Rules For Romance

As companies set up more and closer alliances with vendors, an intellectual-property-protection system becomes critical. Certain types of companies are especially prone to theft: high-tech firms, those on a hiring binge, and corporations giving suppliers unrestricted access to computer systems, even inviting them to set up operations inside their own plants. Most vendors deserve to be trusted. Information-security systems help to prevent problems when management, the business climate, or a suppliers employees change for the worse. "When companies transfer technology, they should keep in mind that todays contractor could be tomorrows bidder against them," warns Richard Heffernan, whose Branford, Conn.-based company, R.J. Heffernan & Associates Inc., specializes in counter-espionage and protection of intellectual property. Following are four rules that security experts suggest corporations follow to protect themselves against problematic partners: 1. Make sure youre ready to begin dating. Perform an intellectual-property audit on your company to assess possible leaks. Is certain information stored in the lobby or other well-traveled areas that should be better hidden? Much of a business secrets go out through the trash, and the Supreme Court has ruled that garbage is essentially public property. Go through waste baskets of a few managers to see whats being thrown out. Find out what others are saying about your company and its trade secrets through commercial electronic databases and the Internet. Dejanews.com allows users to search discussions in online chat groups. Courts protect only those trade secrets that are treated as such -- that is, kept secret. Conduct an information security audit every two or three years. 2. Choose wisely. Force your partner to sign a "pre-nup." A number of manufacturers require suppliers to sign agreements covering ethical and legal uses of information and past improprieties. Clarify which information the partner has a right to see and with whom the partner can share it. If the supplier lies in filling out the agreement the manufacturer has legal recourse. Employees of partners also should sign confidentiality agreements protecting both the supplier and the client. 3. Reevaluate your relationship often. Many vendors serve masters in competing companies simultaneously. Ironically, the ability of a supplier to provide knowledge of the way another company functions often lands the job. "But when everyone becomes more focused on who owns the information and when mistakes [distributing data] can lead to a criminal filing, it becomes necessary to clarify relationships with precision," points out James Pooley, an intellectual-property attorney at Fish & Richardson PC. Review your information-security policies with all employees and suppliers, and do it every few years. 4. Break up if its not working out. If a suppliers employee violates an information agreements ground rules, notify the vendor. "Some manufacturers will have to turn over a few sets of employees working for a vendor," says Dan T. Swartwood, manager of information security for Compaq Computer Corp. When its supplier learned that an employee had stolen and tried to sell important information, PPG Industries Inc. managers wondered if they should sever the supplier partnership. "I got a call from another one of their major clients who was wondering if they should eliminate that supplier after they learned what happened with us," recalls Regis W. Becker, PPGs director of corporate security and compliance. But since the supplier in question had an excellent and lengthy track record and, after the theft, had hired a well-known investigation firm and aggressively promoted confidentiality agreements to all of its employees, PPG decided to hold onto the vendor. "We were happy with their response. It convinced us we didnt want to use somebody else," says Becker.