Intellectual Property Rights

It is an organizational control requiring organizations to implement appropriate procedures to protect intellectual property rights, ensuring they do not infringe on others' IP while adequately safeguarding their own proprietary assets.

Procedures should cover software licensing compliance, open-source software usage, document copyrighting, confidentiality agreements (NDAs), and technical access controls restricting unauthorized access to proprietary data. WatchDog Security's Policy Management can help standardize these procedures with controlled templates and track acknowledgment across employees and contractors.

Organizations must maintain an inventory of software assets and their corresponding licenses, ensuring they do not exceed purchased user limits and strictly prohibiting the installation of pirated or unlicensed software. WatchDog Security's Asset Inventory can support this by maintaining a centralized view of software and SaaS assets to make periodic license reviews and remediation tasks more consistent.

Implement Software Composition Analysis (SCA) tools to automatically scan repositories for open-source libraries, verifying their licenses do not conflict with your proprietary code distribution models.

The policy should include guidelines for handling proprietary information, rules for using open-source code, software licensing compliance procedures, and mandatory templates for NDAs and employee IP assignment agreements.

Ownership is typically shared between Legal Counsel for drafting contracts and reviewing licenses, and the CISO or Engineering leads for enforcing technical access controls over source code.

Auditors look for signed employee and contractor agreements containing confidentiality clauses, an up-to-date software license inventory, executed NDAs, and master service agreements detailing IP ownership. WatchDog Security's Compliance Center can help organize these artifacts as evidence items and track collection status so audit preparation does not rely on last-minute manual chasing.

Source code must be protected using strict role-based access control, multi-factor authentication, and code repository monitoring to prevent unauthorized cloning, downloading, or external sharing.

They provide the legal foundation to hold individuals accountable, ensuring that anyone granted access to sensitive data is legally bound to keep it confidential and automatically assigns any created IP to the organization.

Third parties must sign explicit contractor agreements and NDAs prior to accessing internal systems, and their access should be strictly limited to what is necessary and immediately revoked upon contract termination.

Audit gaps often happen when agreements are stored across HR tools, shared drives, and email threads, making it hard to show complete coverage and current versions. WatchDog Security's Policy Management can track the correct NDA/IP templates, manage version control, and record acceptance/attestation so you can demonstrate who has agreed to what and when.

Sharing proprietary files via email links can create uncontrolled forwarding, weak authentication, and limited audit trails, which increases the risk of IP leakage. WatchDog Security's Secure File Sharing supports encrypted sharing with TOTP verification and audit logs so you can control access, set expectations, and retain evidence of who accessed sensitive IP materials.