This preview shows page 1. Sign up to view the full content.
Unformatted text preview: rotection. Internal Protection of Intellectual Property
Ensuring that specific resources are protected by the previously mentioned laws is very
important, but other measures must be taken internally to make sure the resources that
are confidential in nature are properly identified and protected.
The resources protected by one of the previously mentioned laws need to be identified and integrated into the company’s data classification scheme. This should be directed by management and carried out by the IT staff. The identified resources should
have the necessary level of access control protection, auditing enabled, and a proper
storage environment. If it is deemed secret, then not everyone in the company should
be able to access it. Once the individuals who are allowed to have access are identified,
their level of access and interaction with the resource should be defined in a granular
method. Attempts to access and manipulate the resource should be properly audited,
and the resource should be stored on a protected system with the necessary security
Employees must be informed of the level of secrecy or confidentiality of the resource, and of their expected behavior pertaining to that resource.
If a company fails in one or all of these steps, it may not be covered by the laws
described previously, because it may have failed to practice due care and properly protect the resource that it has claimed to be so important to the survival and competitiveness of the company. Software Piracy
Software piracy occurs when the intellectual or creative work of an author is used or
duplicated without permission or compensation to the author. It is an act of infringement on ownership rights, and if the pirate is caught, he could be sued civilly for damages, be criminally prosecuted, or both. ch10.indd 863 12/4/2009 11:39:08 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 CISSP All-in-One Exam Guide 864
When a vendor develops an application, it usually licenses the...
View Full Document
This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.
- Fall '12