7 Best Practices to Prevent Intellectual Property Theft


Original ideas, developments, and trade secrets help businesses increase their value and stand out among competitors. But as market competition grows, the risks of intellectual property (IP) theft and leaks also grow. Establishing basic security policies and procedures to protect sensitive data is crucial if you want to continue to benefit from your intellectual property.


In this article, we dig into the importance of intellectual property protection and explore possible scenarios of intellectual property theft. We also offer seven best practices to help you secure your corporate ideas and creations from malicious actors.

Why intellectual property matters and how to protect it


Intellectual property (IP) is a category of property that refers to creations of the mind: artistic works, designs, images, videos, symbols, and names. Both individuals and businesses can be IP owners.


The legal right to claim ideas and creations as intellectual property helps IP owners benefit from their work, protect it, and prevent copying. The concept of intellectual property helps stimulate innovation and contributes to progress in economics, technology, science, art, and other fields.


Definition of intellectual property by Gartner


To claim the ownership of IP, individuals and businesses establish intellectual property rights (IPRs) through copyrights, patents, trademarks, and trade secrets. IPRs enable creators to earn recognition and benefit from their products as well as to profit when others use their creations and inventions.


Protecting your intellectual property rights is essential. If you allow competitors to leverage ideas and creations suspiciously similar to your own, your business can lose its competitive advantage and revenue streams along with seeing a drop in its market valuation.


If unauthorized parties or malicious employees gain access to IP-related data, they can steal ideas and introduce original products to the market faster and cheaper than the legal owner of the IP. Let’s learn more about IP theft, its risks, and its consequences.

Learn more about User Activity Monitoring

What is intellectual property theft?


Intellectual property theft is the act of robbing people or organizations of their ideas, inventions, creative products, and other types of IP. The impact of intellectual property theft on businesses includes loss of a competitive edge, reputational damage, a slowdown in business growth, and loss of customer trust.


IP theft may result in significant losses for organizations and can add up to substantial sums at a country-wide level. The Commission on the Theft of American Intellectual Property estimates in a report [PDF] that annual costs from IP losses in the US range from $225 billion to $600 billion.


Also, if a cybersecurity breach allows malicious actors to steal data, an organization can face compliance and legal issues, since that breach may affect other sensitive data of customers, employees, and partners. Thus, businesses that suffer breaches will likely focus less on further development and success due to putting efforts and resources into lawsuits.


In our digital world, IP thieves may include current and former employees, competitors, and hackers. IP theft can be a primary motive or an opportunistic exploit, as IP can be stolen in bulk when illegally retrieving corporate data.


By stealing IP or purchasing already stolen ideas and creations, dishonest individuals and organizations can create products faster and cheaper than if they designed those products themselves. Because of IP theft, organizations that invested in original creations may find themselves competing with copies of their own ideas that are selling at half the price.


Let’s explore in detail three common scenarios of intellectual property theft:




Cybercriminals can gain unauthorized access to an organization’s sensitive data and intellectual property using various phishing techniques. A large portion of IP theft is enabled by malware infiltration, including by state-sponsored attackers.


For instance, attackers can use keyloggers — malicious software that captures data as users type it into a system. Or they can inject man-in-the-browser malware into a browser to view and capture everything the user enters or sees on a web page or in an application. Another way to gain access to IP data is by using cross-site scripting attacks or injecting malicious objects inside web pages (drive-by downloads).


In 2020, attackers used malware to steal healthcare IP related to COVID-19 vaccines. Because of these attacks, one vaccine manufacturer, Dr. Reddy’s Laboratories, had to close several of their plants.


Another shocking example of IP theft resulted in the American Superconductor Corporation (AMSC) losing over a billion dollars in share value. Cybercriminals stole the corporation’s trade secrets back in 2011 but were obliged to pay a penalty only in 2018.


Privilege abuse


Employees and subcontractors might exploit their access to an organization’s sensitive data and intellectual property to steal it with an intent to sell it to competitors or use it to start their own businesses. The higher the level of user access rights, the higher the risks of IP theft. So you always need to keep an eye on privileged users and third parties. Another possible scenario is data theft by former employees if they still have access to corporate networks, or if they created backdoor accounts before they left a company, or if they managed to steal data before quitting.


In 2018, Hongjin Tan copied confidential and restricted research documents of significant value to the company he was working at. He also negotiated with another competing company, promising to share confidential information in return for a job. As a result, Tan was charged with theft, unauthorized transmission, and unauthorized possession of a trade secret.


Another famous example of intellectual property theft resulted in several lawsuits between Tesla and their former employees. Among other things, the cases involved moving files related to Tesla’s Warp Drive software to an employee’s personal Dropbox account and leaking confidential information to a reporter.


Google has also been a victim of privilege abuse. One of their former employees, Anthony Levandowski, was charged with theft and attempted theft of trade secrets. Levandowski managed to download more than 14,000 files containing critical information about Google’s autonomous vehicle research before quitting his job.


Human errors


Data breaches that occur because of employees are not always caused by malicious intent. Often, employees make dangerous mistakes due to carelessness, lack of cybersecurity awareness, or fatigue. And once a data breach appears, it may expose various types of confidential information, including IP.


Employees can expose sensitive information by:

  • Accidentally sending an email with IP data to the wrong person
  • Clicking on phishing emails that lead to malware injection
  • Forwarding data to personal email accounts
  • Taking sensitive data from the office (on a USB drive or laptop) to finish work at home
  • Sharing IP documentation data using unsecure services and messengers
  • Setting wide access rights for cloud-based documents with sensitive data
  • Neglecting an organization’s cybersecurity policies when setting passwords, accessing corporate networks, etc.


Accidental data breaches remain a significant problem. A study by Egress Software Technologies revealed that 83% of security professionals believe that employees have put sensitive information of customers and businesses at risk of exposure through errors.


According to Ponemon’s 2020 Cost of Insider Threats Global Report, 62% of cybersecurity incidents involve a negligent employee or contractor. The total costs of such incidents add up to an average of $4.58 million per year per organization.


Dealing with stolen IP is a long, expensive, and exhausting process. Organizations need to prove the fact of IP theft and put lots of effort and money into lawsuits. Even if they win, the legal wrangling may take years.


Therefore, it’s best to keep your patents, trade secrets, copyrights, and trademarks as secure as possible. Let’s explore seven efficient practices that will help you to prevent IP loss.

Read also: How to Prevent Human Error: Top 4 Employee Cyber Security Mistakes

7 best practices to prevent intellectual property theft


How to protect your intellectual property?


Securing your IP means ensuring the protection of sensitive data within the corporate IT environment and physical spaces (securely storing printed and signed contracts, for example).


In this article, we focus on securing IP in digital space. Let’s explore how to do that in detail:


1. Identify the most valuable data


To protect your intellectual property, you must know exactly what IP you have and where it’s located.


Make sure all employees clearly understand what data is the company’s intellectual property and why it matters to carefully handle it. To do that, ensure communication between executives and all departments (HR, marketing, sales, R&D, etc.) so everyone is aware of the importance of IP and can adequately identify and protect it.


Identifying your IP is crucial because otherwise you can’t secure it by applying relevant policies and procedures. When identifying the locations of IP, pay attention to both physical and digital locations, including:


  • Cloud applications and file sharing services
  • Corporate networks, servers, and storage drives
  • Employees’ personal devices
  • Third-party systems and applications
  • Printers, copiers, scanners, and fax machines


2. Review user access to IP


A periodic review of user access to sensitive data is a great practice that helps you reduce the risk of privilege abuse and security breaches. A user access review aims to limit users’ access to critical data and resources to information they need for their work routines. It re-evaluates user roles, access rights and privileges, and user credentials.


Say an employee changes departments within your organization and doesn’t work with IP-related data anymore. If their access permissions aren’t restricted after the switch, that employee may still access sensitive information, which is an insider threat risk.


To mitigate such insider threat risks and strengthen your access management, you can use privileged access management (PAM) solutions. For instance, Ekran System provides role-based access control to configure user roles instead of configuring each account separately. Also, it offers a manual access request and approval workflow for determining who can access what and when.


Read also: 7 Best Practices to Conduct a User Access Review

3. Find cybersecurity gaps and weak spots


Apart from reviewing user access rights, it’s highly recommended to regularly check your cybersecurity for gaps. The idea is to think like attackers, identifying what they will target in the first place and securing those places.


A proven tactic to find weak spots in your cybersecurity is to conduct a cybersecurity risk assessment. This evaluation will help you determine information assets that could be compromised by a cyberattacker and identify various risks to those assets. Apart from intellectual property, you should also assess how secure your hardware, networks, corporate devices, and customer and employee data are.


Once you identify cybersecurity gaps and weak spots, fix them and take measures to avoid potential flaws in the future. For instance, make sure to keep all your operating systems and software up to date and enable automatic software updates where possible.


Read also: Insider Threat Risk Assessment: Definition, Benefits, and Best Practices

4. Establish a data security policy


A strong cybersecurity policy ensures the protection of corporate assets and sensitive data, including intellectual property, by setting rules that your employees should follow.


To make sure your cybersecurity policy is comprehensive and efficient, consider including the following information:


  • Password management rules, including restrictions for reusing passwords across platforms
  • Clear rules on privacy settings for mobile applications and online accounts
  • Information related to the bring your own device policy
  • Information about employees’ accountability for the use of sensitive data
  • Security rules for working with corporate systems, networks, and other accounts
  • Rules related to downloading and installing software


Read also: Privileged Password Policy Compliance Overview: NIST 800-63, HIPAA, PCI DSS, GDPR

5. Monitor employee activity


Continuous employee monitoring helps businesses make sure all users work securely within the corporate network. Knowing that their actions are being watched, employees tend to stick to recommended cybersecurity practices and don’t risk visiting shady websites that can lead to malware downloads and data breaches. Also, in case of IP theft, user activity monitoring records can help speed up the investigation process, determining the impact of an attack.


Ekran System offers a wide range of monitoring capabilities for different types of users, including:


By keeping an eye on all parties that potentially may leak your IP data — inadvertently or on purpose — you can significantly minimize the risk of data theft. Ekran System provides user-friendly incident response opportunities, allowing you to set predefined and custom alerts for visiting certain websites, launching particular applications, etc. With these alerts, you can instantly identify a potential danger and investigate it in real time.


6. Prevent potential incidents


Apart from monitoring users, you should also leverage advanced technologies that can help you immediately prevent potential threats. One possible solution for this is called user and entity behavior analytics (UEBA).


UEBA is based on artificial intelligence algorithms that establish a baseline of user behavior and then automatically alert security officers in case a user is acting suspiciously. This can be a sign of a user’s malicious intent or a sign that the user's account was hacked.


Thanks to the UEBA module in Ekran System, you will be able to instantly notice abnormal user behavior and check whether it’s the result of a security incident before IP theft actually happens.

Learn more about Insider Threat Management

7. Educate employees


Since employees can threaten your intellectual property and other sensitive data, it’s extremely important to educate them about cybersecurity. By doing so, you have a better chance of preventing accidental data leaks.


In 2020, cybersecurity awareness among employees became even more relevant with the forced shift to remote work. As a result, the people-centric approach to security became a trend again, prompting businesses to make people their defence. This approach states that it’s better to put efforts into providing employees with relevant cybersecurity education and showing workers that an organization trusts them rather than emphasizing restrictive security controls.


To ensure cybersecurity awareness, you can try different practices, including the following:


Also, consider helping your employees learn how to recognize and avoid phishing attacks, since phishing remains one of the most popular tactics for cybercriminals.

Read also: Insider Threat Awareness: What Is It, Why Does It Matter, and How Can You Improve It?



Cybercriminals and malicious employees often target corporate intellectual property, since it can be quickly monetized. In the digital era, they have lots of opportunities to unnoticeably copy trade secrets, patents, copyrights, and trademarks and sell them to competitors. However, this doesn’t mean that you can’t protect your IP and other sensitive data.


We hope that the security practices listed in this article will help you strengthen your cybersecurity posture and prevent IP data theft. If you’re ready to start monitoring user activity and boost your insider threat protection, request a 30-day trial of Ekran System and see how it works.


Whitepaper on insider threat program