How can I protect my startup's digital assets?
Physical assets such as stock, machinery, cash and business premises are often core to business operations and might be the first thing business owners think about when valuing a company on the balance sheet.
But their intangible equivalent, digital assets, are often just as vital and should not be overlooked. Digital assets can be hugely valuable to investors and can be licensed and sold just as physical assets are.
In this article, we look at what can be classified as your company’s digital assets and three options available you can use to protect your assets.
What do we mean by “digital assets”?
Essentially, a digital asset is anything that can be accessed via a digital device such as a computer, phone or another digital format.
Such assets will not just be relevant to technology-based companies but will be prevalent across the board for most, if not all, companies. The following non-exhaustive list contains a few examples:
- eBooks
- Apps
- Websites
- Online advertising (such as promotional literature and blog/social media content)
- Digital music tracks and audio
- Online photographs and artwork
- Online videos and games
- Software and source code
- Business logos (including graphics and other online artwork)
- Digital spreadsheets, tables, compilations and databases
- Digitally-stored contracts, business documents and technical reports
- Customer lists/data
- Proprietary digital inventions and processes
How to go about protecting your digital assets?
From the above list, you will appreciate that your digital assets are numerous and fundamental to the success of your business operations. Safeguarding them is, therefore, crucial, and the first step to doing this is to stand back and undertake a comprehensive audit to identify exactly what digital assets you possess.
Once your inventory is drawn up, you will need to take a multi-faceted approach to secure and protect these assets, as outlined below.
1. Encrypt and back up your data
Cybercrime is rising, and criminals are finding more sophisticated ways to exploit online vulnerabilities. This can be hugely damaging to your digital operations and your reputation.
Regularly backing up your digital resources in multiple locations is a must. Implementing state-of-the-art (or at least up-to-date) backup, anti-virus and encryption software will also go a long way to preventing hackers from gaining unauthorised access to those assets.
You should train your workforce to follow best cybersecurity practices, including insisting on strong passwords, using multi-factor authentication solutions, firewalls and automatic intrusion detection systems, and taking a cautious approach when using personal devices. You should also teach staff to be cautious when opening emails and attachments from unknown sources.
Fulfilling data protection obligations will also be key in this respect. One of the fundamental principles of data protection law requires organisations that process personal data to take "appropriate technical and organisational measures" to protect that data against unauthorised or unlawful processing and accidental loss or destruction of or damage to personal data.
Basic security measures are, therefore, a must if you want to stay on the right side of the law and avoid significant fines and reputational damage.
2. Register ownership of trademarks, designs and patents comprised in digital assets
Your digital assets could be valuable intellectual property. Here are a few examples of the types of IP protection you could use to protect your IP:
Trademarks
You should protect your key branding elements (including your trading name, product/service names and logos), providing they are distinctive and not descriptive, by registering them as trademarks.
It’s important to remember that trademarks registered in the UK, only apply in the UK and you’ll have to follow a different process to register a trademark in Europe or another territory. LawBite offers highly competitive trademark legal advice that can help to set you off on the right footing.
Design rights
Design rights protect the appearance of the whole or part of a product, and their application is not limited to physical products such as clothing and furniture. They can also protect things like digital logos and graphical user interfaces that are novel and possess individual character.
Patents
Digital innovations and processes are also capable of patent protection if they offer a new technical solution or facilitate a new way of doing something.
At LawBite, we’re often asked what can be patent protected and whether software, code, and computer programs are applicable. The short answer to this is usually ‘no they can’t be patent protected’ (at least in the UK/EU). The only exception is if your product involves a wider computer-implemented invention that solves a technical problem in a non-obvious way.
Copyright
Copyright can protect a huge amount of output you will inevitably own and use as a business (essentially most items in the bullet point list with some exceptions). Although copyright arises automatically to protect your original works, it’s still a good idea to always use copyright notices on those works (meaning the © symbol with your name and the year).
In some jurisdictions (such as the United States), it’s also necessary to register your copyright work to invoke your rights. You should also ensure that authors sign and date the original work and keep a record trail of the creation process to help prove ownership if that is ever in a dispute.
2. Protective contracts
Whenever external third-party contractors create digital assets on your behalf, you must have a signed written contract between you and them, giving you the rights you need to exploit the assets.
You should also impose strict confidentiality obligations on employees and other staff with access to sensitive digital data or resources. This can be done within employment agreements or by standalone non-disclosure agreements to ensure assets are kept secret, only used for limited purposes and prohibiting onward disclosure to third parties. Disclosure should occur within closed circles on a ‘need to know’ basis.
Where digital assets aren’t held on the company’s servers, you should also carefully research external third-party cloud storage providers and ensure that their operating systems and security features are robust and current and reflected in the contracts you sign.
3. Protect your digital assets with insurance when possible
It’s also worth mentioning that certain types of insurance exist to protect and mitigate against the risks associated with loss or damage to digital assets. Cyber insurance policies are the most obvious example and are an investment worth making to protect against internet-based dangers.
Since the cumulative value of digital assets can be significant, taking stock of these assets and protecting them over their lifecycle is essential.
Experienced commercial and cyber security solicitors and intellectual property lawyers will have the necessary expertise to guide you through the themes above.