top of page

Mitigate All Types of IP Theft with Information Governance


In July of 2006, Federal agents arrested and charged a Coca-Cola Company employee and two others with stealing trade secrets and wire fraud, based on their attempt to sell "highly classified" information to that company's competitor PepsiCo for $1.5 million. The information seems to be related to a beverage in development that had not yet been released, and at least one glass vial containing a sample of a new drink was offered for sale.


Here are some ways that information governance best practices could have been used to prevent this and other types of IP theft from happening (or at the very least, mitigate the impact):


Data Classification, Encryption, and Access Controls: Practically, this means limiting access to highly sensitive data solely to persons who have a legitimate need to know, with well-documented access controls and using best-practices encryption technology to avoid mis-transmission of important information. While this may not prevent all acts of IP theft, it can prevent many, especially those by lower-level workers. And, perhaps more importantly, having these controls in place shows regulators and plaintiffs’ attorneys that you take compliance seriously and have a robust system in place to mitigate harm.


Data Loss Prevention (DLP) Tools: DLP tools can be employed to monitor and block the unauthorized transfer of sensitive information. They can detect and prevent data leaks or suspicious activities like sending classified documents outside the organization's network. Like having data classification and access controls, effective use of DLP tools shows regulators that you are serious about compliance by using technical tools to prevent the release of unauthorized information.


Employee Training and Awareness and Vital Records Programs: Proper training and awareness programs can educate employees about the importance of safeguarding vital or business critical records such as company IP. This is especially important when it comes to inadvertent misappropriation of IP. However, it can also be relevant to preventing intentional theft – especially if employees have a clear understanding of the legal and often criminal consequences of their actions!


Monitoring and Auditing: Regularly auditing and monitoring data access and transfers (at set times) is another important mechanism and can help companies identify irregularities or unauthorized activities such as IP theft.


Third-Party Vendor Protocols (and Indemnification): Companies should conduct a thorough review of their third-party vendor agreements to make sure that these vendors adhere to data protection standards and are held accountable for any breaches. Also, they should make sure that vendors have appropriate insurance to protect them from actions by vendor employees and that vendors indemnify (agree to cover their losses) if they are sued based on their acts and omissions!

Get in Touch

Knowledge Preservation, LLC
567 Woolf Road, Milford, NJ 08848

(973) 494-6068

  • LinkedIn
  • Youtube

Thank you for contacting us. We look forward to connecting with you soon and providing the assistance you require.

bottom of page