Counter Intelligence, Intelligence Protection, Counter Measures for Competitive Intelligence
Safeguarding information and data should be a major concern for any organization. Especially in times where electronic access and connectivity provide easy entrance, security measures should protect intellectual assets better than ever.
The Office of the National Counterintelligence Executive provides practical advice and materials like posters, brochures and documents from speeches to support counter intelligence efforts of the public and organizations of all types:
Getting Down to Basics
-
Obtain support for information security from senior management.
-
Do not waste resources protecting that which does not require protection.
-
Identify which information should be protected and for how long.
-
If extremely sensitive, material should be hand-carried or transmitted using encryption techniques.
-
To dispose of sensitive material, shred or make it unreadable.
-
Valuable company information must not be left unattended in hotel rooms. This includes hard copy and computer disks.
-
E-mail and voicemail passwords must be protected and changed frequently.
-
All sensitive materials must be removed from conference rooms and chalkboards and whiteboards erased after meetings.
-
Where possible, conduct background investigations on all individuals with access to sensitive information.
-
Obtain nondisclosure agreements from employees, vendors, and others with access to proprietary information.
Taking the Next Step
-
Ask new employees if they are obligated under any confidentiality or nondisclosure agreements.
-
Determine the monetary/competitive value of your information.
-
Develop information safeguarding guidelines that are practical and user friendly.
-
Get user input and buy-in when developing an information security program.
-
Ask knowledgeable employees what should be protected; they know the market and the competition.
-
Form a partnership with the organization’s legal and information systems departments to better address information security issues.
-
Identify and get the cooperation of senior stakeholders in key areas, such as technology, finance, personnel, and marketing.
-
Train and periodically remind - from the first day of work through the exiting process - the appropriate people why certain information needs protection and of the guidelines used to protect it.
-
Work with management to decide what access will be given consultants, subcontractors, and joint-venture partners.
-
Partner with the legal department and other to develop a process to review employee publications, such as papers and speeches including those to be placed on the Internet.
-
Use annual performance reviews to remind employees of their obligations.
Always Remember
-
The disgruntled employee is the greatest threat to your organization.
Telephone conversations, both fixed and mobile, are vulnerable to intercept. -
Information regarding the movement of your company aircraft, including routes and destinations, is available for sale on the Internet.
-
Be knowledgeable of your organization’s physical assets, information assets, and vulnerabilities.
