Michael D. Moberly August 30. 2010
As the respected consultant and researcher Karl-Erik Sveiby once noted, ‘my argument about the value of information is not that it is wrong to regard information as being valuable, rather, it’s that we should reconsider our mindsets about its value’.
Of course, from my perspective, having been engaged in safeguarding information-based intangible assets for a significant portion of my professional career, I still sense the prevailing, all be it, naive ‘talk is cheap’ mindset is perhaps the single greatest challenge that companies and/or holders of proprietary information face.
There’s little question, people (employees) enjoy – variously receive some pleasure talking to others about their work. And today, there is such an array of platforms, in addition to verbal, that provide people with opportunities to convey, often times in very specific detail, their work related projects, activities, travels, etc. Of course, most companies with a modicum of understanding (appreciation) for their vulnerability to the leakage of proprietary and/or sensitive information, now endeavor to restrict information through social media platforms available.
A significant percentage of companies elect to address the proprietary nature of information via non-disclosure and/or confidentiality (employee) agreements. Typically, NDA’s are filled with a lot of do’s and don’ts but little contractual language is devoted to explaining to inquisitive twenty-something employees ‘why’ certain information should remain proprietary. I’m not talking, of course, about information and/or data that is mandated to be kept free from breaches via HIPPA or other regulatory mandates.
In most instances, the answer to the ‘why’ question lies in the fact – business reality that the (protected) information contributes to delivering value, revenue streams, and competitive advantages to a company so long as it does not enter the public domain.
While I’m confident they exist, I have yet to see NDA’s and/or confidentiality agreements that address the ‘why’ in this manner, in other words, acknowledge that the information to be kept proprietary and/or secret produces value to the company, and if it were to become something other than proprietary or secret, there is a reasonable probability the associated competitive advantages, value, and/or revenue streams would be lost, undermined, or erode fairly rapidly.
The ‘information security-protection’ literature is replete with the views and experiences of countless practitioners, along with various ‘insider’ theft of proprietary information studies. etc. Thus, I suspect I am hardly the first to raise – frame the issue in this manner.
I suspect, in this social media era, assuming a twenty-something employee fully appreciates the connection between signing an NDA during their employee orientation process and the (real and contributory) value of that information, which in most instances, they have yet to see, let alone access, is a fairly weak assumption.
I remain skeptical therefore, that employees who seemingly find it both acceptable and desirous to post sometimes intimate and daily details about their life, and the life of ‘friends’ on their social media platforms will become information asset protection (security) zealots overnight.
Let’s be clear, this post is not about trying to pigeonhole all twenty-something employees as being naive and potential information leakers. Rather, I’m merely saying that it would be prudent, and ultimately more effective, to devote an appropriate amount of time discussing ‘the value of information’ as an component of employee on-boarding processes.
Ester Dyson, a reknown information technology consultant, once said on a related matter, that ‘the trick (to information asset protection) may not lie in trying to control the number of copies, or even the ability to copy for that matter, rather it may have more to do with influencing a relationship with originators and users of information’. For the 90+% of new and existing employees, whom studies assure us will never become an ‘information leaker’, I agree!
The ‘Business IP and Intangible Asset Blog’ is researched and written by Mr. Moberly to provide insights and additional views for company management teams, boards, and employees to aid in identifying, assessing, valuing, protecting, and profiting from their intangible assets. I welcome and respect your comments and perspectives at email@example.com.