Do you trust your IT staff - 50% snoop on company digital assets

PCWorld reports that a survey conducted by Cyber-Ark reveals that nearly half of IT workers have admitted to snooping around networks to look at confidential information.

"It's easy -- all you need is access to the right passwords or privileged accounts and you're privy to everything that's going on within your company," said Mark Fullbrook, U.K. director of Cyber-Ark.

Here are some tips on how to secure company digital assets, from TheTradeSecrets Homepage.

1. Notify the recipient of trade secrets, preferably in writing, that the information is proprietary and that the information is not to be disclosed or used by the recipient for the recipient's benefit or the benefit of others without the express consent of the trade secret owner.

2. Enter confidentiality and non-disclosure agreements with employees and third-parties.

3. Establish and maintain written confidentiality policies to be distributed to all employees.

4. Establish and maintain oversight policies and procedures to prevent the inadvertent disclosure of trade secrets in written publications, seminars, speaking engagements, or at trade shows, by employees.

5. Institute overall plant physical security precautions, such as fencing the perimeter of the Company premises, limiting the number of entrances and exists, using alarmed or self-locking doors, hiring after-hours security personnel.

6. Install visitor control systems.

7. Maintain access to trade secrets on a "need-to know" basis only.

8. Establish secretly coded ingredients or data.

9. Separate departments of the Company.

10. Separate components of a trade secret between or among departments and/or company personnel so that each has only "a piece of the puzzle."

11. Keep drawers or areas for secret documents and drawings separated and locked.

12. Stamp documents and drawings "CONFIDENTIAL" or "PROPRIETARY."

13. Enter vendor secrecy agreements.

14. Establish physical barriers to prevent unauthorized viewing of proprietary process technology.

15. Install "KEEP OUT" or "AUTHORIZED PERSONNEL ONLY" signs at the access points to sensitive areas of the plant, and have a policy of enforcement.

16. Establish and maintain written rules and regulations prohibiting employees from remaining in the plant after hours without express permission from properly authorized personnel.

17. Establish and maintain rules and regulations requiring employees to stay in controlled areas about their work stations.

18. Require employees to wear identification badges or carry identification cards.

19. Require sign out/sign in procedures for access to and return of sensitive materials.

20. Reproduce only a limited number of sensitive documents and maintain procedures for collecting all copies after use.

21. Require authorized codes or passwords for access to copying machines and computers. Use key and encrypted computer data access to control theft of secret computer-stored information.

22. Establish and maintain policies and procedures for destruction of documents (shredders).

23. Establish and maintain a policy and practice for advising company employees, on a regular basis, regarding the Company's trade secrets and confidential business information.

24. Hold "exit interviews" to obtain return of company documents and to remind ex-employees of their obligation not to use confidential information of the Company for their own benefit or the benefit of others.

Follow Jorbb on Twitter, Friendfeed and Facebook.