Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

How to Prevent IP Theft by Your Own Employees? 236

Cursed by USB asks: "We are a small software startup based in India. Recently one of our employees was caught trying to steal our IP (work) from a computer using a USB thumb drive. While all the staff computers are devoid of floppy drives, cd writers and internet connections, we simply cannot disable the USB ports since there are a lot of USB enabled peripherals that we use. Apart from trying to hire "trustworthy" people, are there any other bright ideas that Slashdot readers might have in this regard to help prevent such theft from workplace?"
This discussion has been archived. No new comments can be posted.

How to Prevent IP Theft by Your Own Employees?

Comments Filter:
  • Haw Haw.

    Perhaps you should just make them come to work in the nude? with a cavity search on the way out the door, aka South African diamond mines.

    Of course anyone who could produce work worth stealing probally wouldn't work under those conditions.

    • Wow, the expertise must overflow from this place. Software developers who can't figure out how to restrict access from things. Remind me to never outsource.
      • Great idea! We'll just make it so our software developers don't have access to the code. Then they won't be able to steal anything!

        Oh wait...
        • as weird as this may sound I worked for such a company already.

          The guy wanted us to write the logic in VB and he would then translate them in whatever language the real source code was in (I think it was C). I worked there 22 days before my direct boss (the crazy guy asking me to code in VB) fired me for being stuborn. I then worked for his boss which later fired him.

          I really pissed off the guy by saying that he should plaster his name in the log files like that all the time and that he should try to

      • by Tassach ( 137772 ) on Wednesday April 13, 2005 @01:29PM (#12225626)
        Software developers who can't figure out how to restrict access from things
        As others have said, this guy is having a MANAGEMENT problem, not a TECHNOLOGY problem. If you can't trust your professional employees, *NO* technological fix is going to solve your problems.

        Creativity and productivity are the two things a startup company, particuarly a software startup, needs the most. Draconian security kills both of these. Likewise, oppressive NDAs and a corporate attitude of mistrust are not going to build loyalty among your employees.

        If you don't want your programmers to steal "your" code, treat them like PARTNERS, not EMPLOYEES. There's not much incentive to steal from yourself.

  • How about (Score:3, Insightful)

    by adamjaskie ( 310474 ) on Wednesday April 13, 2005 @10:11AM (#12223363) Homepage
    Delete the USB mass storage drivers?
    • Re:How about (Score:4, Insightful)

      by jakel2k ( 736582 ) on Wednesday April 13, 2005 @10:55AM (#12223828)
      Deleting the drivers would be good but what about internet access? It might be required to do work since the internet is one of the best tools for research and coding.

      There are many things that can be done and it all depends on how far you're willing to go.

      The first thing is fire the employee and make it known that this person was FIRED for IP theft. Also prosecuting this person to the full extent of the law will also send a message to other staff.

      Send out a memo stating that discovering ANY storage media that has been brought in from outside will result in immediate investigation of what is on the media and can be grounds for termination of employment and prosecution. Having people sign NDAs also help with the theft. These things are intimidation and to show the company is serious with this matter.

      Then there is the physical side of things. You might consider getting the computer looked in a box with holes for wires and vent holes. Of course you would want trusted members to have keys to access the box. Also security plates just to cover the USB openings might be a valid option.

      There is no 100% protection against this. Even the human brain is a storage device and to proect from that you would have to basically lock the employees in the ofice to do the work and after they're done, kill them.
  • Deny them the rights necessary to install hardware on their workstations. If not for all employees, for the employees that have access to sensitive information.
  • well... (Score:3, Funny)

    by schnits0r ( 633893 ) <nathannd.sasktel@net> on Wednesday April 13, 2005 @10:12AM (#12223377) Homepage Journal
    when it comes to avoiding intellectual property, I have this plan...but if I told you, I'd have to kill you.
  • dumb terminals? (Score:4, Insightful)

    by gl4ss ( 559668 ) on Wednesday April 13, 2005 @10:14AM (#12223401) Homepage Journal
    or something else.

    it's possible to disable usb drives as well... some companies have done it. i'm pretty sure you can ask from microsoft how to do it.

    but really, if the guy is a coder or whatever.. how are you going to make him not 'steal' your 'ip' which is most importantly ideas.

    kick him in the nuts and pay the next guy better? ..of course, why would he need an usb drive to steal a 4 byte value?-)
  • One idea (Score:3, Informative)

    by DamienMcKenna ( 181101 ) <damien@mc-ke n n a . c om> on Wednesday April 13, 2005 @10:15AM (#12223417)
    One idea would be to protect yourself [gnu.org].
    • Re:One idea (Score:5, Insightful)

      by SunFan ( 845761 ) on Wednesday April 13, 2005 @10:48AM (#12223729)

      I don't see how this would protect them, as copyright protection doesn't imply protection of trade secrets, which is what the submitter is probably concerned about. The only real protection for trade secrets is trusting employees, and an NDA might be appropriate in the employment contract. The key isn't to remove all of the technology from the offices, but to create enough dis-incentives to prevent the employees from wanting to steal.

  • by Y Ddraig Goch ( 596795 ) on Wednesday April 13, 2005 @10:16AM (#12223425)
    If so you can't stop them, all they need to do is compress the IP and email it out of the building. The best thing you can do is treat your employees well and when (not if) there is a problem deal with it accordingly.
    • by Anonymous Coward

      staff computers are devoid of floppy drives, cd writers and internet connections
      ...
      Do they have Email Access?

      This takes not reading the article/blurb to all new lows.

  • USB Device Scanner (Score:4, Informative)

    by Glamdrlng ( 654792 ) on Wednesday April 13, 2005 @10:16AM (#12223430)
    It's not a total solution, but GFI Network Security Scanner (used to be LANGuard) can scan for unauthorized USB devices and fire off an alert if it detect one on a scan. Demo available at http://www.gfi.com/lannetscan/ [gfi.com].
  • Mistakes (Score:2, Insightful)

    by xoboots ( 683791 )
    1. you said "IP" suggesting that it is a tangible thing that can be stolen

    2. you implied that there is no such thing as trustworthiness in employees

    3. you implied that you don't mind having untrustworthy employees as long as they don't affect *you*

    Why should we help you? Do your own homework.

    • Yeah...I hate it when people steal my IP.
    • 1. you said "IP" suggesting that it is a tangible thing that can be stolen

      If IP is a trade secret, than "stealing" means that what was once private is now public. The real theft, then, is a denial of value to the company regarding that IP. Just because it isn't something tangible like jewelry doesn't make it less of a crime.

      • Re:Mistakes (Score:3, Insightful)

        by SunFan ( 845761 )

        Another non-corporate example: imagine being a researcher at a university. You develop a radical new algorithm that takes a O(n^3) process and make it into O(n log n). This algorithm is of great importance in, say, fluid dynamics or something really time-consuming. Unfortunately, you are prepping your work for publication and due credit, when someone breaks in and steals your files and publishes under a different name first. Since you have not published, yet, there really is no protection at all, and y
        • Re:Mistakes (Score:4, Informative)

          by Ithika ( 703697 ) on Wednesday April 13, 2005 @11:38AM (#12224284) Homepage
          But copyright is on your side. You have two years of research and intimate knowledge of the subject to prove you did it (plus, no doubt, grant applications and research statements). The university will have regular offsite backups going back quite a while, all showing what you were doing, which will be fairly hard to forge. The thief has only your results.

          This kind of thing has been tried before; and failed.

      • "If IP is a trade secret, than "stealing" means that what was once private is now public. The real theft, then, is a denial of value to the company regarding that IP. Just because it isn't something tangible like jewelry doesn't make it less of a crime."

        But a trade secret is a tangible thing in a legal sense. "IP" is specious word with no real bearing or precise meaning. He refered to "IP" and then added "(work)" which really doesn't imply "trade secret" all by itself. In other words, his use of language w

        • "'IP' is specious word with no real bearing or precise meaning."

          I generally consider IP to be trade secrets, copyright, patents, and the public domain. If someone isn't set up properly in the former, they irrevocably live in the latter. "Theft", in a sense, is moving things into the public domain without permission.

    • Re:Mistakes (Score:3, Insightful)

      by brontus3927 ( 865730 )
      A lot of people have a rabid response to those two letters: I.P. What if the poster wasn't trying to prevent "theft" of "IP" but "theft" of customer data. What if it was I caught an employee stealing our customers credit card numbers and SSNs to USB flash drives.
  • by MerlynEmrys67 ( 583469 ) on Wednesday April 13, 2005 @10:17AM (#12223435)
    Just wondering how little work I could get done without a network connection

    Think about it
    No E-mail
    No External resources (knowledge bases, slashdot)
    Nothing

    Frankly, I'm suprised you even can get people to work for you, I mean - wow, I haven't worked somewhere without an internet connection on my development machine for almost 15 years now. And it has been north of 20 since I haven't had an internet connection

    Frankly, it is much easier to protect your IP, and go after the people that steal it... I mean really what is stopping someone from bringing in a micro hard drive and just taking the whole thing out.

    • by soren42 ( 700305 ) * <{j} {at} {son-kay.com}> on Wednesday April 13, 2005 @10:47AM (#12223714) Homepage Journal

      Just wondering how little work I could get done without a network connection

      On the contrary... I was just thinking about how much work I could get done with out an internet connection.

      Mostly by the lack the same mechanisms... no e-mail, no slashdot, no websites... (lol) Nothing to do but focus on work.

      Oh, wait - I'd need to lose the telephone and the rest of the drivelling idiots that work with me, too. (Or least lock them out of my workspace)

      I don't think this is such a bad idea... isolate employees computers for work, and then give them a "communication zone" of PCs they can move to with network connections. Allow them one hour out of every four in the communication zone to do e-mail, surf the web, do research, etc. That's a great idea to increase productivity - especially in tech workers!

      /me goes off to start a new productivity consulting firm...
  • by m_chan ( 95943 ) on Wednesday April 13, 2005 @10:17AM (#12223442) Homepage
    Have your employees check their brains at the front desk so they can't walk out with snippets of code lodged in their lobes. Or perhaps you may be able to open your source and get help from people who will work on your technology because of interest.
  • Make an example of the person you caught. Sack them, give them bad references, and sue them for breach of contract... you did put a clause about this into their employment contract, didn't you?

    I don't know what your local copyright laws are like, but surely they couldn't do anything commerical with the IP without violating them?
    • I have no idea what the job market's like in India, but one of the best incentives to work hard and behave ones self is to offer glowing refernces to those who conduct themselves honestly. As many people have already pointed out there's very little you can do to prevent ideas leaking from your company.

      An aside: If companies could wipe employees memory when they left, every new hire would have as much experience as a graduate straight out of uni...
  • by monkeyserver.com ( 311067 ) on Wednesday April 13, 2005 @10:19AM (#12223464) Homepage Journal
    Like you said, hire people you can trust. Then foster a different environment, removing net connections, burners, and floppies is a good way to say, "I don't trust you." Why don't you embrace your employees, make them happy to work for you. Then maybe they won't steal, in fact, I would guess you'd see better productivity.

    You've got yourself a self fullfilling prophecy there...
    • Things are not, sadly, like this in real life. Even the happiest employee will steal if theres motivation. Motivation includes money, ego, boredom, whatever. Some people, as illogical as it seems, steal because they can. Some like the challenge. Those people aren't going to be hampered by an open office with lots of floppys and burners and internet connections.

      If you don't lock the doors, sooner or later someone is going to break in. You ahve to do what you can to stop it.
  • by mopslik ( 688435 ) on Wednesday April 13, 2005 @10:20AM (#12223465)
    ... and even then, it doesn't always work. In the extreme case, you can always copy code using a pen and paper. Unless you're thinking of introducting full cavity searches, you're spinning your wheels. Give up on this "prevention" avenue. Focus more on your hiring process, write up a strict code of conduct, and don't be afraid to fire employees who are caught violating these terms.

    Just my $0.02.
  • by Schezar ( 249629 ) on Wednesday April 13, 2005 @10:22AM (#12223480) Homepage Journal
    As long as your employees have access to your IP, there is absolutely no way to prevent them from "stealing" it if they are determined to do so. Period.

    No amount of security will make your data safe. Data is easy to move, easy to duplicate, and easy to store. During the industrial revolution, American industrial spies stole factory plans from British firms by memorizing them. Unless you know how to erase a person's brain, there will always be a hole.

    Technology is making this issue ever-more pressing.

    You have two options:

    1) Hire only trusted people, and trust them.

    2) Don't rely on IP as a business model.

    Option 2 may sound stupid, but it's really the only way in the long run. Sell a service, sell a product, but don't try to sell information. If the sole thing your company provides is data, someone will endeavor to get that data for themselves, and then you'll be boned.

    A business that relies on the scarcity of information it holds internally can not survive. Even if your employees are all 100% trustworthy, outsiders will still vie for your data.

    It may sound pessimistic, but it's the truth.
    • As long as your employees have access to your IP, there is absolutely no way to prevent them from "stealing" it if they are determined to do so. Period.
      Why do people like to end a statement with `Period.' as if it were the last word on the issue, when it clearly is not? Wishful thinking?

      You definately can prevent your employees from `stealing' things like code and data. It may not be 100% effective, but you can make it very _very_ difficult.

      Think NSA. I certainly never worked there, but I imagine they're 1) very picky about who they hire, and 2) take security to the extreme, and 3) it's all backed up by serious legal threats. (I believe treason is still eligible for the death penalty, is it not?)

      #2 is probably most interesting to those here. Physical security is extreme, with metal detectors detecting guns and hard drives, and enforced by men with guns. Things like USB drives (and even Furbies or cell phones) aren't allowed in at all, and I imagine there's spot searches for things like this.

      Places like that often have two networks, a secure and an unsecure one. If you plug a computer into the wrong network, it never leaves the building again. The secure network has no access to the Internet whatsoever.

      I imagine there's a lot more that they do, but I'm sure that there's web pages dedicated to this sort of thing if you want to read more about it.

      Of course, even this isn't 100% effective -- but I imagine it's pretty close. Of course, it's also extremely expensive and restrictive, and few companies are probably willing to do this sort of thing to their employees -- but I imagine that a few do, perhaps to some key employees in key positions ...

      • I've worked with people who worked for the NSA. You skipped a very important thing they do. They compartmentalize the information so that no one person can take anything of value.

        So for example if you are solving a PDE you might not know what it is modeling and what the proper initial values are. They guy who knows the solution and the initial values doesn't know what its for. The guy who gets the answer knows what its for but doesn't know the PDE or the solution, etc... The net result is that its fai
    • Unless you know how to erase a person's brain, there will always be a hole.

      ITYM that after I erase a person's brain, there will always be a hole. There's a fantastic brain-erasing device, an implant made mostly of lead, about 9mm in diameter, installed at high velocity while the erasure candidate begs you please Ghod no. Costs about $0.35 per round^H^H^H^H^H implant, plus court costs.

      Re-installing the OS after the wipe is something of a challenge---better to replace the entire unit, after showing it w

  • Registry control (Score:5, Informative)

    by brontus3927 ( 865730 ) <edwardra3NO@SPAMgmail.com> on Wednesday April 13, 2005 @10:22AM (#12223485) Homepage Journal
    If you are using Windows XP with SP2 you can keep block storage devices from being written to. If you have XP but not SP2, this would be a good reason to install the service pack. If your don't have XP, try searching google for software that will provide the functionality
    Start -> Run: regedit

    Find the following key:

    Hive: HKEY_LOCAL_MACHINE
    Key: System\CurrentControlSet\Control \StorageDevicePolicies
    Name: WriteProtect
    Data Type: REG_DWORD
    Value: 0
    This allows writing. Change the value to 1. This will prevent writing. Save your registry and reboot. Of course, it's always recomended to backup your registry before making changes.

    Allegedly, Longhorn will have this control without having to hack the registry.


    • Please excuse me if I am being naive, but isn't the hard disk a block storage device? Wouldn't adding this key make the user's drive(s) immutable and make it very difficult to reverse this registry addtion?
      • Yes a hard disk is a block storage device, but this registry key is USB specific (although I admit it's not obvious).

        As for the other post, it is possible to restrict users access to the registry by edititing the registry.

        1. Start Registry Editor (Regedt32.exe) and go to the following subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlS et\Control
        2. On the Edit menu, click Add Key.
        3. Enter the following values:
        Key Name: SecurePipeServers
        Class: REG_SZ
        4. Go to the following subkey:
        HKEY_LOCAL_MACHINE\SYS


    • OH, and by the way, don't let your employees read that post.
  • Respect (Score:2, Insightful)

    by Tozog ( 599414 )
    The best way to prevent IP theft is to treat your employees with respect and give them no reason to steal your IP in the first place.

    Putting in draconian security rules is just going to piss me off and keep me from doing my job effectively, and quite frankly, make me look for a new job.
    • Really, this is liberal nonsense. There are all kinds of reasons why someone might want to steal IP and being nice to them is only going to eliminate a handful of them (eg. it might stop them stealing code just to spite you). Most obviously, someone might have found a new programming job somewhere else in the world that pays lots more money and having a convenient source of software they could steal from the old company will give them many advantages in the new place. If they act rationally and out of self-
      • Re:Respect (Score:3, Insightful)

        by Tozog ( 599414 )
        So it's better to treat your employees like untrusted criminals to try and prevent the 1% who are criminals and might steal your code?

        Seriously, if I work on something that is your IP, any system you put in place to prevent me from stealing it is just going to make it harder to do my job and frustrate me. Even if I no longer have access to the code, I still know the general way things work and could probably reproduce the code in a much shorter period of time. And besides, no matter how harsh the security,
      • Content employees generally don't look for new jobs. They also generally do their best for the workplace and don't engage in things like theft. Its not like business schools don't do research on this sort of thing. High employee satisfaction pays huge dividends. American corporations treat their employees badly inspite of the extra profits that can be earned with good treatment not because of them.
  • by Trelane ( 16124 ) on Wednesday April 13, 2005 @10:25AM (#12223524) Journal
    1. Remove support for USB Mass Storage in the kernel and remove any usb mass storage drivers in the kernel (also disable firewire or do the same for firewire devices)
    2. (if you use 2.6.x or later and udev) Modify your udev rules to make usb mass storage devices (and whatever devices you wish) to appear where you want it to (e.g. in a mode 000 directory) and with the user/group and perms you want it to have.
  • Make them owners. (Score:5, Insightful)

    by AeiwiMaster ( 20560 ) on Wednesday April 13, 2005 @10:25AM (#12223527)
    You should pay them partly with shares,
    then they would only be stealing from themself
    and their coworkers/Coowners.
    • Won't work (Score:2, Insightful)

      by Anonymous Coward
      It would have to be a pretty big percentage for that scheme to work.

      Let's say the employee is considering stealing $1000 (IP, cash, hardware, or equivalent) from The Company.

      Pre-employee-ownership:
      He owns 0% of The Company. So he gets $1000.

      Post-employee-ownership:
      He owns 1% of The Company. So he gets $1000, but effectively loses $10 of that. So he actually stole $990.

      Give him 10%, you say? Wow. Okay. Doesn't sound scalable, but sure. So he'd still net $900 in his theft.

      This won't work and it's
  • Back in high school, I used to fix computers for people to make a little spending money. One time, I went over to this guy's house because his computer wouldn't boot. The conversation went something like this:

    Me: Your hard drive is dead. You're going to have to buy a new one.

    Him: How much will that cost?

    Me: About $100, plus the cost to install it...maybe $130 total.

    Him: That's way too much, can't you just fix it?

    The moral of this story is that if you system is fundementally broken, there is no band-ai
  • Use linux (Score:3, Interesting)

    by John Harrison ( 223649 ) <<johnharrison> <at> <gmail.com>> on Wednesday April 13, 2005 @10:31AM (#12223590) Homepage Journal
    Roll your own distro that removes support for USB drives.

    I would suggest that you need to give up. At my last project thumb drives were getting passed around like crazy and nobody was worried about it, and this was a place where they wouldn't give us a network connection. Trust the people that work for you, sue those that screw you, and pay them enough that they aren't easily bribed. As others have mentioned, they have most of the info in their own heads already and there is nothing you can do about that, so make sure they want to stay.

  • by sybarite ( 566454 ) on Wednesday April 13, 2005 @10:33AM (#12223601) Homepage
    ...you can edit the following registry key to change the value of Start from 3 to 4. This will disable the USBSTOR.SYS driver preventing the use of USB filesystems. It will not disable other types of USB devices.

    HKLM\SYSTEM\CurrentControlSet\Services\USBSTOR
  • 1) Make it clear that you'll sue anyone who steals your IP

    2) Make sure it's all clearly copyrighted.

    3) Patent it (but don't tell anyone I told you to do this).
  • by duffbeer703 ( 177751 ) on Wednesday April 13, 2005 @10:45AM (#12223699)
    Don't put up with this nonsense.

    Set up security stations and look for people with USB drives. When you discover someone obscounding with IP, call an all hands meeting and cane the SoB. If caning is illegal in your area, just knock the guy to the floor and have the entire group stomp him. (This is also a teambuilding exercise)

    Corporal punishment will assert your IP authority and eliminate other disiplinary issues.
  • by richg74 ( 650636 ) on Wednesday April 13, 2005 @10:50AM (#12223749) Homepage
    Apart from trying to hire "trustworthy" people, are there any other bright ideas that Slashdot readers might have in this regard to help prevent such theft from workplace?

    I think the core difficulty here is that you think you have a technology problem, when what you have is a management problem. If you rule out hiring trustworthy people, and fostering an atmosphere that earns their trust, then you are just wasting your time. Think about this: do you think that putting in time clocks would make physicians (let's say) work harder ?

    You also need to think about what it is that you are actually trying to protect. One defect (among many) of the term "intellectual property" is that it leads people to think by analogy with actual (tangible) property. If your IP is in software, what are you trying to protect: the typing of the code, or the ideas the code embodies? If it is the latter, you can't open your employees' skulls and remove the ideas from them.

    I worked in, and managed, an investment management firm, where it was a truism that our most important assets walked out the door every night. You have to run the business so that people want to work there; so that they have fun, find the work and their environment interesting, and believe that they will be fairly compensated (financially and otherwise). It isn't necessarily easy, but then that's what you get paid for.

    • I think the core difficulty here is that you think you have a technology problem, when what you have is a management problem.

      How absolutely, utterly true. What will you do in a few years when human sense data can be (and is commonly) directly stored as bits? A blind person gets optical implants and can now see. I supposed you would refuse to hire her because she might recover what she's seen from the storage buffers. You'll never overcome this "problem" with technological solutions -- eventually those solu

  • Simple (Score:4, Insightful)

    by Safety Cap ( 253500 ) on Wednesday April 13, 2005 @10:50AM (#12223756) Homepage Journal
    • Hire the best people you can
    • Treat them well and with respect
    • Pay them what they deserve
    • I worked at a high-profile architecture firm, one of the oldest continually-operating shops in the country, which people were fighting to get into. The architects as a group were smart and hard-working.
      I removed the Zip drives & floppy drives so people couldn't walk out with the data files. Why? Because they represented so many hours of work: the specs were the output of skilled engineers, the drawings had taken many, many hours to produce, and the databases of correspondence could be mined for best
  • Outsource! (Score:3, Funny)

    by toygeek ( 473120 ) on Wednesday April 13, 2005 @10:53AM (#12223810) Homepage Journal
    Fire all but your most trusted employees and outsource the rest to the US. I hear its all the rage in India.
  • I've used Securewave [securewave.com]. It's pretty good, it lets you specifiy what USB devices are allowed and block everything else by default. You can also mirror data so you can audit what data people are sending. It works on USB, CD, Floppy, parallel ports, Serial Ports, and I think it does firewire too.

    Once it's set-up it's awsome.
    I don't work for them, I've just used their product and really liked it.
  • Partial Coding (Score:2, Informative)

    by dethwulf ( 688120 )
    From what I guess, and I only have limited program development experience, give each team/member partials of the total code. Granted, this will probably slow production or make for an interesting debug session. However, if you're developing something that you're truely worried about being leaked, having, for example, 30 employees with 1 part of the code each won't let them steal anything but that 1/30 of the total IP. So if that happens, so you're out a function, or whatever and you can hanlde his public fl
  • Ban camera phones and then hand out usb pen drives and laptops to employees and provide them with huge pipes to the internet.

    That's the solution of the very large company for which I work, anyway.
  • One solution would be to re-architect the systems to be completely terminal-services based. This way no data is actually on the client's system, except the window to the application.

    Citrix for windows is the obvious choice, but there are ways to accomplish this with unix, Linux, and even mixing the two environment.

  • erase 'em (Score:3, Funny)

    by delirium of disorder ( 701392 ) on Wednesday April 13, 2005 @11:27AM (#12224188) Homepage Journal
    Install EMP/HERF guns and degousing coils around the doors so any magnetic or solid slate device is destroyed upon exiting the building. Ban tinfoil and make sure not to employ anyone with a pacemaker. Tell everyone to leave their cellphones in their cars and use an internal VOIP system for communication. Make sure any company healthcare doesn't cover radiation poisoning/cancer so your premiums don't go up.
  • Remove the USB mass storage device drivers. But that's already been mentioned.

    Restrict the user access to the USB devices. This has already been mentioned too. You can do this really easily under Linux.

    Why the fuck are you posting such a braindead simple question?

    If you can't figure this one out on your own, then you probably don't have any IP worth stealing in the first place. And if you do, it's already long gone by now because you are this stupid. The smart people walked out with it weeks ago.

  • Why do the employees want to steal the IP? Because they feel that they have no stake in the business, and they are just working for "the man". So they swipe some data to sell to a competitor because what have they got to lose?

    If all the critical employees (i.e. those with access to the data) owned a non-trivial amount of the company, then they *would* have something to lose and would be much less motivated to try it. And they will work a lot harder and not leave after a year and (perfectly legally) depr
  • If you take a look at history, this IP stuff is a new concept of companies trying to capitalize on every little thing. Historically speaking, one of the biggest times of invention in the U.S. was around the late 19th and early 20th century. And there was no such thing as IP.

    If I remember my history correctly Westinghouse worked for Edison for a while and the Dodge brothers were working for Ford when they came up with their ideas for Dodge Motors (and actually sold Ford stock to get the capital to start
  • Why not just disable USB flash drives and hard disks by removing the drivers?

    But if your office is anything like mine, that is going to kill your workflow. I am always using my USB flash drive when I have to collaborate with my co-workers. Maybe your employees are the problem, not your computers? I take company IP home with me fairly frequently, because if I am enjoying what I am working on at the moment, I tend to take it to a coffee shop or park or whatever and work on it in my spare time for the fun
  • If we are to assume that the IP (work) in question is actually software code, then the whole questions is pointless:

    Software is relatively easy to create.
    Much more so the second time.

    You could spend tons of cash and several months building, for example, an online game. Then I could come around, and re-create that entire thing from scratch, on my own, for virtually no cost, within a few days.

  • (1) Hire trustworthy people

    (2) Hire people, keep them away from each other. Do not let them access to work theyve already done, and try to induce amnesia all the time. Assign a security guard to each person, and track their off-hour work to make sure they dont steal anything. And make SURE theyre scanned as they leave the building, and confescate all data-carrying media. Like SCO and Microsoft, keep a good legal team and sue people around who seem to do what you do.

    Tough choices? Well in IT you have to ma

  • You should outsource to the US, where there are legal protections for IP. My understanding is that in India, there are none, or very few; so the only way to protect yourself is to restrict physical and logical connections to the work computer, since you can't prosecute after the theft has been accomplished.

    And, as other posts have made clear, that's not possible against someone willing to breach security. Just ask the CIA.
  • Indian programming isnt worth a crap anyways.
  • Your code (and everybody else's) is not nearly as valuable as you (they) think.
  • by Lord Kano ( 13027 ) on Thursday April 14, 2005 @03:18AM (#12231504) Homepage Journal
    Don't fuck over your employees. Don't lowball their salaries. Don't short them on vacation time. Be fair in the promotion process.

    It's easier to keep employees happy than it is to monitor their every activity.

    LK

Real programs don't eat cache.

Working...