Professional Secrecy: How to Protect Against Leaks
Threats come from inside and outside the company. Physical security, technological precautions, and employee awareness are the main ways to protect against the disclosure of secrets.
The case recently made international headlines: three senior executives at Renault working on the electric car program were suspended in January. The reason: they are suspected of selling secret information to a foreign competitor, probably Chinese according to the conclusions of some media outlets. This case, which has the hallmarks of industrial espionage and is being followed at the highest levels of the French state, recalls the dispute that opposed General Motors/Opel to Volkswagen a few years ago. The first group accused one of its executives, who had joined its competitor, of taking confidential documents. This proves that companies, large or small, regardless of their level of security, are not immune to theft or leaks of important information. This is even more common today as economic warfare, fueled by ruthless competition, rages. And like for the military, economic warfare relies on a major element: intelligence or what some now call economic intelligence. More than surveillance, which allows monitoring the market, competitors and anticipating new trends, economic intelligence goes much further: it is about knowing what competitors are preparing, their future projects, their industrial processes, their models... This is why significant resources are invested in physical and intellectual protection.
In Morocco, it is not uncommon to see problems of professional secret disclosure, even if these cases are rarely exposed publicly, unlike what is done elsewhere.
For example, a manager recounts that one of his sales representatives had stolen customer databases for a competitor. Unfortunately, he could not prove these leaks to the judge.
Faced with fierce competition, companies have every interest in securing their sensitive data. Information leaks can be extremely costly. "In industry, it is vital to protect manufacturing recipes that are not patented so that they are not known to competitors," says Mohammed El Yousfi, CEO of LMM QSE. "We currently manage a significant flow of information. One of the main difficulties that companies face today lies in transferring information to the right people at the right time," specifies Mohamed Benouarrek, HR expert. It is therefore important to know how to prioritize information that is publicly accessible, information that needs to circulate within the company, and information that must remain confidential. This is how it is possible to possibly detect the origin of a leak. And leaks can come from anywhere.
First, within the company, as the Renault case proves. Organized leaks can occur, just as they can be accidental due to negligence: employees who talk easily to everyone without realizing that they are disclosing information useful to the competition, documents thrown in the trash without precautions, a poorly secured information circuit...
Certain categories of personnel are more sensitive. An engineer working on a manufacturing process, an accountant who knows the company's accounts, as well as the courier or the executive assistant through whom very important company files often pass: large contracts, employee salaries, and layoff plans are often very exposed. The salesperson who resigns to join a competing company, taking the customer file with them, is the classic case. Especially if they are on bad terms with their employer.
From the outside, attacks come directly from the competition. Some large groups do not even hesitate to pay detectives or specialized firms to learn more about the practices of their peers. In addition, business people traveling abroad are not immune to foul play.
In some countries, escorts, guides, and interpreters are good relays to "cook" a competitor, get some confidential information out of them, or even steal important documents.
Protecting Yourself Without Paranoia
With the available technological means, it is possible to record, photograph, and copy documents discreetly.
Another source of danger for the company: its computer network. It is not uncommon to see companies that are victims of hacking.
Faced with all these dangers, it is necessary to protect oneself. It is not a question of being paranoid, but it is important to take precautions so as not to leave oneself open to malicious people. Legally, companies take a precaution, namely including a confidentiality clause in an employee's employment contract. For Mohamed Benouarrek, "this clause can have more weight if it is well detailed in the content, for example, extending the drafting of texts to information concerning the exclusive use of internal documents or even customer databases." According to Mohammed El Yousfi, "awareness is paramount. You shouldn't wait for a mishap to happen before the company starts to repair the damage."
And do not forget that intangible security (data protection systems, locking of the information circuit...) is as important as physical security.
Published February 15, 2011
Posted online February 15, 2011
