Data + Reputation + Intellectual Assets + People = D R I P
We are always surprised by the entrepreneurs who have spent years thinking (and talking) about their business idea, only to risk everything by not protecting the intellectual property and business assets they’ve created. How do you identify, understand and protect the hidden assets in your business?
You need to understand where these assets live in the first place. Why? Because they are almost always at risk because they are not properly protected.
Good Risk Management around your Data, Reputation, Intellectual Property and People gives competitive advantage and therefore makes good business sense. In fact, in most cases the most significant asset of a company also represents the greatest risk.
Let’s quantify the cost to your business of not managing your DRIP with a few shocking facts you may not know about.
50% of employees admit to taking corporate data when they leave a job and 40% say they plan to use the data in their new job. Over 50% of departing employees claimed one reason they took employer data was their perception that “everyone else did it when they left.” Other reasons cited include the employees’ sense of ownership around what they helped to create (52%) and their belief that the company cannot trace the theft back to them (49%).
If you’re handling customer data, do you manage and dispose of it properly? Under the Data Protection Act 1998 (DPA), companies are legally bound to ensure that any personal data is correctly disposed of when no longer required. A complaint could be made to the Information Commissioner’s Office and that could result in legal action and a fine anywhere up to £500,000. From January to October last year (2014) alone, a total of just over £1m in fines was levied by the ICO. Every single person in the UK has a legal right to ask at any point what information you hold on them, whether you still hold it and if not, how it was destroyed. Everything from a Post-It note with a name and telephone number to client surveys and customer reports must be disposed of under the DPA.
Here are some of the highest penalties issued by the ICO in 2014:
Loss or theft of unencrypted devices – £150,000
Insecure websites – £10,000
Postal errors – £140,000
Email errors – £140,000
Insecure disposal of both paper & electronic – £325,000
Loss or theft of paper records – £100,000
Be mindful how you deal with people on your way to the top. Prospective job candidates are extremely hesitant to join a company or CEO with a bad reputation and among those who may be willing to accept a job offer, a significant pay raise is required.
To leave their current employer and take a job with a company with a bad reputation, Executives would require an average of a 53% pay increase. 93% of people who are currently employed would leave their employer to work for a company with a good reputation.
CEO reputation makes the most critical impact. A CEO perceived to be active in CR and environmental issues has impact on recruiting. According to Corporate Responsibility Magazine, company reputation drastically impacts talent acquisition, retention, and salary expenses.
A recent survey, by the CMI, of directors serving on the boards of more than 250 publicly traded, private, not-for-profit, and private equity-owned companies reported that reputation remains the top concern of discussion in the Boardroom. Yet, while reputation risk remained the top concern of respondents, the survey found that companies are not necessarily translating awareness into action. In fact, only 31% said they were concerned about crisis management!
The naivety, inaction and ignorance of some directors is landing companies with large bills for fraud, mis-selling and the theft of intellectual property (IP) according to Prof. Colin Coulson-Thomas, CMI (Chartered Management Institute). Many boards fail to protect corporate IP and create new opportunities for abuse, while seemingly unaware of rules and policies
Companies manufacture at locations where the theft of IP is endemic and then express surprise when competitors introduce offerings similar to their own. Half of employees took confidential corporate data with them into new jobs in the last 12 months, research by security firm Symantec has shown. Just 47% of respondents indicated their organisation takes action when employees break the rules surrounding the movement of sensitive information.
Some 51% said their company does not strictly enforce policies, so feel it more than OK to take corporate data.
Treat your people well and reward loyalty. Failure to retain talent is costing UK businesses around £42bn per year. As the economy recovers, it’s crucial to consider the full costs of losing staff through resignation. Avoidable recruitment costs the UK £270m and social media means it’s never been easier for people to identify new opportunities
Small companies have lost more than £110 million over the past three years because of theft of money and goods by their own staff. The UK retail sector suffers from the highest levels of employee thefts in Europe, according to Retail Research with accounting for some 36.8% of all product losses. The number of frauds committed by staff has risen from 34% in 2011 to 41% in 2013.
With little or no growth in the UK in the last few years, many companies have looked overseas, to some high-risk markets where there are greater potential bribery risks. The number of fraud cases alone reported to the police nearly doubled from 122,240 to 230,845 over the last financial year.
Protecting your Valuable Assets ensures sustainable business growth. These assets include
your brand name, your products and services by patents, trademarks, copyright, designs and trade secrets. Intellectual assets are associated with the people-based assets of a company – for example, key skills, know-how and processes: the way your people do business.
The wider intellectual capital encompasses the other intangible assets of a company, including relationships, branding, reputation and contracts, which offer a route to commercialisation. Intangible assets not only need effective safeguarding – they need to be maximised for competitive advantage and continuing business growth.
Any company needs to consider their compliance with Data Protection. Visit the ICO website and read up on your obligations. They’re really quite common sense and simple.
Get to know your new employees and determine who may pose a risk. Be suspect of those who offer to deliver customer lists or other secrets from their previous employer. Spell out rules of acceptable and unacceptable use of company information and create a culture of confidentiality.
Protect your sensitive data with technology controls that limit access. Move fast to cut off departing employees’ access to the company network, applications, email accounts and physical files. You need to manage employees’ exits decisively and make sure you conduct an exit interview to avoid potential costs associated with employee attrition.
Obtaining robust patents for innovative developments provides rights to stop others from making, selling, licensing, distributing or otherwise profiting from that invention. Patents that protect the functionality of new inventions – including processes or devices – can add value. Companies should not forget the important role that copyright, registered designs, database rights and trade secrets can also play. Use it or lose it – the golden rule with Intellectual Property. IP is a powerful business asset, it needs to be looked after, protected, reviewed regularly and applied effectively.
Any business, large or small, global or local, has intellectual assets they need to protect. Carry out a DRIP Analysis of your Data, Reputation, Intellectual and People assets to understand where those hidden assets are in your business. It is time and effort worth spending to ensure you always stay ahead with your unique business idea.