Anyone with access to company secrets can disclose those secrets to someone else. Many individuals likely have access to company's trade secrets. The most obvious examples are company insiders, such as employees, contractors and consultants, who must have access to information and sensitive areas to do their jobs. Joint venture and other business partners also have access to sensitive information. Visitors come and go on a regular basis. To protect trade secrets from disclosure, the company should put in place security measures that reduce the risk that trade secrets will be disclosed to outsiders.

Most company insiders, such as employee, contractors and consultants, are loyal and protective of the company, but insiders typically pose the great threat. They have the most access and the greatest appreciation for the value of the information at their disposal. A disgruntled employees may be tempted to take information to new employer or to do something that he feels will hurt the company. A few steps can reduce the risk of disclosure by insiders to the company:

  • Discuss confidentiality obligation and require execution of confidentiality agreement at the time of hiring of the employee or contractor
  • Require execution of confidentiality agreement at time of hiring
  • Establish an email and computer usage policy, inform employees and contractors of the policy and use it to monitor suspicious behavior, such as unusual computer or email usage especially in the last few weeks of employment
  • Educate employees and contractors regarding the types of information the company deems to be confidential.
  • Instruct employees and contractors how to treat confidential information and report suspected disclosures
    • Forbid the communication of such information over e-mail.
    • Remind attendees at meetings where confidential information is discussed to keep the material confidential
    • Mark documents, computer discs and other tangible media "Confidential – Property of _____________" including meeting minutes, notes and presentations used in meetings wherein confidential items are discussed
    • Use "confidentiality" legends, warnings and agreements
    • Use copy protection and/or embedded codes to trace copies
    • Shred discarded copies
    • Lock up or otherwise secure sensitive information
    • Use identification and password protection to protect confidential information in electronic form and use copy protection to protect hard copies Provide a confidential hotline or other mechanism to report violations and/or disclosures
    • Periodically refer and remind employees and contractors of the policy
  • Limit access and distribution of confidential information to those who "need to know" and are "trustworthy to protect" and take technical precautions, such as dividing the system into steps handled by different individuals or departments to reduce the exposure if one employee leaks information
  • Use chain of custody documents for models and prototypes
  • Enforce the rules and policies governing protection of confidential information and identify a senior executive responsible for compliance Review materials to be disseminated to the public, such as marketing materials, scientific and technical articles to ensure that trade secret information is not being disclosed
  • Conduct exit interviews reminding employees or contractors of the obligation of confidentiality and securing their signature on a acknowledgement of their obligation; collect all confidential information and determining the departing employee's responsibilities in his or her new position may be similar that the new position is likely to result in inevitable or probable disclosure of the company's trade secrets
    1. remind the employee of his confidentiality obligation
    2. obtain a signed acknowledgement of the obligation
    3. provide the employee with a copy of the confidentiality agreement signed at hiring
    4. provide written notice to employee and, if applicable, new employer of the now former employee's confidentiality obligations
    5. collect all confidential information in the possession of the employee and all cards, ID, etc. that permit the employee access to confidential information and cut off access to email and other electronic information

Because insiders can have enormous access to critically important trade secrets of an organization and with the ever increasing mobility of employees and the ease of transferring enormous volumes of electronic information increases the threat that these insiders pose to the organization. Nevertheless, a diligent and consistent effort to inform and educate employees and contractors and to enforce company policies relating to the use and dissemination of trade secrets can dramatically reduce the risk of their inadvertent or intentional disclosure to outsiders.