What Is IP Theft (and What You Should Do About It)
What is IP Theft?
Intellectual property theft — IP theft — in the technology product development world means stealing data from a company. For many companies, the most valuable IP is product information, customer records, employee records, and financial data.
The Impact of IP Theft
IP theft is a major ongoing concern. It can cause massive loses in terms of both property and reputation. Most recently, Citrix Systems revealed that hackers had been hanging around inside their network undetected for five months.
Using the technique “password spraying,” the intruders assumed control of Citrix employee accounts using predictable passwords. Then they could start accessing personal and financial information. And Citrix is not alone. Last year hotel giant Marriott also reported a massive data breach in which intruders were present in their infrastructure for more than four years.
Breaches of this nature often give intruders access to IT systems, which then provide access to other systems. By creating legitimate looking accounts — that look like regular employee accounts — hackers gain persistent access. This gives them the keys to a company’s most valuable assets.
One of these important assets (that is often overlooked) is source control. Controlling access to such systems is often not implemented. Fears persist that developer productivity will plummet. But with a company’s success on the line, it is important to protect against IP theft.
How to Protect Against IP Theft
In today’s world, companies should be operating with the assumption that they are being attacked (and are probably already infiltrated). For security teams, this means adopting a strategy that actively looks for weaknesses and continuously monitors access.
Because IP theft can be the result of both internal employees and external threats.
Employees sometimes share things that they shouldn’t share, even accidentally. This has become one of the easiest ways for attackers to get the information they need to compromise system security.
In the case of Citrix, intruders preyed on weak employee passwords. Once they cracked those accounts, getting into internal systems was easy. These intruders were using existing accounts, so they like legitimate users. As a result, once inside, their activity could go unnoticed.
So how can companies protect against IP theft?
Uncover Secrets In Your Code
It’s common wisdom that sensitive data like passwords, secrets, and private keys shouldn’t be kept in an unprotected location. This includes open repositories. But this can happen.
One notable example is the 2016 Uber breach. Driver and rider accounts of some 57 million people were exposed. In that breach, user IDs and passwords were “parked” in GitHub repositories by Uber employees. Then the bad guys used that information to gain access to internal Uber systems.
There are tools that can help you find sensitive data stored in repositories that shouldn’t be there. But they can only do so much. The most difficult part of using them is tracking down all your repos. If you have hundreds of repos, you will need to search each one individually. Having a centralized model — compared to a distributed model — helps eliminate a lot of the detective work.
There are also several purpose-built systems that are designed to store secrets, like HashiCorp’s Vault, and Square’s Keywhiz. But this type of solution could create more work for your admins, especially in DevOps-heavy environments.
Even without the threat of IP theft, companies across industries — such as automotive, aerospace, financial services, entertainment, semiconductor and embedded design/manufacturing — have a strong need to implement monitoring tools. Monitoring allows you to see what your servers are doing in real time. And it can help you optimize resources to better support development effort.
When intruders are hanging around in your system, they can potentially steal your source code and electronic designs. These are kept in your version control system (VCS). When it comes to protecting your VCS, continuously monitoring can allow you to spot bad actors. But this can be difficult as you scale and add more servers, people, and applications.
With the right version control system, you can enforce restrictions for traffic and content movement beyond what can be done by firewalls and ACLs. If you are not already tracking, it is important to start.
Use Enhanced Authentication
Creating defense-in-depth to protect against IP theft involves first gating your front door. This is why you need to implement a strategy to authenticate both users and applications that access your system.
There are many enterprise-level Identify Access Management (IAM) tools, such as Ping and Okta, available on the market. Integrating these tools with your existing VCS helps ensure that you are protected against IP theft. For many companies, this also can include multi-factor authentication (MFA).
When it comes to encryption, some companies offer the use of SSH or SSL to access version control systems.
- Secure Socket Layer (SSL): A HTTPS remote URL connects a browser and server.
- Secure Shell (SSH): Encrypts the connection between two computers.
Using SSL has some advantages compared to SSH. It's easier to set up, but it’s not as secure. Using SSH usually works through strict firewalls and proxies. However, it also prompts you to enter your GitHub credentials every time you pull or push a repository. This can impact a developer’s productivity.
Get Strong Security Built-In
Ultimately, it is critical to balance security, usability, and the needs of your products and projects when deciding how to protect valuable intellectual property.
The best choice for your company will depend on the amount of sensitive data you have to protect, the size of your team, and the maturity of your DevSecOps practice. In a multi-front war against cyberattacks, it’s important to have multiple choices.
You have a lot of choices when it comes to version control. With many, you may need to do a lot of heavy lifting to make it secure. But using Helix Core — version control from Perforce — you get the highest level of security built-in.
Lock Down IP Theft Vulnerabilities
Helix Core allows teams to implement security measures to protect against IP theft without sacrificing performance.
Global IP Protection
With Helix Core, companies can enforce restrictions for traffic and content movement beyond what can be done by firewalls and ACLs. This protection extends to replicas and edge servers. Administrators can permission access down to the individual file level. Once you have this in in place, you can analyze the history of changes of millions of files accurately.
Authentication From Every Angle
Helix Core’s ability to manage an immutable, traceable history is a perfect fit for companies with strong compliance and governance needs. You can track and monitor user activity for audits and use this information to discover potential security threats.