Travel Reference
In-Depth Information
Information of this type is also vulnerable if it isn't disposed of properly:
burned or shredded. You would be amazed at how frequently vital clues
are obtained during a criminal investigation by going through a suspect's
trash. An executive's wastebasket can be equally rewarding. Information is
easily obtained if documents with any sensitivity or proprietary informa-
tion are not secured at the end of the day. How difficult do you suppose
it would be for your competitor to hire an operative as part of your clean-
ing staff? Cleaners have access to every location in the facility and are
there when everyone else has gone home. They can copy or take impor-
tant documents, rifle through unlocked office drawers and filing cabinets,
and examine the garbage. Trained professionals can easily install a room
monitor or “bug” in a matter of seconds.
The first stage in creating an informational security system for your
company is to have each individual department conduct a security audit.
Each department head must first understand the type of information that
should properly be labeled as sensitive and subject to security regulations.
As a general rule, any information, process, procedure, practice, or per-
formance unique to your company that gives you a competitive advantage
falls into this class. With respect to operations abroad, the definition is a
bit broader. If certain types of information, skills, or techniques are not
commonly employed outside the American business community but
clearly make American industries more competitive in a given field, then
they should be included in this category. The information in question may
be quite commonplace in the American industrial sector but not abroad.
Any innovation, no matter how mundane, may provide an edge to your
company and should be guarded. Each unit manager carefully must con-
sider the individual operation with these parameters in mind and com-
pile a detailed list of anything unique that makes the company more
competitive against corporate rivals. Once these areas have been identi-
fied, an informational security specialist should be engaged to compile a
plan detailing the steps required to correct the noted deficiencies. Ideally
this evaluation should be part of an overall security and risk assessment
report. The recommendations of an overall site security plan will address
many of the concerns regarding the protection of information.
How can your company protect itself against such attempts at corpo-
rate espionage? A series of measures can and should be taken to secure
your company against such economic intelligence gathering (or just plain
