Remote working hit like a storm in March. We expected the “weather” to calm down by the summer. It didn’t. Now it’s November, with no end to the remote working season in sight. Remote work was a short-term solution to what people believed was a short-term problem, and would correct itself once the COVID-19 curve flattened. Now, cases are on the rise again and remote working seems here for the long-term. More and more companies are accepting the reality of the situation, and this has turned much of the nation’s labor force into a remote workforce that gets larger every day. With this sudden change in how we live and work in the same location comes a variety of problems for today’s employers and remote workers. How does an employer keep their work information safe and separate from their employees’ home lives?
Remote working situations can threaten trade secret protection at every level of any organization. Implementing best practices to protect your company’s valuable trade secrets and confidential information is critical… and easier than you may think.
What is Considered a Trade Secret?
Trade secrets can be anything a company considers confidential information and important to its business: scientific or technical information, designs, processes, procedures, formulas, improvements, confidential financial information, customer lists, distribution, and supply chain information.
Basically, a trade secret is any information from which a company derives value that is not generally known and the owner takes affirmative, reasonable measures to keep it secret. Some examples of such measures can include limiting access to servers where the information resides and requiring passwords to access information or documents.
Keeping Trade Secrets “Secret”
With so many remote workers, the potential for exposing trade secrets increases. In order to ensure that confidential information is considered a trade secret, a company needs to take reasonable measures to protect them. Ways to minimize this exposure include: providing training and guidance to employees regarding handling confidential information, mandate that employees use work-issued hardware, and updating NDAs and confidentiality agreements.
Provide Training and Guidance
One of the most important things a company can do is provide training and guidance to their employees in remote training sessions to refresh knowledge around the types of information the company considers to be a trade secret and the policies and procedures in place to protect it. Training sessions should include specific guidance for handling trade secret information in home environments, which are less controlled than in-office situations.
Work-Issued Hardware and Technology Basics
Issuing hardware such as laptops or other devices makes it easier for companies to set up secure remote environments, monitor and control employee access to trade secret information, control outside connections, and prevent employees from downloading files that may compromise the security of the device. Companies should ensure that their employees are accessing company systems through a secure VPN, consider encrypting files that contain trade secret information, and employ document management systems that can require passwords to access sensitive documents and track user access and downloads.
Updating NDAs and Confidentiality Agreements
Employers should update — or implement if they are not already in place — confidentiality agreements and NDAs to reflect the policies and procedures for protecting trade secret information in remote environments.
Updating Phishing and Spam Protocols
Companies are seeing an uptick in phishing and spam emails since the pandemic began, and many of these emails are sophisticated spoofs of regular corporate communications. Employees should be reminded regularly to look at emails critically and carefully before opening or forwarding, and not to click on unknown links.
Passwords for Zoom Meetings
Passwords and “waiting room” access should be enabled on all conferences utilizing Zoom or other video conferencing platforms, particularly when confidential company information is being discussed. With those settings, only attendees with the passwords are allowed into the “waiting room,” and the conference host must individually allow each attendee into the meeting, reducing the possibility of unauthorized eavesdroppers.
Printing Policies
Companies should consider implementing restrictions on printing documents at home that contain trade secret information. In an office environment, printing can be more controlled and only company employees have access to copies. When working remotely, printing documents becomes more hazardous — many people in a household are likely working or schooling remotely and sharing a single printer, which increases the likelihood that another household member could mistakenly pull sensitive company information off a printer and read it, misplace it, or inadvertently disclose it to others.
Clean Desk Policy
Many companies are implementing a “clean desk” policy, which is exactly what it sounds like: leaving nothing on your desk when you leave it unattended. Companies may require employees to put any trade secret information into a locked drawer or safe when not working on it.
Take Reasonable Measures to Protect Trade Secrets
Nobody knows when the COVID-19 pandemic will end — but now that companies have seen that their workforce can efficiently and effectively work remotely, remote work is likely to stick around as a lasting change to the business environment. If they haven’t already, companies should establish reasonable measures to protect their trade secrets in this new paradigm. If a company is not implementing measures to protect its trade secret information, it could lose protection as a trade secret and, worst of all, irreparably damage the company. Take steps to ensure your remote workers are keeping your trade secrets secure — and secret.