IPR Protection
GS Lab takes comprehensive measures to answer the following question for our customers and prospects:
“How do you ensure that (a) the code being developed for a customer and/or (b) the various assets (code/data files/confidential information) that has been provided by a customer are safe on the company network? What kind of tools and systems you have in place to ensure this.”
GS Lab takes measures for IP Protection as multiple levels. Actions at each level are listed below.
At the Human Level
Employees are made aware about the IP rights and are trained for taking care while working with IP related and other customer data.
At the Desktop Level
All the machines are patched and only authorized access is allowed. The hardware doesn't include any mechanism to copy a large amount of data to a removable media like CD or DVD. Native encryption in the file system is supported. Users could define the ownership of their data and restrict other users from viewing their data. Windows PC run TrendMicro OfficeScan SMB client server suit which protects the individual PC from all kinds of viruses, worms, malware, Trojans and provides a central view of the current status of GS Lab PCs regarding virus activity on the Antivirus Server.
At the Server Level
Servers are locked down and hardened. They are patched regularly. Only required services are run so that only a few ports are open. File access and other security related permissions are checked on regular basis. Where ever possible, secure protocols are used for the transmission of data between the servers and clients. Sensors like network monitoring clients, monitor the activities carried out on the server and report back to the monitoring server whenever the threshold is reached. The parameters include number of processes, number of users logged in, disk activity to name a few.
At the Network Level
The servers facing Internet are hardened. Typically OpenBSD based servers are used for this purpose because of their proactive approach towards security. Stateful firewalls are implemented to tighten the security. Mail scanners are implemented on the mail gateway. Internet hosting servers are kept in a different network to beef up the security of the internal machines. Internal networks are guarded using filtering routers. IDS and audit applications are run throughout the networks at various points to check the integrity of the GS Lab network. The logs on all the servers are checked regularly to catch any abnormal behavior.