Back to top

How to Protect your Business Secrets

Last revision:
Last revision: August 23rd, 2019
Last revision:
Category: General Business Documents

Starting and operating a business can be one of the most fulfilling things on earth! Especially when you may have been building towards owning your own business for a long time, finally getting to do so is often very rewarding.

There's a lot involved in owning a business, including marketing, accounting, staffing, and all of the specific bits and pieces that are important to your business model. Often, running a business is a "learn-as-you-go" proposition, with experience being the best teacher. In one area, though, you should ensure that you have all of your ducks in a row from the very beginning: the legal side of protecting your business secrets.

This may not seem very important early on, but in fact, it's the most important, especially early on. If you have valuable, secret information that belongs to your business, the worst thing you can do is slack on protecting that information.

In this guide, we'll talk about the best things you can do to ensure you keep your business secrets, well, secret!

Before we discuss how to protect your business secrets, though, it's important to talk about exactly what type of information you may wish to protect.

Confidential information, generally, is any information which is not known to the public. Confidential information may be labeled as such, and often, it is valuable to the party that owns it because of its confidentiality. For example, customer call lists may be confidential, or marketing plans, or pricing algorithms, or plans for new, as-yet-unreleased products.

Trade secret information is a special class of confidential information. It's confidential information through which a business can obtain an economic advantage over its competitors. In other words, the information can't already be public or easily discovered, and it has to be something that has already been safely kept secret so that the business can obtain an advantage from it. Famous examples of trade secrets are the formula to Coca-Cola and the recipe for KFC's secret blend of 11 herbs and spices. The Uniform Trade Secrets Act governs the protection of trade secrets across states and has been adopted by 49 states (New York has not adopted it).

Beyond these two, there may be certain types of secret intellectual property, such as in-progress copyrights or inventions. These could also just be labeled "confidential," but sometimes, while intellectual property is being developed, businesses wish to guard it in a very tight way.

Now that we've talked about some of the types of information a business may wish to keep secret, let's talk about the things you can do to protect your business secrets. Please be advised that nothing in this guide constitutes legal advice. This guide should be considered informational only.


1. Identify all the important confidential information.

Before you can protect your business secrets, you must ascertain exactly what needs protecting. This may seem like an obvious first step, but many business owners attempt to mark every single thing in their business as "Confidential" or keep all their information under lock and key, and this may not be the best strategy.

Instead, sit down and identify the really important pieces of information that need to be kept secret. Make sure you note whether you have any trade secrets, specifically, as those will likely be the most valuable pieces of information your company owns.

Final takeaway: Take the time to identify the most important pieces of information for your business.


2. Mark all secret files and documents "Confidential."

For all of the pieces of information you've identified, mark them (whether in physical form or electronic form) "CONFIDENTIAL." This is really as simple as it sounds. For paper files and documents, they should be clearly marked with a very obvious "CONFIDENTIAL," ideally in red or another color that is distinct from the text of the document or file. For electronic files and documents, it's a good idea not only to mark the top of the document "CONFIDENTIAL" in red text, but also to mark the file name as such.

Although this may also sound like an obvious step, it's impossible to protect information if it hasn't been clearly marked as secret.

Final takeaway: All confidential information should be labeled as such.


3. Know where all of the information is stored.

After you decide what information you would like to keep confidential, and mark it as such, you'll then need to ensure you have a good handle on where all of the information is being stored. In other words, it's not a good idea just to throw the word "CONFIDENTIAL" on a bunch of important documents and files and then forget about them. Instead, you need to be constantly aware of where the most sensitive information is, especially trade secret information.

This step includes not only knowing where physical files are stored, but also electronic files. In other words, make sure you know exactly which computers, servers, online systems, and workspaces all of your sensitive electronic information is stored on. Unless you know exactly where to locate it, you won't be able to adequately protect it.

Final takeaway: Make sure you know where all of your confidential information is kept.


4. Secure all the information, to the maximum extent possible.

Now, it's time to think about the best ways to secure your information. For physical files or documents (or even physical items, like prototypes), this will mean ensuring everything stays under literal lock and key. In other words, these physical items are not to be left out on employees' desks or in a file cabinet where anyone can access them. Instead, they should be kept in a lockable container in a space that only a limited number of people can access (more on that in the next step).

For electronic files, the same holds true. Ideally, sensitive information won't be stored in an online cloud, because those are notoriously unsafe. However, if you do choose to store information online, ensure that you are storing it with a reputable company committed to your safety. For any kind of electronic storage, however, the files and documents should be encrypted, passcode-protected, and viewable only to a limited number of people.

Final takeaway: Take your time ensuring you have the best possible security systems for your confidential information.


5. Keep track of who has access and how.

Closely related to the point above, the next step is to keep track of who has access to the confidential information and how. For the most sensitive information, this can be kept in a simple list form, maintained by the business owner. The list should include the name of the individual who can access the information and in what form. For trade secret information, especially, the fewer people that know, the better. One of the paramount tips for the protection of trade secret information is simply not to tell anyone!

For extra security, you may wish to use an electronic system that shows you who logged in at what time to access what information. You can generally purchase software like this from a reputable business provider. You may also wish to try to put such a system in place for physical files: in that case, the individual would have to sign in and out before being allowed to access any of the confidential information. This may make it helpful to narrow down individuals who may be responsible in the event that you have a data breach. Ensure that the individuals you give access to are not giving it away to others and that security credentials are updated regularly.

Final takeaway: Routinely monitor individual access to your information and know who is accessing what.


6. Draft and execute necessary agreements.

This is the part of protecting business information that most people think is the only option, and while it is a great option, it's not the only one, as has been made clear from this list. Instead, it's just one more type of protection available to you as a business owner.

If you are entering into business relationships with others, like through a joint venture, or if you are hiring new employees, or even if you are simply bringing on consultants to help with certain parts of the business, your confidential information may be exposed. That's why one of the best ways to ensure protection through these types of relationship is with agreements that are specifically drafted to ensure that the party signing keeps information they are given confidential.

Before a joint venture, often parties will sign a Joint Venture Agreement, making clear the parties' confidential information should be kept confidential. In employment situations, business owners will often require their employees to sign Employment Agreements or Non-Compete Agreements, both of which have different provisions for ensuring the protection of the business information. In either of these circumstances, or really, any other business circumstance, you can also require an executed Non-Disclosure Agreement, or NDA, which specifically states that confidential information received may not be used or shared.

Keep in mind that NDAs are generally a lot more broad than almost any other type of confidentiality clause or provision. The reason for that is because NDAs are designed specifically and exclusively for the purpose of protecting secret business information. Usually, the way the "information" is defined in an NDA is very broad. The time restrictions are also quite broad. In terms of protecting confidential business information, an NDA is a very strong line of defense.

Final takeaway: Specific legal agreements can help ensure your information stays protected.


7. Continually monitor the information.

Once you have all of the systems set up to protect your business information, it's time to monitor, monitor, monitor! Although it may seem as though you've done everything you can to protect yourself, the truth is, true protection comes in the constant monitoring of your valuable information. Monitoring means making sure no one is making unauthorized copies, keeping an eye on individual access, and routinely checking to make sure all of your security systems, both physical and digital, are working.

By keeping an eye on your information over time, you'll be in a much better position to keep it protected. Anytime you notice a security breach or even a situation which could become a security beach, you can handle it right away, ensuring you and your business stay protected.

Final takeaway: The most important step to protecting your confidential information over time is to continue to monitor it.


Final takeaway

Building a business is one of the most exciting things you can do! While doing so, one of the most important things to remember is that in order to have your business continue to grow and be successful in the long run, you need to protect the aspects of it that are commercially valuable. Most of the time, this involves the protection of confidential information. By following the tips on this list, you'll be in a great place to ensure your confidential information stays protected and to ensure your business' success!


About the Author: Anjali Nowakowski is a Legal Templates Programmer at Wonder.Legal and is based in the U.S.A.


Templates and examples to download in Word and PDF formats

Rate this guide