Controlling the cost of eDiscovery involving Source Code?
Feb 14, 2011

When it comes to eDiscovery of email and/or documents you have a variety of choices to contain costs, these include:


When your case requires eDiscovery of Source Code, the above options are not practical or feasible as the Intellectual Property or Trade Secrets contained within the source code could be compromised during discovery.

Using technology from Chaperon is another way to contain costs. These include:


These options have not - previously been available in eDiscovery of Source Code.

Learn more about how you can control the cost of eDiscovery by contacting us today at info@chaperon-secure.com



Posted By Ashif Dhanani | Comment




Vault vs. Vault
Feb 08, 2011

Have you recently evaluated the cost vs. value of your current software escrow storage?

 

With today's technology, the equivalent of 40+ software deposits can be stored in a 1 inch, 8+GB USB Flash Drive.
 
With most Escrow Agents using physical vaults, they are hopeful that you are concerned about features like:

 

Concrete vs. steel vaults, 24 hour video surveillance, temperature control, magnetic shielding, non-water based fire suppression systems, humidity control, continuous armed security guards, Bank vaults vs. private vaults, Bar coding, etc.   
    
Do these features make it easier to make and or get access to deposits?
Are the features increasing the cost of your Escrow agreement?
Are your Escrow Agents in need of a major upgrade to stay current?
Are these features relevant to securing source code?
Are these features of value to you?

 

Have you considered a change to "Digital" Vaults for your Escrow Deposits?

With Digital Vaults you have:
    * Secure digital access to them on the cloud (Private or Public).
    * Compliance and the ability to keep up with the highest digital security standards (SAS70 Level II, Encryption, Disaster Recovery, SSL, etc.) without additional costs.
    * Significant cost savings over physical vaults.
    * Direct synchronization of the source code with the deposit in the vault.
    * Version control features that keep track of what has changed and when it was changed.
    * A single vault to hold all the revisions of the application.
    * Contents reporting anytime the Escrow deposit is updated.
    * Elimination of additional costs and management overhead having to deal with features like Portals, FTP Servers, etc.

Let us help you get your Escrow agent to start migrating from Physical Vaults to Digital Vaults today so you can start enjoying the cost savings and increased functionality.

Contact us to start your journey to go digital with Chaperon Secure(tm) Vaulted Repository.



Posted By Ashif Dhanani | Comment




Is source code theft still a problem?
Dec 01, 2010

In the world of SaaS and Cloud Computing, Is source code relevant? Is it still getting stolen?

The answer is YES!

With companies moving to a flexible workforce (work-from-home, off-shore team, partners, etc.), stealing source code is as easy as emailing it to yourself or to your friends’ private email address, copying and pasting it onto a USB thumb drive/ MP3 Music Player, or posting onto the cloud/website to retrieve later. The capabilities to steal source code have been simplified with the ongoing advances in technology.

Has the technology advances made is easier to stop source code theft?

The answer is mixed: Yes, in cases where workers interact with the source code under the IP owners companies IT control. There are technologies and solutions like DRM (Digital Rights Management), IPS (Intrusion Prevention Systems) and IDS (Intrusion Detection System that monitor networks and systems for activities that violate the company’s policies. This does prevent the leaks as long as there is an IT staff member monitoring all the alarms and acting upon them on a timely basis. But there is still the risk of not seeing a real alarm in a sea of “False Negatives”.

In cases of remote and at home workers, these DRM, IPS and IDS don’t work as well. The system is connected via a local ISP or partners remote network allowing the worker the ability to copy-cut-paste the source code from the corporate network to a local file, email or thumb drive.

So how can you prevent loss or souvenir taking at all times?  The answer is using a product like Chaperon Secure™ Development Environment which isolates and encapsulates the source code and tools used to create or interact with it. The source code is not accessible outside the secure environment (system and operating environment), allowing the workers to securely interact with the source, to create, de-bug, compile, etc., without being able to keep souvenirs of it.

Learn more by visiting our website or contact us today.

Posted By Ashif Dhanani | Comment




Introducing Cloud based IP Litigation Discovery
Nov 03, 2010

With the benefits of Cloud Computing, there is a cheaper and better way to handle IP Litigation Discovery.
 
Here’s how it works: A “golden” or master copy of the IP is first placed in a secure IP repository -- making it virtually impossible to copy or pirate. The IP owner is allowed to add and/or update the IP. The Secure Inspecting Stations can then be used by multiple inspecting parties to browse, view, and inspect the contents simultaneously anytime, anywhere – eliminating expensive network connections and the cost of travel. The IP is fully protected during transport and only authorized parties can inspect the IP.

 

What are the advantages?

- Allows the choice of in-office or remote secure inspection of the IP.
- Eliminates need for dedicated, expensive network connections.
- Protects the rights of both the IP owner and inspecting parties.
- Eliminates the risk of shipping IP on systems via couriers.
- Eliminates the risk of losing IP via the “Trusted Exchange” method.
- Eliminates the risk of having the IP on physical systems used by the inspectors.
- IP can be securely hosted by Producing Party or a Trusted Third Party (Escrow Agent).

Learn more about our Cloud based IP Litigaton Discovery solution or contact us today. 



Posted By Ashif Dhanani | Comment




Is Open Source Escrow for you?
Oct 14, 2010

Have you given up on Traditional Software Escrow and/or SaaS Escrow due to price and complexity of executing multi-party agreements on low priced SaaS offerings?

Before you give up, have you considered Open Source Escrow?

What is Open Source Escrow?
Open Source Escrow is a new concept for Intellectual Property Escrow that releases the Escrow materials to Open Source instead of specific Licensee(s). It is significantly cheaper then traditional escrow. It also simplifies the Escrow Agreement by eliminating the need to get involved in complicated contracts and negotiations, or adding clients to a list of beneficiaries.

How does it work?
The release triggers in Open Source Escrow are limited to closure or bankruptcy of the developer. While this trigger can be defined a little differently in each instance, the overall concept is that Open Source Escrow is designed to protect the end user from a developer that goes out of business or abandons the application

The escrow agreement in Open Source Escrow only includes the developer and covers everyone that uses the application. In Open Source Escrow only the developer signs the contract, and there is no beneficiary list. Since the code is released as open source there is no limit to who can receive the code if the developer goes out of business.

Who should use it?
Any application providers whose software is based on a foundation of Open Source code or low cost SaaS providers with a large install customer bases of small and medium size companies.

Advantages:
The agreements are much simpler and the cost is significantly lower.

What are the shortfalls?
Since the license is replaced with an open source license. This means that there are no restrictions on how the code can be used by anyone that receives the code out of escrow.

Is open source escrow of interest to you? Would it be a benefit to your business model?  Want to discuss if it is the right solution for you? Have you had a positive or negative experience with SaaS/Software Escrow in general?  Contact us or leave a comment.

Posted By Ashif Dhanani | Comment




e-Discovery of Documents/email vs. Source Code
Sep 14, 2010

What is the Difference between e-Discovery of Complex Digital Asset vs. Regular Digital assets (documents and email)?

Short Answer: There is no difference!

But, execution of e‐Discovery of documents & emails is far more difficult and expensive due to:
 - Volume and Complexity of the data
 - Cost of production and inspection

First, what do we mean by “Complex Digital Assets”?
These are digital assets that are multi dimensional, meaning these assets have inherent relationships with other digital assets within the same file or data set.  An example for such asset is a “live” spreadsheet where there could be formulas in specific cells that obtain its value based on a calculation involving multiple cells. Another example are CAD drawings or source code files, both of these have a complex structures that cannot be represented by a static representation by a simply “freezing” and printing the file (or converting the file to a PDF) .

During e-Discovery, the expert may need to interact with the actual digital assets in their native form (e.g: a CAD drawing in a CAD application or Source Code in a fully functional programming environment) so the expert can navigate and follow the components that make up the assets without having to recreate it from scratch. At other times, the expert might need to simulate “what-if” scenarios, which can easily be done within the native environment that generated the complex digital asset.  
Data interaction and “what if” scenarios cannot be accomplished with a “Regular or Static Assets” such as a PDF file.

As the world becomes more “Digital” so does the volume of digital data that goes to make up Intellectual Property. As the complexity of the data increases so does the cost of discovery using traditional methods.

If your case requires e-Discovery of complex digital assets such as source code, engineering drawings, live spreadsheets (with formulas), databases and other proprietary digital assets look to Chaperon for Secure Inspecting Solutions that reduce cost while protecting your IP.

Posted By Ashif Dhanani | Comment




How do you stop IP Theft Google Style?
Aug 09, 2010

You may have heard Google's Source Code IP was compromised late last year. It was a big deal and there were lots of speculation on the consequences. Their China offices were closed, complaints were lodged with the Chinese government, there was a lot of activity. 

 

Now six months later, you must be wondering what is Google doing to stop IP theft?

 

Suprisingly the proposed solution is pretty simple, stop using the software that was compromised to access the IP. In this case, there are rumors of Google ditching Windows. The FT article reports that "Employees wanting to stay on Windows required clearance from “quite senior levels”, one employee said. “Getting a new Windows machine now requires CIO approval,”

 

The article also says "Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems. The greater number of attacks on Windows has much to do with its prevalence, which has made it a bigger target for attackers.

 

Google has their own operation system (Chrome) to use, not an option for majority of software developers Windows remains the most popular operating system in the world by a large margin, with various versions accounting for more than 80 per cent of installations, according to research firm Net Applications. 

 

So how do you plan to protect your IP? Follow Google's lead?

 

Or do you need to protect IP in your current environment or can you afford to change platforms to keep your IP safe.

 

What if this next platform gets compromised? Do you keep moving? Can you afford to?

 

 



Posted By Ashif Dhanani |




Chaperon LLC. partners with Iron Mountain Digital
Jun 09, 2010

Chaperon customers will now have the option to secure their digital IP with Iron Mountain Digital, the world's leading provider of information management services for data protection and recovery, archiving, eDiscovery and intellectual property management.

 

Chaperon’s initial offering will allow:

 

Given Iron Mountain’s focus on security, privacy, scale, access and cost-savings, their Archive Services Platform goes beyond standard cloud computing by delivering:

 

The Iron Mountain IP Archival Option is now available directly from Chaperon and through Chaperon’s approved delivery partners.


For additional details, visit: http://www.prweb.com/releases/Chaperon/IronMountain/prweb3997064.htm

Iron Mountain

 



Posted By Ashif Dhanani | Comment




Intellectual Property is an emerging target. Don’t become tomorrow’s headline!
Feb 19, 2010

Stories of targeted attacks on IP continue to bombard the news.

“A hack attack that targeted Google in December also hit 33 other companies, including financial institutions and defense contractors, and was aimed at stealing source code from the companies, say security researchers at iDefense.”
More at: http://www.wired.com/threatlevel/2010/01/google-hack-attack/

“The scope of this is much larger than anybody has every conveyed,” says Kevin Mandia, CEO and president of Virginia-based computer security and forensic firm Mandiant. “There [are] not 50 companies compromised. There are thousands of companies compromised. Actively, right now.”
More at: http://www.wired.com/threatlevel/2010/02/apt-hacks/#ixzz0fAJeb0HD

“If you’re a law firm and you’re doing business in places like China, it’s so probable you’re compromised and it’s very probable there’s not much you can do about it,” Mandia says.
More at: http://www.wired.com/threatlevel/2010/02/apt-hacks/#ixzz0fAK1RdRX

And this is nothing new….

More than one-third (34 percent) of U.S. companies in a recent survey* said they had investigated a violation of data protection regulations or privacy in the past year. More than one-third also said customer data was exposed or stolen, and 28 percent said they had been hit by exposure or theft of their intellectual property.

Are you concerned about your exposure? Let us help you start the journey to make sure that you don’t becomes tomorrow’s headlines.

To learn more about how Chaperon solutions can help protect you or your clients, check out our website or Contact us for a free consultation.

 

 


* Proofpoint's "Outbound Email and Data Loss Prevention in Today's Enterprise" survey. http://www.proofpoint.com/id/outbound/index.php



Posted By Ashif Dhanani | Comment




Leveraging Mail Systems for Secure, Large, File Transfer
Feb 04, 2010

The U.K.'s Pensions Regulator, the body that supervises the country's pension industry, has implemented Chaperon Secure(tm) Attachment to protect data transfers that are often legally, financially or personally sensitive. See full story.

Contact us for a free trial or demo.



Posted By Ashif Dhanani | Comment




older posts >
Categories
IP Litigation Escrow
IP Theft
Partners
Secure Email
Secure Software Development
Software Escrow