Information Security Program™
Keeping "Inside Information" Inside
Be secure on all fronts
Most companies spend significant time and
money on physical security with guards, ID badges and surveillance
cameras. The IT department worries night and day about network
security against hackers who may try to breach the firewall and
obtain sensitive files or wreak havoc.
Make no mistake, RivalScape supports good physical and network security one hundred percent.
But it is easy to overlook another essential element, a third pillar
of security that we find usually falls through the cracks: information
security. Information security is all about keeping the valuable
proprietary know-how that resides in your workforce right where
it belongs – inside the walls
of your company.
RivalScape believes it makes little sense to
develop an otherwise solid competitive intelligence program that
neglects to include a focus on internal information security. It
could mean that your company, especially your key knowledge workgroups,
are easy targets for your rivals’ collection efforts.
information flow – but only where it should
that your company must remain open and friendly to your customers,
prospects, suppliers and other groups with whom you do business.
We show you concrete ways to accomplish that essential goal while
simultaneously becoming opaque and hard to penetrate by those who
should not be getting information from your people.
Is your workforce
unwittingly capricious with your firm’s
valuable intellectual property? How confident are you that if
student” or “research firm” calls one of your
engineers or marketing people tomorrow asking for “help” on
a project, your employee won’t say things they shouldn’t?
What they say could easily go straight from your employee’s
mouth to your key competitor’s ear. This deceptive practice
is called “rusing” and it happens all the time in
a wide variety of guises to businesses large and small.
with a single point of focus
We always recommend certain general
solutions, such as creating an information security focal
point in the company, a one-person conduit to
receive all outside inquiries that arouse suspicion. However, each
security issues are unique. So we conduct an efficient information
security audit that includes interviews with key management and
short written surveys of selected employees. Quite often the best
ideas for identifying soft targets within your ranks and improving
information security come from middle managers and below, the people
most likely to observe and be concerned about information leaks
on a daily basis.
We then work closely with the person designated
as the focal point within the firm to create an ongoing Workforce
Information Security Program™ (WISP) that incorporates our
general solutions plus strategies and techniques customized to
your specific corporate issues. The employee selected to be the
WISP focal point becomes, in effect, the counterintelligence officer
for your firm. By having all questionable information requests
channeled to his or her desk, this person can spot any telling
patterns and trends that might emerge.
RivalScape will help you
launch the WISP with awareness briefings and employee training.
We also provide ongoing consulting to maintain and improve the
program, and to help you resolve any critical new information
security problems that may arise.