Industrial espionage and regulatory demands shine a spotlight on document security.
When executive search firm Sterling-Hoffman acquired two research facilities in India last yearthereby doubling its employee count, from 150 to 300CEO Angel Mehta quickly ran into problems securing the company's intellectual property. "Emerging markets are like the Wild West, times ten," says Mehta. "In places like India and China, -industrial espionage is commonplace." Companies routinely bribe competitors' employees for information, he says, or they have their own people pose as a competitor's employees and steal it.
Sterling-Hoffman, based in Mountain View, Calif., specializes in recruiting sales and marketing executives for software companies in North America; the firm is training its India-based researchers to help track market trends, executive movements, mergers-and-acquisitions activity, and other events. That intelligence represents the company's stock-in-trade, and most of it is stored in PowerPoint slides, PDF files and other standard document formats. Faced with the possible loss of information to competitors, Sterling-Hoffman's ability to freely share critical documents was -seriously hampered. "We couldn't give researchers the documents necessary to train them, and we found ourselves imposing impractical workarounds," Mehta says.
Sterling-Hoffman isn't alone in its desire to tighten document security. According to a report by Provizio, a competitive-intelligence company based in Meridian, Idaho, U.S. companies lost $133 billion as a result of proprietary information theft in 2005, up from $59 billion in 2002.
To secure their information, a small but growing number of companies have borrowed a page from the digital-rights-management playbook and adopted many of the same tactics used by purveyors of videos, music, and other electronic content to protect their wares from commercial piracy and file sharers. According to a recent Gartner Inc. report, enterprises are now "applying DRM principles to enterprise messaging, documents and intellectual property," using so-called enterprise-rights-management technologies to help control who can read, copy, print, export, save and edit documents, and when.
What measures do we currently take to protect individual documents?
Does our compliance strategy adequately address document security requirements?