Blog

The IP Protection Capability More Manufacturing IT Leaders Wish They Had

Data security Insider threat IP Theft Sensitive Unstructured Data

 

Photo: Federal Courthouse in Portland, OR

Global manufacturers in innovation-driven industries are ramping up their document protection against intellectual property theft.

Can you guess what tops their priority list when selecting or expanding enterprise-wide digital rights management (DRM)? Here’s a hint.

But first, a quick look at the court dockets. Did you hear about that lawsuit filed by Intel in February against a former employee who joined Microsoft?

Talk about an IP theft textbook case. Intel accuses [PDF] a former product marketing engineer of exfiltrating “highly confidential, proprietary, and trade secret information” on his way out the door – to Microsoft.

So far, so common. That’s true even in the most security-conscious companies, as this most recent example shows. It highlights how a combination of three factors poses mounting risks to the IP of many tech and manufacturing companies: 

  • blurred IT and security perimeters with a plethora of unmanaged (storage) devices,
  • increasing competition, coopetition, and fluctuation of engineers and other key personnel with access to trade secrets between competitors,
  • the inability to centrally monitor, control, and police how employees access sensitive documents, especially when they leave the company.

It’s at that point where the IP protection capability mentioned in the title of this post can make all the difference; we’ll get to that in a minute. But first, let’s look at what allegedly happened when the Intel engineer left the company after ten years in January 2020.

What did he allegedly do, and how? The company alleges that on his last day on the job, the employee downloaded roughly 3,900 files from a company computer “to a personal Seagate FreeAgent GoFlex USB drive.”

Bar chart image with IT Security Alert Fatigue research results
Insider threats: How can almost 4,000 sensitive files get downloaded from a company-issued computer to an unmanaged device without anyone noticing? One possible – and common – explanation is alert fatigue. Data Source: Cloud Security Alliance

 

3,900 confidential files walk out the door at Intel

Hm, what? And he walked out the door with it where, and why? Fast forward to February 2021:

In the federal court filing [PDF], the plaintiff claims that the defendant – now Principal of Strategic Planning in Microsoft’s Cloud and Artificial Intelligence department – “used the confidential information and trade secrets he misappropriated […] in head-to-head negotiations with Intel concerning customized product design and pricing for significant volumes of Xeon processors.”

Ouch. Yes, these are only allegations so far. They yet have to be proven in court. 

But however the jury finds in the end, the court filing is remarkable for what it reveals between the lines. Intel’s lawyers credit Microsoft and its forensic investigators for helping to unearth the “full breadth” of the alleged deeds.

Which gets us to the main point of this post: 

 

Was this IP protection failure preventable?

Granted, hindsight is 20/20. Yet from an IP protection perspective,  one could argue that all of this would have been entirely preventable. 

How do we know, you ask? Coming right up, it’s all laid out right there in the court filing. Intel, if we believe the lawyers, had insufficient visibility into and no control over an (ex-) employee’s access and use of sensitive proprietary files. And indirectly, the company admits as much. 

For example, the lawsuit alleges that once at Microsoft, the former Intel employee “accessed, viewed, opened or otherwise interacted with more than one-hundred documents taken from Intel […] at least 114 times” from his company-issued Microsoft Surface laptop.

Mind you, Microsoft’s helpful forensic investigators unearthed these (incomplete) insights only after the fact, according to Intel’s grateful lawyers.

Had the individual files been encrypted and their use governed by centralized policy management from the get-go, the engineer’s access would have ended with his tenure at Intel.

 

The case for DRM with centralized policy management

Cases like this should not come as a surprise. We’ve seen a rising wave of similar insider-related incidents over the past three years. The tech and mobility industries are bearing the brunt of the attacks.

The threat has caused more IT leaders to deploy enterprise DRM (also known as Information Rights Management, IRM). This file-centric, people-centric, and platform-agnostic approach enables organizations to protect unstructured data at rest, in transit, and in use.

Think MS Office documents, PDF files, images, or CAD designs, for instance. They are encrypted at the point of creation. The protection applies wherever a file is stored or moves to, inside or outside the organization’s perimeter.

File use can be monitored, access policies and permission levels centrally managed by IT, risk officers, and HR, and flexibly adjusted on a granular level by the data owner.

Let’s take a product design file protected by Fasoo Enterprise DRM, for example. It will check back in the background with a central Fasoo server when someone tries to access it. Does this user still have the proper authorization to open, copy, download, or print the document?

If not, it doesn’t matter if a former employee took it home on a portable hard drive or USB stick – IP protection is ensured. The document is worthless for whatever that person wants to do with it, locked with FIPS 140-2 level encryption that meets the requirements of the Cryptographic Module Validation Program (CMVP) of the US government. 

 

Nothing to see here after HR and IT flip the switch

In summary, file-centric document protection makes IP “misappropriation,” as alleged in the case brought by Intel, impossible.

Overview image: File-centric encryption and control with Fasoo Enterprise DRM

Centralized yet flexible and painless policy and exception management are among the top priorities for document protection program leaders when choosing an enterprise DRM solution, they tell us. Fasoo Enterprise DRM empowers IT, in coordination with HR, to set and change document use policies in sync with users’ employment lifecycle, from onboarding to the last day at work.

One global technology manufacturer that is leveraging enterprise DRM to protect its IP is Fasoo customer ZF Group. This automotive industry supplier with 240 locations in 41 countries now deploys Fasoo Enterprise DRM to secure critical IP, such as CAD drawings and process information, across its global tech centers.

“Before, we had a few incidents where engineers with years of insider knowledge and access to documents left and joined a competitor,” said Markus Fischer, VP Engineering at ZF Group’s Active Safety Systems division in Livonia, Michigan.

“As a company, you spend years training engineers in the ways you do things, and they get access to your most intimate know-how and process knowledge,” he explained. “You cannot just block them; they need it. But you also need to be able to quickly adjust access privileges on a granular level, without delay.”

“It’s a fine line to walk,” Markus told us. “You have to find the right balance between maximum IP protection on one side, and productivity on the other. Fasoo helps us maintain this balance.”

*

To learn more about how to prevent intellectual property theft and leakage in manufacturing and supply chain environments while maintaining a competitive edge, watch our Fireside Chat at Apex Assembly Tech Leaders Northeast Summit on March 30th, 2021 with GE Gas Power cybersecurity researchers Hillary Fehr and Christopher Babie.