Meet Mr Intellectual Property Theft
The employee assessment of that employee who is stealing your intellectual property
Corporate America offers some fascinating wildlife that you seldom see in the world of entrepreneurship and results-oriented work. In the Meet Mr Series, we meet some of these corporate creatures and their challenges for talent management. One of the more costly creatures in corporate America is Mr Intellectual Property Theft. Using clever techniques to violate company security, Mr Intellectual Property Theft is good at violating security in the company and stealing the intellectual property.
But first, a fictional story. Because I'm creating a fictional stories as examples in this series, I'll call Mr Intellectual Property Theft Thatcher. As a reminder, our fictional company is ABCZ Corporation.
Story
John got a call on his mobile after his work day ended from his director at ABCZ Corporation, Thatcher, "John, my contractor Dylan here is having trouble connecting to the company CRM and he needs your help." John heard Dylan on the line briefly agree as Thatcher continued, "Dylan go ahead and explain the problem that you're having right now."
"The issue is that when I try to connect to the CRM, I am getting an error about missing a certificate," Dylan began. "I’m using the same credentials that you use to connect to the CRM in the monitoring application. But I’m seeing an error about a missing certificate when I use those credentials. In a nutshell, I’m doing a test of connecting to the CRM and reading all the objects and their metadata. But when I try to connect, it keeps saying that I don't have a valid a certificate. I need that certificate so that I can complete this test."
"Who gave you permission to use the monitor credentials for your application?" John asked Dylan.
"So the thing is," Dylan replied, "It’s only a test. I’m only going to be reading data from the CRM, not writing anything and I just want to confirm connectivity." When John was about to speak, Dylan jumped in again as if anticipating the response, "It's only a test."
"But the monitor application isn't a test. The credentials for the monitor application are approved only for monitoring the CRM, nothing else," John said. "You shouldn't be trying to use those credentials."
"It's just a test! It's just a test," Dylan said defensively. "What makes you think we can't re-use those credentials for a test?"
"I haven't heard you get Danny's approval yet - and if you have it, please show me in writing. Danny owns that CRM, not me. He granted approval to the monitor application for the sole purpose of monitoring. Those credentials should not be re-used for any other purpose. Even if you're only doing a test, you must get written approval from Danny."
"John, John, John, did you not hear what Dylan asked?" Thatcher interrupted. "He’s just trying to do a simple test, nothing big. All we need is the certificate and we can do our test and then be done. There’s no need to make a big deal out of this." John found it interesting that suddenly the request was a "we" with Thatcher and Dylan and it became clear why both of them were on the line in this call after work.
"I’m still not hearing that you received Danny's approval for this and if you have, please forward the email," John replied. "Let me reiterate: you must talk with Danny first about getting access."
"John, you’ve said that a hundred times. We get it," Thatcher fired back angrily. "It would only be a five minute conversation with Danny. Why don’t you just save us the time now and we’ll talk with him tomorrow." He then sharpened the anger of his tone, "You’re so unprofessional, God. Dylan, see what I have to deal with? No one can do their job here. John here could save us five minutes, but no! He wants us to talk to Danny. He's wasting his time too!" This was not unusual for Thatcher. When he wouldn't get his way, he would become abusive with employees. He had learned that he could bring others into his conversations and humiliate people in front of others who wouldn't do what he asked, even though he was violating the company's security policies.
"If it’s a five minute conversation and it’s so easy, then why aren’t you talking with Danny now?"
Thatcher sharpened his tone further. "Man John, you’re not a team player. Dylan, let’s set up a meeting with Danny tomorrow and talk with him. I keep saying I don’t know why we keep John here. He’s just a blocker to everything we do. God, I'm just trying to help the company here." Thatcher paused for a few seconds with total silence on the phone. "John are you really going to be this stubborn?"
"You must get Danny's permission first and you haven't," John replied. "I don't think there's a point continuing this conversation."
"John, shut up. You've told us that a thousand times. We'll talk with Danny. We don't need you anyway and I'm not sure we want you on our team." Thatcher angrily hung up the phone.
What the Research Shows
In researching this topic from random and targeted polling, 64% of employees across international corporations had either seen intellectual property theft or had heard of intellectual property theft occurring at their current company. This unfortunately means that intellectual property theft is common in international corporations.
Some employees noted privately that they reported this to appropriate leadership. This means that a percentage of employees seeing this occur are taking actions to inform leadership. Talent management should consider this point.
Unfortunately, this challenge cannot be overstated - intellectual property theft comes with significant costs.
Costs
Since this story is "fiction", we can end it however we want. In this case, we'll say that Thatcher was stealing intellectual property of the company and selling related information to competitors. Getting access to the CRM was key because he knew that the CRM contained all the customers along with proposed deals of various products. Thatcher also cleverly hired contractors to support his theft because companies can engage in abusive policies with contractors whereas they have to be careful with employees (more legal rights). Thus, if a contractor felt like they were being exploited for illegal purposes, they had little power to push back. In our fictional story, the company didn't really pay much attention to contractors or how they were being treated by Thatcher.
The obvious cost is that competitors would make better deals along with creating similar products. Over time, the biggest customers with ABCZ Corporation found better opportunities. But that isn't the only cost in this fictional story, even though this cost alone is bad enough.
Another cost is that talented employees left the company. No talented employee (like John) would stay at a company like ABCZ Corporation because Thatcher was a director. How did Thatcher get the job in the first place? Who hired him? Who was holding Thatcher accountable? This story is disturbing from many angles because of how toxic Thatcher was, yet we have to remember that he was a director. Some had to recommend and approve of his hire. There's a complete lack of accountability here and this not only costs directly (violating security), it also costs as talented employees recognize this and leave.
Yet another cost is reputational damage, which will be permanent. Both employees and contractors will hate ABCZ Corporation over time. They have full responsibility for hiring Thatcher in the first place and they have full responsibility for not holding their directors accountable. ABCZ Corporation is a great example of a terrible company that will be trashed by everyone who works (or has worked) for it. As these employees and contractors get jobs at other companies who may have done business with ABCZ Corporation, they will recommend against this and this cost continues to compound over time.
The Meet Mr Series
All images are either sourced from Pixabay or created unless explicity stated. All written content and created images are copyright, all rights reserved. None of the content may be shared with any artificial intelligence.