The protection of intellectual property in the manufacturing industry is becoming more and more important because of global economic ties.
- The law for the protection of trade secrets is intended to protect knowledge and information in the company.
- Companies are now also entitled to the destruction, disclosure, and recall of trade secrets and removal and withdrawal from the market.
- There are three basic measures that companies can take to protect themselves from the disclosure of secrets.
In cyberattacks by social engineering, employees are manipulated to induce them to divulge information or infiltrate spy software unwittingly. The law for the protection of trade secrets , which came into force in 2019, is intended to protect know-how and information in the company from “unlawful acquisition as well as unlawful use and disclosure”. On the one hand, this requires improved protection for companies and, on the other hand, the need to take advantage of this protection.
Table of Contents
Trade Secrets Act: Take Action and document
Trade secrets are now intended to offer companies better protection against and against disclosure of secrets. In addition to the already existing right to removal, omission, compensation and information, you now also have the right to destruction, surrender, recall or removal and withdrawal from the market. In return, companies must take effective measures and document them thoroughly. Without IT support, these measures can hardly be implemented efficiently.
Strict Adherence To A “Least Privilege” Regulation In The Company
According to this, everyone should only have access to the information they need for their work. However, the manual implementation of this regulation is often very complex and associated with risks. Employees change roles or departments, leave the company or are represented on vacation.
The use of professional access rights management systems (ARM) is recommended so that this change can be mapped seamlessly in the rights distribution at any time. This allows the current access status in the company to be kept up-to-date in a simple and largely automated manner at any time. The aim is to ensure that all required persons have short-term access to data relevant to them while at the same time protecting all data from unauthorized access.
Greater Attention To Information Behaviour Of Employees
The greatest threat to corporate secrets is employees. SolarWinds new cybersecurity study found that internal user errors accounted for by far the largest percentage of cybersecurity-related incidents at 80 per cent over the past twelve months. Companies, therefore, need to become more vigilant about employee activities.
In addition to implementing basic access controls and network management solutions, automated monitoring of user activity with the help of a “Security Information and Event Management” solution, or SIEM for short, can quickly alert security officers to suspicious activities and enable them to react quickly to security threats.
Trade Secret Law: Compliance-Compliant Documentation
The Trade Secrets Act also attaches great importance to the legal claims that companies can make due to the betrayal of secrets discovered – even across national borders. However, to assert these claims, they must be documented in compliance with the requirements. Due to the constant change in companies, it is almost impossible to keep this documentation up to date by hand at all times.
Automated IT solutions are also recommended here, which automatically record all changes and make them available in an audit-proof manner. Such solutions often exist in combination with the access management solutions mentioned above. Compliance requirements for handling confidential data can thus be adhered to more easily.
In this country, the manufacturing industry lives from its ideas – if these are stolen, industry loses its world-famous lead. It is, therefore, to be welcomed that these ideas are now better protected by the legislature. However, implementing this law can be time-consuming in practice – every IT professional knows how complex access rights management is. Therefore, the machine-builders should get support from automated IT solutions. This not only helps secure your infrastructure but can also help small and medium-sized companies in particular to advance digitization.