Information Classification Schema - Case Study Example

Information Classification Schema Name: University: Date: Table of Contents Information Classification Schema 1 Table of Contents 2 Executive Summary 2 Introduction 3 Protection of the Product Development Information 4 Confidential Schema 5 Information That Is Associated With the New Product 6 Marketing 7 Vulnerabilities 8 Countermeasures 10 Conclusion 13 References 14 Executive Summary It is acknowledged widely that the specialised technology industry is experiencing serious challenges attributed to failure to protect product development information. A number of specialised technologies have lost patent protection and are currently generic making the pipeline of novel technology too sparse for filling the existing gap as well as generating a basis for future growth. Undeniably, the intellectual property of a company’s product, whether it is a trade secret, patents or merely the worker know-how, can be more valuable as compared to the physical assets. Improvements to this developing process are intended to improve efficiencies, accelerate time to market as well as improve the medical results quality. Still, there is one crucial constant that remains, the need for intensive, well-timed intellectual property due diligence. InnoSensors must espouse a common set of relationships as well as terms so as to communicate clearly as well as start to classify types of data. Through information classification schema, InnoSensors may generally prepare to classify the impact and risk of an incident with regard to the type of information. The information classifications (confidential, internal, public,) offer a platform for establishing the impact based on the type as well as the level of access to information. Collectively, information classification together with the level of access steers the business impact that consequently define incidents’ reaction, intensification as well as notifications. This report outlines how InnoSensors’ product development information can be protected now and in the future, and also identifies all information related the new product in terms of the marketing and the company clients. Confidential information protection across the enterprise is an expedition instead of a one-time experience, and it essentially needs a systematic way of identifying sensitive information; comprehending present business processes; as well as monitoring internal and outgoing communications. Introduction According to Fowler (2003), there is a growing need for companies to protect their financial as well as customer information. Recently, information technology has been used by terrorists as a weapon to cripple the financial system. Besides that, the Internet is being utilised growingly for important business transactions, and therefore, transacting business through the Internet devoid of suitable protection measures puts both the company and consumer information at substantial risk of theft and fraud (Rainer & Turban, 2008). The technology sophistication, information complexity as well as the increasing number of solutions has made information protection a discouraging task. In essence, technological innovation is considered to be a key factor of business success (More, 2011). Therefore, InnoSensors is inclined to gain greater benefits from technological innovation if they take into account the various intellectual property issues while developing their new electronic monitor. Utilising the IP system tools effectively can help InnoSensors reduce risk and enable the company to take its new product to the market easily, while simultaneously improving the company’s competitiveness. The paper focuses on protection of InnoSensors’ “the Total Health Monitor” development information. Protection of the Product Development Information As stated by Drummond and Ensor (2006), product development spawns information, which is crucial to the success of the business, and therefore, the information must be protected and managed effectively. A number of health devices companies have developed and put proactive intellectual property strategies into practice, aligning them with business strategies and innovation so as to capitalize on the potential value of the information created through the process of product development (Industry Canada, 2012). Managing intellectual property issues from the first phase of product development, examining the intellectual property of the product continuously, and finding suitable tools at every phase are some of the key factors to a successful intellectual property strategy. Immediately, an idea starts to manifest into a real product, it may turn out to be the inventor’s intellectual property to which exclusive rights are applicable. As mentioned by Yritys-Suomi (2012), the most effective way of retaining exclusivity to an innovation or idea is by making sure competitors are uninformed. Undeniably, confidentiality is crucial while processing ideas, therefore product ideas should only be discussed with trustworthy individuals and, if need be, make confidentiality certain by means of agreements. Immediately, InnoSensors’ Total Health Monitor start taking tangible and visible shape, the company should start planning how innovative efforts directed to the new product can be exploited within the market place under exclusive rights. Trademark, utility model, patent and design are currently the most common industrial rights, and if a holds any of such rights then the company may forbid other companies from utilizing the protected creation for purposes of profit-making. Confidential Schema Basically, information classified as ‘Confidential’ is considered sensitive, and if altered inappropriately or is access, disclosed or used without authorization, it can result in considerable (Stewart, Chapple, & Gibson, 2012). In the confidential schema, information is classified as highly sensitive designed for certain use by the group of persons with a valid permission. In this case, a clear authorization from the top management is needed so as to access due to privacy, contractual, legal, or other limitations. Confidential information if made accessible to unauthorized parties such as competitors can unfavorably have an effect on InnoSensors. This form of information classification includes information that the company needs to keep confidential, either through confidentiality agreement or by law (Whitman & Mattord, 2013). Product development information must be protected against modification or unauthorized disclosure. The information must be utilized only when needed for purposes of business and must be protected at all cost. As the owner of the information, it is the duty of InnoSensors to designate the product development information as confidential since the company neither is yet to release the product and has not made any public statements. The Persons as well as departments tasked with creating the new electronic monitor must clearly designate the product development information by visibly marking the documents’ electronic version and hard copies as confidential (Boston University, 2012). Therefore, the persons who receive the information marked as confidential must take the needed steps so as to protect it. Information That Is Associated With the New Product In the current society that is progressively more tech-savvy, it is unsurprisingly that the most valuable products for aiding elderly people as well as caregivers are technologies that aspire to make the daily life easier as well as makes health monitoring a quick. Health Monitoring technologies are used only in a few homes, mainly because of the privacy issue. Most health monitoring devices come in a comprehensive package that may include devices for tracking respiration, weight or blood pressure. The approaching wave of elderly Australians increases the need for nursing home and assisted living facilities, and this will in the future make it hard for all elderly people to be accommodated in these facilities, especially for those who will need a more structured care. Observably, high-tech devices such as motion sensors can assist in covering the shortfall, enabling elderly persons to live self-sufficiently for many years. The number of Alzheimer’s sufferers is growing, and therefore the demand for health monitoring devices is expected to grow (Vecchione, 2012). With health monitoring devices, an elderly person may, for instance, utilise the monitoring device for recording his/her blood glucose or heart rate and then use the Smartphone for data storage (Obi, Auffret, & Iwasaki, 2012). Marketing As observed by MarketsandMarkets, an increasing number of elderly people in addition to the growing compactness of health equipment will assist the global market for patient monitoring devices to exceed 22 billion US dollars by 2018 (Bowman, 2014). The growing rates of lifestyle-related diseases will as well accelerate the market's growth. In 2013, the market was valued at 17 billion, and is growing at a rate of 5.5 percent annually. The North American as well as Asia-Pacific markets are expected to experience a high growth rate while the European markets a key market for health monitoring devices is expected to experience a sluggish growth rate. Still, the declining rates of birth, uneven reimbursement policies as well as the lower number of care facilities will increase the demand for health monitoring devices. Besides that, a permutation of factors such as the increasing elderly demographic together with technological, social, and economic developments have steered demand as well as investment for health monitoring devices, which may subsequently improve and extend in-home care (Panagiotakopoulos, et al., 2010). The health monitoring devices market is changing from offerings that focus on safety toward health monitoring offering for elderly living in the care homes or their own homes. According to ABI Research (2012), health monitoring devices will increase by over 36 million before 2017 as compared to the 3 million units in 2011. The capability of leveraging wireless communications in a way that provide comfort can help in extending the elderly ability to live self-reliantly as well as will help care givers offer efficient care. The health monitoring devices market can be divided into several segments, that is, weight management, temperature, cardiac, neurology, respiratory, hemodynamic, as well as remote patient monitors. The market is driven by the growing size of elderly population, increasing rates of unhealthy lifestyle, as well as technological advancements such equipment portability. In view of this, the cardiac monitors currently hold the biggest market share, but the neurology segment will be the leading segment by 2018. Vulnerabilities The threats to InnoSensors’ new electronic monitor are immense, and theft of information about the new product can negatively impact the company’s economic well-being through brand dilution as well as lost profits. A number of counterfeits can pose threats not just to the company but also to the safety and health of the end-users (Lewis, 2010). Violations of particular intellectual properties, which include exploitations of computer network from counterfeit devices pirated software as well as theft of confidential product development information, pose threats to InnoSensors wellbeing. According to National Intellectual Property Rights Coordination Center (2011), the products types being counterfeited as well as the methods utilised to counterfeit them are turning out to be more and more refined. This threat has shifted to primary market from the secondary market, where end-users knew they were buying counterfeit goods, but now they are being deceived by the retailers to believe that the goods they are purchasing are genuine. Increasingly, counterfeiters are now exploiting the vulnerabilities of the supply chain or are developing another supply chains so as to avoid the standards, which make integrity of supply chain certain (Miller, 2013). Furthermore, the considerable proliferation in utilisation of the Internet across the globe has exacerbated the threat, offering counterfeiters easy access to end-users, enabling deception concerning the nature of the products provided, as well as changing the ways through which counterfeit products are accessed by the end-users (Guin, Carulli, & Makris, 2014). Evidently, utilisation of Internet has augmented the accessibility of counterfeit products across the globe. Even though, there are a number of reasons why intellectual property violations are committed, Anderson (1998) posits that the main motivator is earning a profit and a completive advantage. Besides that, offenders think stealing intellectual property is low-risk crime since they think that chances of being apprehended are fairly low. Offenders who partake in intellectual property violations includes: small groups; members of general criminal enterprises, as well as their subset organized crime groups as well as individuals; insiders working for competitors; actors of foreign governments among others (Spink, Moyer, Park, & Heinonen, 2013). Such offenders take part in different stages of the production, distribution, as well as sales of infringing products. Besides that, criminal organizations are taking part in stealing product development information and intellectual property due to the growing intricacy of the infringing business (Toren, 2003). A number of companies understand the significance of risk management as well as vulnerability, but do not have the needed tools as well as sufficient staff to help protect the intellectual property and information created through product development process. By merely setting out security solutions so as to maintain compliance, a number of vulnerabilities may face the organisation: Lack of visibility, fragmented security solutions may lack far-reaching visibility and consequently generate outcomes that have to be integrated, interconnected and reconciled so as to remain useful. Presently, organizations require solutions that can be installed easily, offer prompt time to value, as well as convey a consolidated interpretation of the whole information technology environment where every form of device is vulnerable to attack (IBM Software, 2014). Vulnerability is also brought about by inconsistent information: Disjointed processes normally offer stale or conflicting information concerning configurations, malware signatures as well as patches. In consequence, this makes precise compliance reporting almost impossible since different teams find it hard to collaborate in managing critical vulnerabilities and risks given that event prioritization as well as correlation across tools is normally not supported. Countermeasures The InnoSensors new electronic monitor information can be protected through a confidentiality agreement, which normally is utilized for protecting any unknown information. Essentially, it is certainly the formation of a confidential relationship, where the terms have been defined in the agreement. Also identified as Non-disclosure Agreement (NDA), a Confidentiality Agreement according to Scharfman (2012) is an agreement between two or more persons where they agree that the exchange of information will remain secret. Therefore InnoSensors through Confidentiality Agreement can protect information about the new electronic monitor from the healthcare providers, the media as well as their main competitor. The involved parties’ confidential relationship in InnoSensors case should be through mutual agreement, where every party is responsible for maintaining the secrecy of the new electric monitor. Importantly, the confidentiality agreement should be utilized to stop workers from disclosing secret knowledge before the company release the product or makes public statements (Pittard, Monotti, & Duns, 2013; Jolly & Philpott, 2012). InnoSensors should support its trade secrets with confidentiality agreements that have been signed by all people who have knowledge about the product development information. In this case, if the agreement is infringed the company will have evidence of what they had settled for and protection by means of the law. The company should make confidentiality agreements only with parties with whom it wished to impose a confidence obligation on, concerning the disclosure as well as use of the new electronic monitor confidential information. InnoSensors’ confidentiality agreement must: develop a confidentiality obligation restricting information disclosure about the new electronic monitor, limiting information access and defining explicitly information that must be kept confidential. If all these points are covered by the InnoSensors’ confidential agreement, then the company will easily defend its rights in case the confidentiality is infringed. Below there are a number of steps that InnoSensors must follow so as to protect the product development information and its intellectual property: Step 1: Identifying and prioritizing the confidential information Many companies lack knowledge on how they can start protecting their confidential information. However, information classification through confidentiality and value can help InnoSensors prioritize the information that should be secured first. In this case, employee record systems as well as customer information systems should be the starting point since merely a few systems can update such information. The subsequent step should be securing unstructured information like customer correspondence, financial releases and contracts. Step 2: Performing risk assessment and examining the existing information flows It is imperative for InnoSensors to understand its present workflows, both in practice as well as procedurally so as observe the flow of how confidential information across the organization. At this stage, InnoSensors should identify the key business processes, which entail confidential information and list it as an up-front exercise, but for them to determine the leakage risk they must carry out an more comprehensive examination. Step 3: Determining suitable policies for information access, distribution and usage In terms of risk assessment, InnoSensors can swiftly craft policies for distribution, specifically for different forms of confidential information, and such policies must precisely govern who can access, receive or use information created through product development process, and manage implementation of actions for infringements of such policies. Step 4: Implementing enforcement and monitoring system Undeniably, the capability to enforce as well as monitor policy observance is important for protecting confidential information resources. At this stage, InnoSensors must establish control points for monitor information traffic and usage, authenticating observance to distribution policies as well as carrying out enforcement actions if these policies are infringed. Importantly, the monitoring systems have to successful in identifying threats as well as preventing them from surpassing the control points. Because of the vast volume of digital information within the contemporary workflows of the organization, such monitoring systems must have dominant identification capabilities so as to circumvent false alarms and should also be able to top traffic that have not been authorized. Numerous software products are able to offer the means of monitoring the channels of electronic communication for confidential information. Step 5: Reviewing the progress occasionally To achieve the needed effectiveness, InnoSensors must review their polies and systems regularly. By employing the monitoring systems’ visibility provided, InnoSensors can advance worker training, steadily eradicate vulnerabilities and expand the deployment. Besides that, the existing systems must be reviewed comprehensively in case of a violation so as to examine failures within the system and to identify apprehensive activities. The company can also use external audits to review for threats as well as vulnerabilities. Most companies normally put security systems into practice but fail to examine incident reports arising. The company can protect its confidential information through regular system benchmarking. Conclusion In conclusion, using confidential information classification scheme, the report paper has explained the vulnerabilities to the new InnoSensors’ electronic device and has offered appropriate protection mechanism. As indicated in the report, scores of companies see initiatives such as information classification as well as risk analysis, crucial for tying protection measures to the needs of the business, to be exceedingly costly as well as unnecessary. Rather, they rely on organizations that offer IT support to classify the information that must be protected, the needed protection level, and countermeasures. In consequence, this result in ineffective as well as inefficient plans for information protection that often fails to address the business need for the company. Without a doubt, developing an improved or new product offers the company an opportunity to get an improved competitive advantage. Undeniably, the intellectual property system plays an important part in facilitating the business to retain as well as gain completive advantage. As pointed out in the report, InnoSensors should use confidentiality agreements to protect its product development information and intellectual property. References ABI Research. (2012, July 12). Home Monitoring for Seniors Will Drive 36 Million Wearable Wireless Device Market. Retrieved from ABI Research: https://www.abiresearch.com/press/home-monitoring-for-seniors-will-drive-36-million-/ Anderson, J. (1998). Plagiarism, Copyright Violation, and Other Thefts of Intellectual Property: An Annotated Bibliography with a Lengthy Introduction. Jefferson, North Carolina: McFarland. Boston University. (2012, Decmber 16). Data Classification Guide. Retrieved from Information Services & Technology - Boston University. Bowman, D. (2014, April 25). Growth of elderly population to fuel patient monitoring market growth. Retrieved from FierceHealthIT: http://www.fiercehealthit.com/story/growth-elderly-population-fuel-patient-monitoring-market-growth/2014-04-25 Drummond, G., & Ensor, J. (2006). Product Development Cycle Time and Commercial Success. New York: Routledge. Fowler, S. (2003). Information Classification - Who, Why and How. Fredericksburg, VA: SANS Institute. Guin, U., Carulli, J. M., & Makris, Y. (2014). Counterfeit Integrated Circuits: A Rising Threat in the Global Semiconductor Supply Chain. Proceedings of the IEEE, 102(8), 1207-1228. IBM Software. (2014). Managing security risks and vulnerabilities. Sydney: White paper. Industry Canada. (2012, July 25). Product Design, Research and Development: A Canadian Manufacturing Perspective. Retrieved from Industry Canada: http://www.ic.gc.ca/eic/site/dsib-dsib.nsf/eng/oq01806.html Jolly, A., & Philpott, J. (2012). The Handbook of European Intellectual Property Management: Developing, Managing and Protecting Your Company's Intellectual Property. Delhi: Kogan Page Publishers. Lewis, K. (2010). The Fake and the Fatal: The Consequences of Counterfeits. The Park Place Economist, XVII, 47-58. Miller, J. F. (2013). Supply Chain Attack Framework and Attack Patterns. McLean, Virginia : The MITRE Corporation. More, R. (2011, August). What is success in innovation? Retrieved from Ivey Business Journal: http://iveybusinessjournal.com/publication/what-is-success-in-innovation/ National Intellectual Property Rights Coordination Center. (2011). Intellectual Property Rights Violations: A Report on Threats to United States Interests at Home and Abroad. Washington DC: National Intellectual Property Rights Coordination Center. Obi, T., Auffret, J., & Iwasaki, N. (2012). Aging Society and ICT: Global Silver InnovationAging Society and ICT: Global Silver Innovation. Fairfax, VA: IOS Press. Panagiotakopoulos, T., Antonopoulos, C., Koutalieris, G., Kalantzis, P., Theodoropoulos, C., Koumanakos, G., . . . Koubias, S. (2010). Advent: A System Architecture For Advanced Monitoring Of Elders With Chronic Conditions. Athens: University of Patras. Pittard, M. J., Monotti, A. L., & Duns, J. (2013). Business Innovation and the Law: Perspectives from Intellectual Property, Labour, Competition and Corporate Law. New Jersey: Edward Elgar Publishing. Rainer, R. K., & Turban, E. (2008). Introduction to Information Systems: Supporting and Transforming Business. New York: John Wiley & Sons. Scharfman, J. A. (2012). Private Equity Operational Due Diligence, + Website: Tools to Evaluate Liquidity, Valuation, and Documentation. New York: John Wiley & Sons. Spink, J., Moyer, D. C., Park, H., & Heinonen, J. A. (2013). Defining the types of counterfeiters, counterfeiting, and offender organizations. Crime Science, 2(8), 1-10. Stewart, J. M., Chapple, M., & Gibson, D. (2012). CISSP: Certified Information Systems Security Professional Study Guide. New York: John Wiley & Sons. Toren, P. (2003). Intellectual Property and Computer Crimes. Oxford: Law Journal Press. Vecchione, A. (2012, January 1). Health-Monitoring Devices Market Outpaces Telehealth. Retrieved from InformationWeek : http://www.informationweek.com/mobile/health-monitoring-devices-market-outpaces-telehealth/d/d-id/1104636? Whitman, M., & Mattord, H. (2013). Management of Information Security. London: Cengage Learning. Yritys-Suomi. (2012). Protecting a product idea. Retrieved from Yritys-Suomi: Etusivu: https://www.yrityssuomi.fi/en/tuoteidean-suojaaminen Read More

The technology sophistication, information complexity as well as the increasing number of solutions has made information protection a discouraging task. In essence, technological innovation is considered to be a key factor of business success (More, 2011). Therefore, InnoSensors is inclined to gain greater benefits from technological innovation if they take into account the various intellectual property issues while developing their new electronic monitor. Utilising the IP system tools effectively can help InnoSensors reduce risk and enable the company to take its new product to the market easily, while simultaneously improving the company’s competitiveness.

The paper focuses on protection of InnoSensors’ “the Total Health Monitor” development information. Protection of the Product Development Information As stated by Drummond and Ensor (2006), product development spawns information, which is crucial to the success of the business, and therefore, the information must be protected and managed effectively. A number of health devices companies have developed and put proactive intellectual property strategies into practice, aligning them with business strategies and innovation so as to capitalize on the potential value of the information created through the process of product development (Industry Canada, 2012).

Managing intellectual property issues from the first phase of product development, examining the intellectual property of the product continuously, and finding suitable tools at every phase are some of the key factors to a successful intellectual property strategy. Immediately, an idea starts to manifest into a real product, it may turn out to be the inventor’s intellectual property to which exclusive rights are applicable. As mentioned by Yritys-Suomi (2012), the most effective way of retaining exclusivity to an innovation or idea is by making sure competitors are uninformed.

Undeniably, confidentiality is crucial while processing ideas, therefore product ideas should only be discussed with trustworthy individuals and, if need be, make confidentiality certain by means of agreements. Immediately, InnoSensors’ Total Health Monitor start taking tangible and visible shape, the company should start planning how innovative efforts directed to the new product can be exploited within the market place under exclusive rights. Trademark, utility model, patent and design are currently the most common industrial rights, and if a holds any of such rights then the company may forbid other companies from utilizing the protected creation for purposes of profit-making.

Confidential Schema Basically, information classified as ‘Confidential’ is considered sensitive, and if altered inappropriately or is access, disclosed or used without authorization, it can result in considerable (Stewart, Chapple, & Gibson, 2012). In the confidential schema, information is classified as highly sensitive designed for certain use by the group of persons with a valid permission. In this case, a clear authorization from the top management is needed so as to access due to privacy, contractual, legal, or other limitations.

Confidential information if made accessible to unauthorized parties such as competitors can unfavorably have an effect on InnoSensors. This form of information classification includes information that the company needs to keep confidential, either through confidentiality agreement or by law (Whitman & Mattord, 2013). Product development information must be protected against modification or unauthorized disclosure. The information must be utilized only when needed for purposes of business and must be protected at all cost.

As the owner of the information, it is the duty of InnoSensors to designate the product development information as confidential since the company neither is yet to release the product and has not made any public statements. The Persons as well as departments tasked with creating the new electronic monitor must clearly designate the product development information by visibly marking the documents’ electronic version and hard copies as confidential (Boston University, 2012).

Read More