Technology and “bring your own device” (BOD) have made it easier for employees to make confidential business information vulnerable to view by a competitor or others. Perhaps an employee moved customer contact information to their smartphone, e-mailed marketing plans to their personal email, to a third party, or transferred documents to a flash drive.
This has become an especially relevant worry now that some 80% of Americans are under shelter-in-place orders and are working remotely. Concerns have even been raised about the safeguarding of information when using videoconferencing software such as Zoom or GoToMeeting.
Protecting Your Confidential Information
With this sudden proliferation of remote work, companies should consider taking additional precautions to protect valuable trade secrets and proprietary information. Such steps may reduce the chances of theft of trade secrets during remote work. They may also serve to position companies to continue to keep their information protected by trade secret laws by taking “reasonable efforts” to ensure the information remains “secret.” Below are a few ways companies can protect their confidential information. This list is not exhaustive, and time will only tell what courts later decide qualifies as “reasonable efforts”. It is certain, however, that taking no action to protect confidential information, will not be considered reasonable efforts .
Revise non-disclosure or proprietary information agreements to specifically apply to remote work.
Express and repeat statements of company policy that emphasize: during any remote-work situation, employees are not permitted to disseminate any trade secret or proprietary information to anyone who is not authorized by the company to receive that information.
Require that any employee who needs to communicate about or transmit trade secret or proprietary information do so only through the secured servers or drives.
Require that all employees who are working remotely and using personal or home WiFi to secure those points of access with a password.
Remind employees of the proliferation of malware, phishing, and other scams, especially during a time of crisis.
Establish a designated point of contact person or persons at the company to address questions about remote access, and to oversee the means and methods of obtaining access.
Review agreements with vendors who host or facilitate access to the company’s proprietary or trade secret information and, if necessary,revise those relationships.
This recent Quarterly Report from Southern Methodist University also includes COVID-related tips for working securely.
See our COVID-19 Quick Reference page for additional articles.