You may have heard Google's Source Code IP was compromised late last year. It was a big deal and there were lots of speculation on the consequences. Their China offices were closed, complaints were lodged with the Chinese government, there was a lot of activity.
Now six months later, you must be wondering what is Google doing to stop IP theft?
Suprisingly the proposed solution is pretty simple, stop using the software that was compromised to access the IP. In this case, there are rumors of Google ditching Windows. The FT article reports that "Employees wanting to stay on Windows required clearance from “quite senior levels”, one employee said. “Getting a new Windows machine now requires CIO approval,”
The article also says "Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems. The greater number of attacks on Windows has much to do with its prevalence, which has made it a bigger target for attackers.
Google has their own operation system (Chrome) to use, not an option for majority of software developers Windows remains the most popular operating system in the world by a large margin, with various versions accounting for more than 80 per cent of installations, according to research firm Net Applications.
So how do you plan to protect your IP? Follow Google's lead?
Or do you need to protect IP in your current environment or can you afford to change platforms to keep your IP safe.
What if this next platform gets compromised? Do you keep moving? Can you afford to?
Chaperon customers will now have the option to secure their digital IP with Iron Mountain Digital, the world's leading provider of information management services for data protection and recovery, archiving, eDiscovery and intellectual property management.
Chaperon’s initial offering will allow:
Companies that are outsourcing/off-shoring their software development to archive their source code to Iron Mountain Archival Service Platform via Chaperon Secure™ Vaulted Repositories for enhanced business continuity/disaster recovery.
Small businesses to use the Iron Mountain Archival Service Platform to archive sensitive email attachments and files transmitted via Chaperon Secure™ Managed File Transfer/Attachment for better compliancy, auditability and regulatory documentation.
Given Iron Mountain’s focus on security, privacy, scale, access and cost-savings, their Archive Services Platform goes beyond standard cloud computing by delivering:
Risk reduction through secure backup and archiving, information protection, simplified legal discovery and increased compliance
Cost reduction through the elimination of capital investments for storage
Rapid access to information for legal discovery, regulatory compliance, audits, business continuity and disaster recovery
Exceptional search, recovery, destruction of data and file restoration capabilities
The Iron Mountain IP Archival Option is now available directly from Chaperon and through Chaperon’s approved delivery partners.
For additional details, visit: http://www.prweb.com/releases/Chaperon/IronMountain/prweb3997064.htm
Stories of targeted attacks on IP continue to bombard the news.
“A hack attack that targeted Google in December also hit 33 other companies, including financial institutions and defense contractors, and was aimed at stealing source code from the companies, say security researchers at iDefense.”
More at: http://www.wired.com/threatlevel/2010/01/google-hack-attack/
“The scope of this is much larger than anybody has every conveyed,” says Kevin Mandia, CEO and president of Virginia-based computer security and forensic firm Mandiant. “There [are] not 50 companies compromised. There are thousands of companies compromised. Actively, right now.”
More at: http://www.wired.com/threatlevel/2010/02/apt-hacks/#ixzz0fAJeb0HD
“If you’re a law firm and you’re doing business in places like China, it’s so probable you’re compromised and it’s very probable there’s not much you can do about it,” Mandia says.
More at: http://www.wired.com/threatlevel/2010/02/apt-hacks/#ixzz0fAK1RdRX
And this is nothing new….
More than one-third (34 percent) of U.S. companies in a recent survey* said they had investigated a violation of data protection regulations or privacy in the past year. More than one-third also said customer data was exposed or stolen, and 28 percent said they had been hit by exposure or theft of their intellectual property.
Are you concerned about your exposure? Let us help you start the journey to make sure that you don’t becomes tomorrow’s headlines.
To learn more about how Chaperon solutions can help protect you or your clients, check out our website or Contact us for a free consultation.
* Proofpoint's "Outbound Email and Data Loss Prevention in Today's Enterprise" survey. http://www.proofpoint.com/id/outbound/index.php
There has never been a clearer example of Corporate Darwinism than today’s economy. And there is no end in sight. The winners in this evolutionary process are not necessarily the strongest or the fastest, but rather those that can most effectively adapt to new circumstances.
To adapt, businesses need to quickly figure out how to outsource, off-shore, and virtualize the workforce to cut costs and find top expertise and talent within the global resource pool. These same businesses need to find new ways to work with each other and customers via distributed tools like software as a service (SaaS) and cloud computing.
This “survival of the fittest” atmosphere is posing serious threats to digital security. Company-sensitive information is exposed, leading to more copying, piracy, and theft. And the risk of losing vital software Intellectual Property (IP) has never been higher. The loss of these vital digital assets can mean the loss of a competitive advantage or even the loss of their business.
More than one-third (34 percent) of U.S. companies in a recent survey said they had suffered from the leakage of sensitive or embarrassing data in the past 12 months. Forty-three percent said they had investigated a suspected leak of sensitive data via email, and 34 percent had investigated a violation of data protection regulations or privacy in the past year. More than one-third said customer data was exposed or stolen, and 28 percent said they had been hit by exposure or theft of their intellectual property(1).
In July 2009, a Former Goldman Sachs computer programmer was arrested and charged with stealing codes related to a high-speed trading program that he helped develop. In March 2008, a former Motorola software engineer was stopped at O'Hare airport before boarding a one-way flight to Beijing with more than 30 compact data storage devices containing stolen files with $600 million worth of corporate secrets. Those thefts are reminders that almost every modern organization has some IP subject to attack and theft.
A 2009 Purdue University Krannert School of Management study concluded that, “Business failures, mass layoffs, decimated markets and a poor economic outlook will lead to a vastly increased number of financially desperate current employees and laid-off staff stealing valuable corporate information, both for financial gain and to improve their job opportunities.” In fact, forty-two percent of the study respondents said that laid-off employees are the biggest threat to their companies during this economic crisis.
Companies are clamoring for a solution that will allow them to adapt to this new economic landscape. Today, businesses are foregoing critical opportunities, incurring significant costs for proprietary solutions OR they are exposing their software IP and company-critical information. Businesses need a solution that helps protect their IP when developing software, during due diligence, in M&A cycles, during IP litigation, and within software escrow.
Chaperon’s patent-pending software security solutions provide protection for IP (source code) – no matter where it travels or who is working on it. Chaperon encapsulates and isolates IP at all times with an audit trail so it cannot be compromised:
Any time – While it is being worked on (e.g., coding, de-bugging, testing, compiling, inspecting & QA).
Anywhere – No matter where it goes (i.e., in-house, outsourced, near-shore, off-shore, in escrow or archived).
Stop staff/developers from leaving with critical IP.
Lower costs by giving them the ability to safely tap into global expertise via outsourcing, off-shoring and/or distributing the workforce.
Avoid costs by protecting against expensive IP theft lawsuits, damages, and security breaches.
Comply with governmental source code import/export regulations.
Protect investments and shareholder equity.
(1) Proofpoint: "Outbound Email and Data Loss Prevention in Today's Enterprise" survey. http://www.proofpoint.com/id/outbound/index.php