they normally wouldn’t be conducting business.
5. Recognize and avoid phishing attacks
Social engineering tactics, particularly phishing attacks, are a popular tactic for cyber criminals. It’s often faster and easier for an attacker to trick another person into taking a desired action rather than conducting complex hacks themselves. Phishing attacks typically have telltale signs like unfamiliar senders, strange domain names, spoofed webpages or emails, and messages with links or attachments that weren’t requested. Train employees to better identify phishing attacks, and avoid messages that appear suspect.
In today’s competitive global economy, IP is key to manufacturers’ success. To excel in the industry, data protection – even if it’s as simple as password hygiene and patch management – must be implemented across all internal departments and third-party contractors, who also handle IP. This is your business’s crown jewel, so protecting it should be prioritized across the entire organization.
Salo Fajer is chief technology officer at Digital Guardian, driving the company’s strategic vision and core innovation efforts while also overseeing product management, product marketing and product content development. He has more than 25 years of experience in the industry, having held diverse technical leadership roles in product management, operations, consulting, and sales engineering.