Here at the Law Office of Vincent Miletti, Esq. and the home of the #UnusuallyMotivated movement, we take pride as a resilient and dependable legal services firm, providing such services in both a traditional and online, web-based environment. With mastered specialization in areas such as Employment and Labor Law, Intellectual Property (IP) (trademark, copyright, patent), Entertainment Law, and e-Commerce (Supply Chain, Distribution, Fulfillment, Standard Legal & Regulatory), we provide a range of legal services including, but not limited to traditional legal representation (litigation, mediation, arbitration, opinion letters and advisory), non-litigated business legal representation and legal counsel, and unique, online legal services such as smart forms, mobile training, legal marketing and development.
Still, we, here at Miletti Law®, feel obligated to enlighten, educate, and create awareness, free of charge, about how these issues and many others affect our unusually motivated® readers and/or their businesses. Accordingly, to achieve this goal, we have committed ourselves to creating authoritative, trustworthy, & distinctive content. Usually, this content is featured as videos posted on our YouTube Channel https://www.youtube.com/channel/UCtvUryqkkMAJLwrLu2BBt6w and blogs that are published on our website WWW.MILETTILAW.COM. With that, the ball is in your court and you have an effortless obligation to subscribe to the channel and sign up for the Newsletter on the website, which encompasses the best way to ensure that you stay in the loop and feel the positive impact of the knowledge bombs that we drop here!
As the authoritative force in Employment Law, it only seemed right to introduce one of the many upcoming series where we remain persistent in introducing a variety of topics, which will look to not only educate but also deliver in a sense that only Miletti Law® can. In this regard, this blog is titled “Reducing Trade Secret Misappropriation/Loss Risks: Key Aspects” and Part IV of our series on “Cybersecurity Measures to Protect Employers.” In Part III, we provided you a hands-on guide concerning the “Key Preliminary Steps for Reinforcing an Employer’s Cybersecurity Program.” As we continue hammering on and exploring other key issues of cybersecurity, we have provided you with an overview of key aspects of information security policies that could help an employer to reduce the risk of trade secret misappropriation/loss in this blog and Part IV of the series.
Reducing the Risk of Trade Secret Misappropriation/Loss: Key Aspects of Information Security Policies & Measures
Preventing the loss and/or misappropriation of trade secret and other confidential information goes hand in hand with reducing the risk of the same thing happening. As such, an employer may put in place, as part of information security policy, a variety of requirements and restrictions that would help minimize the risk of trade secret theft.
Putting in Place Requirements and Restrictions to Control:
- How and who should install, delete, download, remove, alter, or duplicate passwords, files, programs, data, or other applications
- Who should reveal or share passwords, files, or data and account information and with who
- Who should access proprietary information and network on non-secured Wi-Fi
- How any potential security breaches or violations of an employer’s information security policy should be reported and to who
- Who and when one should or should not use the employer’s server or network system to access personal e-email accounts
- Restrictions and regulations on BYOD (bring-your-own-device) policies
- How to encrypt and/or delete information stored on portable devices following the close of a business need
- How confidential information should be disclosed through the employer’s electronic resources
- The length of storage of confidential information in portable devices-and-
- How and who should store confidential information on any portable devices (including personal devices) or any computer’s hard or local drive.
Reserving the Right to Search, Investigate, and/or Inspect
Further, by overriding any access codes or passwords connected to employee’s e-mail accounts or work devices and having express access to such e-mail accounts and work devices, employers should also reserve the right to search, investigate, and/or inspect employee’s messages, voicemail, and/or files in addition to these requirements and restrictions. Additionally, while they should know that no one should raise a privacy concern with regards to how they use the devices for the purposes of communicating, employees should also be reminded that the devices assigned to them remains the property of their employers at all times.
Training Employees on how to Maintain the Secrecy of Trade Secrets
Employers should ensure that employees, especially those authorized to access confidential information, have been trained on how to protect and maintain the secrecy of trade secrets. Through training, employees gain skills and knowledge required concerning how to remain compliant with an employer’s cybersecurity policies and measures. Employee training is critical because an employer can demonstrate, in a court, that they took reasonable steps in protecting and maintaining the secrecy of trade secrets.
Insuring a Cybersecurity Program
Finally, an employer can insure their cybersecurity program as a way of reducing the risk of trade secret misappropriation and/or loss. Because it provides an employer with financial protection in the event of a cyberattack, cybersecurity insurance is vital as it helps to cover:
- Penalties & damages
- Defense costs
- Loss of income emanating from a cybersecurity breach
- Expenses and costs incurred in handling a cybersecurity breach, such as response costs and forensic fees-and-
- Coverage for liability to cybersecurity breach
Additionally, the employer could as well benefit from staff support and expertise on breach management as part of resources provided for joining an insurance provider’s network. Again, an employer may stand a chance to prevail in court by demonstrating that they met certain standards of cybersecurity and, thus, in line with the requirements of insurance companies, took reasonable steps in protecting their trade secrets. Nonetheless, before considering cybersecurity insurance, every employer should look into a number of issues and risks. For instance, an employer may lose control over how key business decisions related to their data breach response are made if such an employer is required to use the breach management team of the insuring company. Therefore, since insurance is a delicate matter, an employer should carefully look into this issue before contemplating to insure their cybersecurity program.
In Part IV of this series, we shall move the discussion forward and provide you with an overview of several “Vital Cybersecurity Initiatives Employers Should Take” as part of taking reasonable steps in protecting their trade secrets and confidential information. Five of these initiatives shall be discussed as individual blogs. Enjoy the bl to come!
In the meantime, stay tuned for more legal guidance, training, and education. In the interim, if there are any questions or comments, please let us know at the Contact Us page!
Always rising above the bar,
Isaac T.,
Legal Writer & Author.