V.LEGAL ISSUES FOR MANAGERS
Managers, particularly senior managers, must deal with potential legal problems and requirements (the most complete treatment for the non-lawyer is in) These include:
- Licenses: Application software for microcomputers, and even for large installations, normally is licensed rather than owned. The organization risks serious legal problems if terms of the license are not followed.
- Fraud/Misuse: Fraud is straightforward -- corporate security planning must include consideration for possible fraud by employees, contractors, customers, or non-associated people. Misuse includes penetration by unauthorized users, unauthorized copying, negligence and similar exposures.
- Privacy: The organization may have legal, or other responsibilities to safeguard data about customers, employees, or others from disclosure.
- Copyright: Related to licensing, some organizations may need to be very careful about copyright. Publishers and educational institutions are obvious candidates here.
- Trade Secrets: Trade secret legislation is one method open to organizations to protect their confidential data. The corporate security plan should identify circumstances, if any, where trade secret may be appropriate. Use of trade secrets to protect confidentiality imposes certain, legal requirements on the organization, and the overall plan should identify these requirements.
- Employee Agreements: Among the issues involved in protecting trade secrets is the need to ensure that employees are aware that they are secrets. This usually is accomplished through an employment contract (plus other administrative actions of the organization’s operations.) A typical contract includes clauses limiting employee use or disclosure of corporate data after the employee leaves. The corporate security plan needs to address clauses needed in employee contracts.