E-Book, Englisch, 288 Seiten
Security Securing Intellectual Property
1. Auflage 2008
ISBN: 978-0-08-094141-7
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
Protecting Trade Secrets and Other Information Assets
E-Book, Englisch, 288 Seiten
ISBN: 978-0-08-094141-7
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
Most employeers are astounded at how easily and quickly their proprietary information can get out of their control. In a large number of cases, theft of trade secrets often involves employees leaving a company to start their own business or work for a direct competitor.
Nearly all books that address the topic of trade secrets have the 'spy vs. spy” perspective. The author approaches the topic from a practical business perspective and not simply creating 'paranoia” for paranoia's sake. The material for this book comes from the author's extensive work experience as a computer forensics consultant and manager on numerous theft of trade secrets cases.
No-nonsense solutions to the most common intellectual property problems facing security managers, computer security professionals, corporate legal counsel, and human resource managersSample agreements and forms that address specific business needsCoverage of threats ranging from physical security lapses to hackers to social engineering
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Securing Intellectual Property;4
3;Copyright Page;7
4;Contents;8
5;Preface;16
5.1;References;18
6;Chapter 1: Elements of a Holistic Program;20
6.1;Introduction;21
6.2;False Memes Lead People the Wrong Way;21
6.3;From the Industrial Age to the Information Age;21
7;Chapter 2: Trade Secrets and Nondisclosure Agreements;26
7.1;Introduction;27
7.2;Contents;27
7.3;What Is a Trade Secret?;27
7.4;Basis of Trade Secret Law;27
7.4.1;Trade Secret Law vs. Contractual Protection of Confidential Information;28
7.4.2;Technology as a Trade Secret;29
7.4.2.1;Source Code as a Trade Secret;29
7.4.2.2;Product Ideas-Flying under the Radar Screen;29
7.4.3;Confidential Business Information;30
7.4.4;Confidential Information from Third Parties;30
7.4.5;Limits to Trade Secrets;30
7.4.6;How Long Trade Secrets Last;30
7.4.7;Patents vs. Trade Secrets;30
7.4.8;Can More Than One Company Have the Same Trade Secret?;31
7.5;Care and Protection of Trade Secrets;31
7.5.1;One Person in Charge of Confidentiality Measures;32
7.5.2;Controls on Access to Confidential Data;32
7.5.3;Entry Control and Badges;33
7.5.4;Confidentiality Legends on Documents, Code, and Other Data;33
7.5.5;Agreements with Third Parties to Protect Confidentiality;34
7.5.6;Confidential Undertakings by Employees and Contractors;34
7.5.6.1;Employee Guidelines;35
7.5.6.2;Speeches, Paper, and Presentations;35
7.5.6.3;New Employee Orientation;35
7.5.6.4;Exit Process;35
7.6;Nondisclosure Agreements and Confidential Disclosure;36
7.6.1;Mutual or Unilateral NDAs;36
7.6.2;Defining “Confidential Information”;37
7.6.3;What Written Information Is “Confidential Information”?;37
7.6.4;What Oral or Visual Information Is “Confidential Information”?;38
7.6.5;Carve-Outs from Confidential Information;38
7.6.6;Prohibition of Disclosure;39
7.6.7;Use of Confidential Information;39
7.6.8;When Does Protection Time-Out?;39
7.6.9;Risks from Others’ Confidential Information;40
7.6.10;Two-Stage Disclosure;40
7.6.11;Watch Out for “Residuals” Clauses;40
7.6.12;Are There Oral Agreements for Nondisclosure?;41
7.6.13;Disclosure Agreements that Are the Opposite of NDAs;41
7.6.14;When You Negotiate a Deal, Should NDAs Be Superseded?;42
7.6.15;Confidentiality Clauses Generally;42
7.7;Violations of Trade Secret Law;42
7.7.1;What Is Illegal under Trade Secret Law?;43
7.7.2;What Is Not Illegal under Trade Secret Law?;43
7.7.3;What if Trade Secrets Are Disclosed?;43
7.8;Dealing with Violations of Trade Secrets;43
7.8.1;Remedies Short of Litigation;44
7.9;Is Taking Trade Secrets a Crime?;45
7.10;Can Software Trade Secrets Be Licensed or Sold?;45
7.11;Use of Counsel in Managing Trade Secrets;46
8;Chapter 3: Confidentiality, Rights Transfer, and Noncompetition Agreements for Employees;48
8.1;Introduction;49
8.1.1;Note on Terminology;49
8.1.2;About Employment Law Generally;50
8.2;Contents of Employee Agreements;50
8.2.1;Confidentiality Provisions;50
8.2.1.1;Definition of “Confidential Information”;51
8.2.1.2;Regarding Use and Protection of Confidential Information;51
8.2.1.3;Confidentiality and Pre-Employment Communications;52
8.2.1.4;Provisions in Aid of Enforcement;52
8.2.2;Capturing Intellectual Property Rights;53
8.2.2.1;Special Rule for California and Certain Other States;54
8.2.2.2;Cooperation in Rights Transfer;55
8.2.2.3;Documents and Records;55
8.3;Noncompetition and Nonsolicitation Provisions;55
8.3.1;State with Limitations on Restrictive Covenants;56
8.3.2;About Consideration;56
8.3.3;Getting Employees to Sign;57
8.3.4;Enforceability of Provisions;57
8.3.4.1;Nature of the Employment;57
8.3.4.2;Reasonable Scope and Duration;58
8.3.4.3;Noncompetition Clause;58
8.3.4.4;Automatic Extension of Restricted Period;59
8.3.4.5;“Blue Pencil”;59
8.3.5;Enforcement of Noncompetition Agreements by Employers;59
8.3.5.1;Do Not Delay in Addressing a Breach;59
8.3.5.2;Remedies Short of Litigation;60
8.3.5.3;Preliminary Injunction;60
8.3.6;Obtaining Assurance of the Absence of Conflicting Prior Agreements;60
9;Chapter 4: IT Services—Development, Outsourcing, and Consulting;62
9.1;Introduction;63
9.2;In This Chapter;63
9.3;IT Consulting Business Model;63
9.4;Development Deals;64
9.4.1;Why Outside Development?;64
9.4.2;Scale of Development Deals and the Development Forms;65
9.4.3;Development Can Be a Risky Business;65
9.4.4;Need for Planning and Risk Management;67
9.5;Process Overview;67
9.6;Writing and Responding to RFPs;68
9.6.1;Elements of an RFP—From the Customer’s Point of View;68
9.6.2;Responding to RFPs—From the Developer’s Point of View;70
9.7;Agreement;71
9.7.1;Getting the First Draft on the Table;71
9.8;Structure of a Development Agreement;71
9.9;Development Planning;72
9.9.1;What Is to Be Delivered to the Customer?;73
9.9.2;Requirements for Providing the Deliverables;73
9.9.3;Software and Data to Be Provided for Use in Development;73
9.9.4;Oversight and Management;74
9.9.5;Price and Costs;74
9.9.6;Acceptance;74
9.9.7;Postacceptance;74
9.9.8;“Detailed Design”;74
9.9.9;Dealing with Informal Specifications;75
9.9.10;Project Management Provisions;75
9.9.11;Personnel Assigned to Development;76
9.9.12;Change Management Provisions;76
9.9.13;Acceptance Procedures;77
9.9.14;Payment Provisions;77
9.9.14.1;Milestone-Based;77
9.9.14.2;Time and Materials;78
9.9.14.3;Combinations and Variations;79
9.9.15;Right Schedule;79
9.9.16;Intellectual Property—Ownership and/or License;79
9.9.17;What Intellectual Property Is at Stake?;80
9.9.17.1;Copyright in the Software;80
9.9.17.2;Patentable Inventions;80
9.9.17.3;Trade Secrets;80
9.9.17.4;Goals in Negotiating Intellectual Property Clauses;81
9.9.17.5;Common Means to Deal with Intellectual Property in Agreements;81
9.9.17.5.1;Developer Owns/License Grant Clause;82
9.9.17.5.2;Work-Made-for-Hire Clause/Patent Clause;82
9.9.17.5.3;Foreground Intellectual Property and Background Intellectual Property Clause;83
9.9.17.5.4;Other Variations;84
9.9.18;Avoiding Jointly Owned Intellectual Property;85
9.9.19;When the Web Developer Is Also Providing Web Hosting?;85
9.9.20;Subcontractors;86
9.9.21;Noncompetition Clauses;86
9.9.22;Provisions on Confidential Information;86
9.9.23;Training and Support;87
9.9.24;Warranties;87
9.9.25;Disclaimers and Limitations;87
9.9.26;Date Processing (Y2K) Warranties;87
9.9.27;Open Source Provisions;88
9.9.28;Intellectual Property Warranties and Indemnities;88
9.9.29;Insurance;89
9.9.30;Clause on Customer Nonsolicitation of Developer Employees;90
9.9.31;Termination;90
9.9.32;Dispute Resolution;91
9.9.33;Boilerplate Provisions;91
9.10;About Offshoring;92
9.10.1;Other Types of Consulting Businesses and IT Services;93
9.10.2;Legal Issues in Development and Consulting Businesses;94
9.10.2.1;Employment Issues;94
9.10.2.2;Building a Brand;94
9.11;Conclusion;95
10;Chapter 5: How to Sell Your Intellectual Property Protection Program;96
10.1;Introduction;97
10.2;Questions to Ask and People to Approach;98
10.3;What Is Your Business Differentiation from Your Competitors?;99
10.3.1;Who Do You Have to Protect These Differentiators From?;100
10.3.2;What Are the Probabilities in Terms of Likely Attackers, Targets, and Objectives?;101
10.3.3;If the Competition Obtained or Tampered with Your Intellectual Property, What Harm Would Be Done?;102
10.3.4;What Security Measures Would Be Cost-Effective and Business-Enabling?;102
10.4;Notes on Figure 5.1;103
10.5;Notes on Figure 5.2;104
10.5.1;Executives and Board Members;104
10.5.2;Research and Development;104
10.5.3;Manufacturing;104
10.5.4;Sales and Marketing;105
10.5.5;Human Resources;105
10.5.6;Operations;105
10.5.7;Risk Identification;105
10.6;Implications of IP loss;106
10.7;Notes on Figure 5.3;107
10.7.1;Implementation Plan;107
10.7.2;Potential Inhibitors;107
10.7.3;Identified Milestones;108
10.8;Notes on Figure 5.4;108
10.9;Notes on Figure 5.5;109
10.9.1;Executive Commitment;109
10.9.2;Business Value Statement;109
10.9.3;Notes;110
11;Chapter 6: Case Study: The Mysterious Social Engineering Attacks on Entity X;112
11.1;Introduction;113
11.2;Fundamentals of Social Engineering Attacks;114
11.3;The Mysterious Social Engineering Attacks on Entity Y;116
11.4;Guidance for the Workforce;118
11.4.1;How to Recognize Elicitation;118
11.4.2;How to Handle the Caller;119
11.4.3;How to Report the Incident;119
11.4.4;General User-Oriented Guidance on How to Detect and Defeat Social Engineering;120
12;Chapter 7: When Insiders and/or Competitors Target a Business’s Intellectual Property;122
12.1;Introduction;123
12.2;Lightwave Microsystems;123
12.3;America Online;124
12.4;Casiano Communications;125
12.5;Corning and PicVue;126
12.6;Avery Dennison and Four Pillars;127
12.7;Lexar Media and Toshiba;129
12.8;SigmaTel and Citroen;131
12.9;3dGEO – China;132
13;Chapter 8: When Piracy, Counterfeiting, and Organized Crime Target a Business’s Intellectual Property;134
13.1;Introduction;135
13.2;Technology Counterfeiting;138
13.3;The Apparel Industry;139
13.4;The Entertainment Industry;140
14;Chapter 9: Physical Security: The “Duh” Factor;142
14.1;Introduction;143
15;Chapter 10: Protecting Intellectual Property in a Crisis Situation;160
15.1;Introduction;161
16;Chapter 11: Top Ten Ways to Shut Down Hackers;168
16.1;Introduction;169
16.2;Go Undercover;169
16.3;Shred Everything;169
16.4;Get Decent Locks;170
16.5;Put that Badge Away;171
16.6;Check Your Surveillance Gear;171
16.7;Shut Down Shoulder Surfers;171
16.8;Block Tailgaters;172
16.9;Clean Your Car;172
16.9.1;Watch Your Back Online;172
16.10;Beware of Social Engineers;173
17;Appendix 1: Mutual Non-Disclosure Agreement;174
17.1;Introductory Note;175
17.2;Mutual Non-Disclosure Agreement;175
18;Appendix 2: Evaluation Agreement (Pro-Recipient);180
18.1;Introductory Note;181
18.2;Evaluation Agreement;181
19;Appendix 3: Employee Agreement;184
19.1;Introductory Note;185
19.2;Employee Agreement;185
19.2.1;Exhibit A;192
19.2.2;Exhibit B;193
19.2.3;Exhibit C;194
20;Appendix 4: Software Development Agreement;196
20.1;Introductory Note;197
20.2;Software Development Agreement;197
20.2.1;Schedule - Specifications;216
20.2.2;Schedule - Milestone and Payment Schedule;216
21;Appendix 5: Software Consulting Agreement (Favors Consultant);218
21.1;Introductory Note;219
21.2;Software Consulting Agreement;219
21.2.1;Schedule 1;227
21.2.2;Schedule of Work;227
22;Appendix 6: Software Consulting Agreement (Favors Customer);228
22.1;Introductory Note;229
22.2;Software Consulting Agreement;229
23;Appendix 7: Web Site Development Agreement;240
23.1;Introductory Note;241
23.2;Web Site Development Agreement;241
24;Appendix 8: Web Hosting Agreement;252
24.1;Introductory Note;253
24.2;Web Site Hosting Agreement;253
24.3;Schedule A;263
24.4;Schedule B;264
24.5;Schedule C;265
24.6;Schedule D;267
25;Appendix 9: U.S. Department of Justice Checklist for Reporting a Theft of Trade Secrets Offense;268
25.1;United States Department of Justice;269
25.1.1;Checklist for Reporting a Theft of Trade Secrets Offense;269
26;Index;274
