How to Create a Security Perimeter to Prevent Competitor Intelligence Gathering - dummies

How to Create a Security Perimeter to Prevent Competitor Intelligence Gathering

By James D. Underwood

Any information left in plain view is fair game for your competitors, so you need to take reasonable precautions to secure sensitive information. The best place to start is outside the company property. Securing the perimeter ensures that no unauthorized personnel get close enough to access the information.

As a CI professional, you serve as trusted advisor. Your role on the security team is to point out vulnerable areas and perhaps offer your opinion on how to tighten security, but formulating and implementing security measures must start with the CEO and other members of the executive team.

How to control internal physical access to competitive intelligence data

In order to conduct business, you probably need to allow people to freely enter and exit the building, but you shouldn’t allow them to freely roam the halls and offices. To prevent unauthorized access to sensitive areas of your organization, implement the following security measures:

  • Never allow uncontrolled access to your organization. Make sure that visitors are always accompanied by an employee.

  • Set up secure entry points in key areas of the building to limit access to authorized personnel.

  • Be especially observant of individuals who bring cameras into your facility or are using their cellphones in sensitive areas. You may want to establish a policy of having all visitors turn off their cellphones or leave them in a personal locker before they’re allowed access to sensitive areas.

  • Require that all sensitive information be secured (locked) before an employee leaves his or her work area.

  • Make sure that no new product information, sales projections, or strategic planning documents are visible on walls or whiteboards in public view.

How to control social-networking access to your business information

Social networking is a valuable tool for connecting personally with current and prospective customers, but it also poses some risks. You don’t want just anyone posting on behalf of the company, engaging in flame wars with disgruntled customers, or sharing information about the organization’s future plans. The flow of information and how it’s presented publicly needs to be controlled internally.

Establish a social-media policy that addresses the following points:

  • Who’s allowed (and not allowed) to post content on behalf of your organization.

  • Who must approve content before it’s posted.

  • What types of information can and can’t be shared via social media.

  • How much freedom your organization has in monitoring social media use internally. Many companies are now requiring that employees allow them to routinely look at personal social-media sites as part of the firm’s ongoing security program.

How to use analytics to detect internal competitive intelligence leaks

A new generation of analytics tools now enables an organization to keep very close tabs on a lot of what is really going on in their organization. Here are some of the things that analytics can do:

  • Track themes and attitudes in the flow of information on the company’s e-mail.

  • Track file transfers into and out of the internal network.

  • Track phone traffic into and out of the organization and pick up on the themes and content of those calls.

CI and IT should work closely to develop systems that automate the process of preventing and detecting security leaks.

How to protect competitive intelligence against global industrial espionage

When doing business in the global economy, you’re often competing against companies that don’t follow the same rules and may be backed by government-sponsored intel agencies that arose out of military intelligence agencies or are even integral parts of those agencies. In other words, your global competitor may have access to intelligence capabilities that far exceed your own.

Expecting the worst and planning to defeat such capabilities may be your best defense against such actions. Here’s what you need to keep in mind when dealing with international competitors:

  • In most cases, international competitors throw ethics out the window when competing against companies in other countries. The company’s allegiance is to its country. You’re working for the enemy.

  • Numerous countries around the world have adopted the original government-industry model of Japan (described in the nearby sidebar). Even the United States is beginning to wake up to reality and use government intel to help U.S. companies stay competitive.

  • International competitors have access to highly technical and sophisticated resources that probably surpass your internal capabilities.