The road to a granted software patent continues to be a long, frustrating, and expensive process. In just a few years, old software can be replaced even before a patent application is complete. Typically, patent applications take about four years to complete, which is very time consuming for most companies.
Many companies choose not to patent software because of how difficult it can be. Under the current patentability law in the United States, software patent applications must meet specific requirements to be patent-eligible. The software may be patentable if it improves computer functionality somehow or solves a computing challenge unconventionally. Additionally, software patent applications must be written carefully. The patent may only be eligible if written with a clear focus on the software solution’s technical merits.
Since patents are becoming harder to obtain, companies turn to trade secret protection. There are laws to protect trade secrets. To have legal protection, the company must meet specific standards. There are many steps that companies must take to protect their trade secrets, including identifying what needs protection, monitoring where the information is stored, securing computers, providing adequate security, maintaining secrecy with outside vendors, and training employees regarding security policies.
Throughout the past few years, trade secret litigation in the United States courts has significantly increased. In 2018, Apple was alleged to have stolen trade secrets from Qualcomm and shared them with Intel Corporation after Qualcomm allowed Apple access to its source code and tools for LTE modem chipsets. Last year, Ahead Engineering attempted to sue former employees claiming trade secret misappropriation under state and federal law. Ahead Engineering ended up facing more penalties because instead of putting in its best efforts to protect their trade secrets, they went on an external fishing expedition on its employees. Companies must use their best efforts to protect trade secrets and show these best efforts in court to be protected.
SecureCircle enables companies to meet the various trade secret requirements for legal protection.
Trade secrets such as source code can be automatically protected as part of the developer workflow without developers, even knowing additional security was implemented. As source code is checked out of the central repository such as GitHub, the data will automatically be secured. Data remains secure regardless of location. Only authorized users, devices, and applications will be able to access the source code.
Every attempt to access secured source code is monitored. Compliance and audit teams can see in real-time which users, devices, and files have been accessed. Unauthorized devices or unknown devices will not be able to access secured source code and will not even be able to download source code from the central repository.
Companies can utilize outside vendors without giving up control. Typically in other security solutions, the data is left unsecured while the data is being changed. With SecureCircle, the data is persistently secured: at rest, in transit, and even in use. Derivatives are automatically secured, including Save-As and copy-paste. Even as outside vendors are working on source code, companies have the ability to revoke permissions at any time. If the vendor had copied secured data to a USB drive, the contents would remain secure.
Because SecureCircle works transparently in the background, there is no user training and on boarding required. Developers work just as they would with insecure data. Companies can deploy SecureCircle in days.
Review the SecureCircle Securing Source Code on the Endpoint Whitepaper or view the Demonstration video to learn how to:
SecureCircle delivers a SaaS-based cybersecurity service that extends Zero Trust security to data on the endpoint. SecureCircle’s Data Access Security Broker is a reliable and straightforward security architecture that enables customers to secure source code on the endpoint without impacting developers from doing their job. Instead of relying on complex reactive measures, we simply secure data persistently in transit, at rest, and even in use. SecureCircle also reduces cost and reduces complexity by avoiding the need for multiple products, software integrations, and ongoing security controls administration. Unlike many traditional solutions, SecureCircle works on a simple cloud-to-agent delivery model, which means fast and simple deployment, allowing our customers to implement security for their most sensitive data rapidly.