The spy who came in from the kitchen…

published in McAfee & Taft EmployerLINC | February 4, 2015

By Rachel Blue

work-from-homeOffering workers the opportunity to work from home has many benefits for both the employee and employer, but it can bring challenges as well. One challenge is handling trade secrets, which are defined as any information that gives some competitive advantage to a company, isn’t generally known, and can’t be obtained legitimately from an independent source.

In order to keep a trade secret, you must safeguard it from release. Traditionally, the corporate jewels were protected by locked doors, file cabinets and security systems. Now that an employee is just as likely to be working from a kitchen table as an office cubicle, it’s harder to lock up information. Here are a few suggestions for securing sensitive information when employees work at home:

  1. Secure access: Require employees who work remotely to use VPN or other secure access procedures that work smoothly to access your secure server. Reconsider overly cumbersome or dysfunctional access procedures. Those can encourage employees to develop workarounds that defeat the purpose of the secure system. If you have a BYOD (Bring Your Own Device) policy, be sure employees understand that using their own devices doesn’t mean the information on those devices becomes theirs.
  2. Set permissions: Classify digital data (e.g., public, confidential, eyes only) and keep track of employee clearance levels so that you know who can access each type. This will help you narrow the pool of suspects if a theft occurs.
  3. Utilize software tools: Programs like LOCKlizard or Vitrium allow you to lock document files, stop screenshots, watermark documents, and log document views.
  4. Employee training: Be clear about your expectations of employees in your employment agreements and written policies. Teach employees to recognize warning signs of information theft and set up a way to report potential problems anonymously.
  5. Lock & Key: Review the environment that the employee is working from. Is the level of physical security in that environment appropriate for the information the employee has access to Do others in the household have access to devices where work is stored? Is there a security system? Working remotely may not be appropriate for employees that work extensively with sensitive information.

There are penalties, both civil and criminal, for trade secret theft. However, once that valuable information is gone, no law can make it secret again. It’s better to prevent the theft from occurring in the first place.