Policies InnoSensors Company Should Adopt to Safeguard the Sensitive Information on the Product - Report Example

Information Classification Schema Name Institutional Affiliation Information Classification Schema Executive Summary The main purpose of this report is to give the InnoSensors top management on the measures they need to put in place to protect their sensitive information about their products from being accessed by unauthorised persons, mostly their competitors. Access to such information can lead to great financial loss or lower customer confidence in used maliciously.In the report, the Information Security Management team has given an introduction to the InnoSensors and their services over the years. It also gives the problem at hand that need to be addressed quickly as InnoSensors are launching a new project in 6 months, and there are fears that if the product development information reaches the unauthorised persons it can be a big blow to the company due to the upcoming investors.The information security team has in the report reviewed the intellectual property rights and product information protection under the Federal laws. A suitable information classification scheme has been developed in the report that categorises the various classes of information based on their vulnerability and sensitivity. The scheme also gives the measures to be taken so as to safeguard the sensitive information from being accessed by unauthorised persons. An information classification policy is also outlined in the report. Table of Contents Introduction 4 InnoSensors 5 Product Protection and Intellectual Property Rights 5 Information Classification Scheme 6 Unclassified Public 7 Client Confidential Data 7 Company Confidential Data 7 Company’s Top Secret Data 7 Information Classification Policy 8 Conclusion 9 References 10 Introduction The innosensors product information protection report provides a researched plan how to protect the product development information for the new product-The Total Health Monitor- and many other products developed by InnoSensors now and in future. The report outlines the various categories of information of a product and the company by coming up with an information classification scheme that will be used by the management so as to ensure that the company’s top secrets or trade secrets will not land in the hands of their competitors or unauthorised persons. Furthermore, the report gives the policies that InnoSensors Company should adopt to make that the sensitive information on the products and development procedures are properly safeguarded, that is, policies that will govern information access. In the report, there the key vulnerabilities have been identified and proper framework to keep the risk bay developed. In addition, a legal framework is established to enable the protection of the information through the laws that govern the protection of corporate information. In the report, the InnoSensors Information Security Management has made several assumptions. These assumptions include that all the InnoSensors staffs, which include junior and senior, are all company associates. The InnoSensors Company has adopted a lab specialization method in the employees where each employee performs a specific role permanently. Further, the InnoSensors Company has adopted a standard organization and management structure. To sum it up the scope of the report involves; the information classification scheme, the information security plan, the product information vulnerabilities and their remedies. InnoSensors InnoSensors in the most trusted companies in the production of health monitoring devices especially for use at home by the elderly. They are reputed in the development of first class medical equipment due to their high-end technology and highly competent team.In the last five years InnoSensors has dominated the market alone, but recently competition from another company and smartphone apps has set in. Due to this, InnoSensors with their advanced technology have come with a new product that will be unveiled to the market in the next six months. The product, ‘The Total Health Monitor’, will have the capability to monitor all other health-monitoring gadgets at home. However, to keep InnoSensors leading in this niche the product development information and their intellectual property of this product and other products must be a top secret and must not be disclosed to any unauthorised persons. Therefore a product development information security scheme needs to be developed to safeguard their prized information they have gained through their vast experience throughout the years. Product Protection and Intellectual Property Rights The US department of justice protects the individuals and Organizations from the theft of their trade secrets under the Economic Espionage Act in the Federal laws (Gangopadhyay, 2012). This gives the companies full protection of their ideas and innovations. However, proper classifications of information need to be put in place by the company (Fan, Gillan & Yu, 2013). This will give a clear guideline on the type of information that will be regarded as secretive and that which be given to the public. Information Classification Scheme InnoSensors is a large company that boasts of clients from all over the world. This is attributed to their quality health monitoring electronic gadgets. The company has also been in the market for the last five years, thus has a lot of experience in this field in addition to the heavy investments in their research team. Therefore, it is critical for the company to set standard procedures and measures to protect the information assets from unauthorised access, compromise and disclosure (Riedl, Gascher & Neubauer, 2007). Consequently, the InnoSensors Information Security Management team has come with an information classification scheme that will be adopted by the company to guard its information. The team has categorized information in the following ways: Unclassified Public This is the information about a product or the company that is not confidential. It can be given to the public without any implications to the company. Such kind of information will be found on the company’s website, brochures, marketers and advertisements. The financial reports that are required by the regulatory bodies are also classed in this category. Client Confidential Data This is the information that has been received from clients. It can be a purchase or production or any other form of the transaction the client can make with InnoSensors. The original copy of such transaction must remain confidential to the authorised persons only. This also includes the information about the client that is stored in the company’s electronic database (Acemoglu, Gancia & Zilibotti, 2012). Company Confidential Data This is the information that InnoSensors has collected and uses the kit to conduct its business; employ people, manage all the corporate finance aspects and fulfil the clients’ needs (May 2013). This also includes personnel data and their salaries, confidential contracts, confidential customer data, non-disclosed agreements either with clients or other companies, company business plans and internal financial and accounting reports. This information should be very restricted within the company. Only the top management and few other authorised personnel should be allowed to access this information. Company’s Top Secret Data This is the most guarded information in the company. It includes company’s standard operating procedures that are used by the company, product development procedures, passwords, and information on password security processes. It also incorporates software codes developed by the company either for internal use or sold to clients and all technical information about a product (Ahmad, Bosua, & Scheepers, 2012). This information is restricted to a few people that the top management has entrusted it to them. This information is highly vulnerable since it is most sought by competitors and other persons in the market (Basavapatna & Chebiyyam, 2012). Access to this information by unauthorised persons may lead to ineffectiveness to the operations the company, cause great financial loss to the company or cause a significant gain to the competitors. To further safeguard InnoSensors top secret data, the Information Security Management team should recommended vital product information to be kept in data fragments that are not ordered to make sure that they are not interpretable in case the data is stolen. This measure will create comprehensive protection scheme against abuse of sensitive product data either internally or externally (Bhogal, Hu, & Sidhu, 2012). Information Classification Policy To make sure that all InnoSensors Company information assets are given the appropriate level of protection this information classification policy should be observed by all company associates (Zuk et.al, 2013) 1. The InnoSensors managers are the information, owners. Assigning of the information assets in the above standard scheme will be their responsibility. 2. The category of information shall be joined to the information, where applicable. 3. All the InnoSensors associates shall be trained on secure handling of information by the Information Security Management team in their various levels of information category. 4. Any employee who discloses sensitive information to unauthorised persons will be considered as aiding intellectual property right infringement or disclosure of private information and will be prosecuted. Conclusion From the report, a clear definition of the problem has been achieved which is the main subject of the report. The InnoSensors Information Security Management team has clearly outlined the vulnerable pieces of information that need to be safeguarded for the success of the company. The report also gives clear categories of information. This information classification scheme is a major success in the report as it carries the major purpose of the report. Besides, the report has also outlined a standard policy that needs to be adopted by the company so as to achieve its goal; protecting vital product development information. The adoption of this report could be a major milestone in the InnoSensors company in their step towards ensuring their trade secrets are kept safe and remain competitive all through. References Acemoglu, D., Gancia, G., & Zilibotti, F. (2012). Competing engines of growth: Innovation and standardization. Journal of Economic Theory, 147(2), 570-601. Gangopadhyay, K., & Mondal, D. (2012). Does stronger protection of intellectual property Stimulate innovation?. Economics Letters, 116(1), 80-82. Fan, J. P., Gillan, S. L., & Yu, X. (2013). Innovation or imitation?: The role of intellectual property rights protections. Journal of Multinational Financial Management, 23(3), 208-234. May, C. (2013). The Global Political Economy of Intellectual Property Rights: The New Enclosures? (Vol. 3). Routledge. Riedl B, Gascher V, Neubauer ( 2007) T, A secure e-health architecture based on the appliance of pseudonymization, Secure Business Austria Research Ahmad, A., Bosua, R., & Scheepers, R. (2014). Protecting organizational competitive advantage: a knowledge leakage perspective. Computers & Security, 42, 27-39. Bhogal, K. S., Hu, T., Ishmael Jr, N., & Sidhu, M. S. (2012). U.S. Patent No. 8,205,078. Washington, DC: U.S. Patent and Trademark Office. Basavapatna, P. G., & Chebiyyam, G. K. (2012). U.S. Patent No. 8,199,965. Washington, DC: U.S. Patent and Trademark Office. Zuk, N., Wang, S., Leung, S. W., & Gong, F. (2013). U.S. Patent No. 8,565,093. Washington, DC: U.S. Patent and Trademark Office. Read More