Ask any software manager in charge of outsourcing what their biggest concerns are when working with a third party, and you’ll hear protecting intellectual property (IP) quite often. Among their concerns are not only the theft of code or design, but customer data as well.
There’s a lot of internal data that would be of great value, ranging from copyright, trademarks, UI designs, patents and trade secrets such as source-code, UI/UX design, specifications and even customer data. Someone might be willing to pay top dollar for this, especially an unscrupulous competitor.
While I won’t sit here and say these concerns are unwarranted, but by and large outsourcing is not as big of a risk as you think, nor is the job of protecting intellectual property. One way to give yourself some peace of mind is to fully know who you’re dealing with, and follow some common sense best practices on protecting intellectual property which I’ll discuss a little bit later.
My Main Experience
Before we go on though, I want to share with you my own personal experience with how good intellectual property protection can save your behind. Many years ago I worked as a engineer for a company in Silicon Valley that created sophisticated microwave circuit analysis and optimization software. As a condition of employment, we were asked to sign an NDA. This was not for our source code per se (customers could view it as we installed it on their servers), but for our customer lists, which were far more valuable to my employer.
Now, I had no desire for that customer list as I was happy with my job, and too busy coding. The same couldn’t be said for a coworker, however. He created his own microwave circuit software, and decided to “borrow” our company’s customer list to promote it! Guess what? He got caught.
How? Our company CEO inserted several fake names into that customer list, but with email addresses that he had access to. When my coworker sent those emails out, several of them went right to our CEO. Busted!
Moral of the story here? Make sure you have your employees, whether you outsource or not, sign a non-disclosure agreement, but be prepared to think outside the box when protecting intellectual property.
Five Simple Steps Strategies for Protecting Intellectual Property
So what can you do to protect yourself effectively? Based on my own experiences, I’ve found these five simple strategies to work the best.
- Check your partner’s background and reputation. This should be done even before you hire your outsourced developer. While word of mouth is always good, trust your own due diligence first.
- Have a strong contract. Set your parameters clearly of what you expect. This contract can also stipulate what the outsourced contractor may and may not have access to.
- Use internal teams for core IP and outsource only non-critical parts. In many cases, I’ve found outsourced contractors really don’t need full access. The less they can see, the safer you will be.
- Manage permissions and access to your IP. My story is a great example. While I’d still make sure your NDA specifies customer data as confidential, does your contractor really need access to it? After all, they’re coders, not the sales team.
- Keep data on your servers. At no time does your code need to be anywhere but on your own server. Have them connect to your server to work, where you can closely monitor anything they do, and have logged evidence in the event IP is compromised.
Do Your Due Diligence (Or Have Us Do It!)
The five tips above are a good starting point to ensure you’re protecting intellectual property in an effective manner. But I’d also suggest building a deeper relationship with your contractor to further safeguard from theft.
This means getting to know your contractor more than just assessing whether they can do the job successfully. Instead, you’ll want to get to know everything you can about them, from how they work to their own security practices and even their own remediation efforts in the event they have a breach themselves, and what your options may be. Here’s what I mean.
- Examine the partner’s reputation, financial and technical resources and compatibility with your corporate culture (Accelerance has a bevy of resources to make this as simple as possible for you).
- Examine the partner’s ability in protecting intellectual property against accidental, inadvertent or willful misappropriation, misuse, sabotage, loss or theft.
- Investigate the partner’s track record; talk to its references and assess its security and/or intellectual property protection program.
- Perform a background check of the project manager.
- Understand the legal remedies available to you, especially if working with contractors overseas. Determine how likely the courts in that jurisdiction will provide you with legal protection and a remedy if something goes wrong.
- Visit the partner’s place of business to physically confirm security measures are in place if at all possible. Some outsourcing relationships may necessitate travel to maintain good communication and a strong relationship. These early days may give you an idea if this is feasible on a regular basis.
Take these suggestions and put them to work, and I’m sure you’ll be able to find an outsourced contractor that fits your needs, and protects your trade secrets. In fact, here at Accelerance we do much of this work for you, so you can focus on getting the job done. Contact us today with your needs and we’d be glad to find you an outsourced contractor you can trust.