Trade Secrets Part 2: How to protect and respond like you mean it

In our recent Intanify Insight, we explained that step one to protect trade secrets is to identify your secret sauce, your crown jewels (Every company has trade secrets – and they’re being stolen ). In this month’s edition, we elaborate on steps two and three.

Protection – showing the “reasonable steps or measures” which will enable enforcement. We’ll soon see if Rippling (details) and Palantir (details) did enough to have the law behind them.

Response – acting decisively in the first forty-eight hours of a breach, including having a plan ready to go.

TL;DR then take the first step and identify your top 5 trade secrets for free or download our 1pager

Protection – turning “reasonable steps” into everyday practice

Lawyers love the phrase “reasonable steps” or “measures”, but founders and execs need to know what that looks like on a Monday morning.  A practical answer sits in the trade secret trinity of People, Process and Policy.

People – building a culture of confidentiality

We wrote about this extensively in Palantir, people and the 72% problem: how trade secrets walk out the door. 72% of employees take material with them when they leave a job. 59% believe it’s theirs. Add competitor espionage à la Deel, and at least 80-90% of trade secret loss is due to people.

Process – controls that leave an audit trail

Good intentions turn into evidence when controls are baked into daily workflows. There are simple things you can do now (some of which you probably are):

• Access control and encryption, monitor downloads
• Classify and label trade secrets, such as confidential
• Create a trade secret register (or much easier, use Intanify)

Policy – a playbook that stands up in court

A single, plain-English policy explains what your business counts as a trade secret, sets classification levels and spells out handling rules for staff and contractors.  It dovetails with your information-security and acceptable-use policies, is refreshed after every incident and is approved by the board.  When litigation looms, that policy – backed by audit evidence – shows the court you took protection seriously.

This shows you treated them as valuable trade secret and nobody could later claim they didn’t know.

Why bother with all this? Firstly, it is simply good business to have good governance and protection for your business’s the crown jewels. But also, because once you can demonstrate reasonable steps, legal protection lasts indefinitely and costs nothing in filing fees.  Better still, investors treat strong trade-secret hygiene as a signal of operational maturity, not legal paranoia.

Response – the forty-eight-hour incident script

No control set is perfect.  A rushed deadline, a misplaced data transfer or an overeager sales rep can spill your secrets.  What you do next decides whether you lose competitive advantage or reinforce it.

What are the types of incidents needing a response?

• Improper acquisition: theft, bribery, deception or hacking.
• Unauthorised disclosure or use: sharing or exploiting a secret in breach of an NDA.
• Knowing receipt: accepting or deploying information you know (or should know) was obtained improperly.

Your policy will have an incident response plan, similar to others you’ll have already. The roles, phone numbers and even a PR holding statement must be written before trouble strikes, so that a 2 a.m. alert becomes a drill, not a crisis.

Putting it all together

Identification tells you what to protect. Protection and Response prove you deserve the shield the law provides, and ensures you can act before damage compounds.

Intanify’s tech will make step 1 easy, light touch and ongoing. We’ll predict your 5 top secrets for free. From there, there is a lot you can do yourself. And Intanify can connect you to our expert partners if you need more help.