I don't see how this is possible knowing that people sometimes put sites they haven't worked on in their CV :)

I am not even sure that a clause in their contract would stop them - as when they use they're CV they usually no longer either work for you or want to work for you.

Legal: Confidentiality agreement in their contract? I'm a bit dubious about how enforcable this would be in practise.

hth, a.

andye

I have two questions. How employees can be prevented from coping information from the work place - Preventing CD writers, uploading somewhere etc. If there is a checklist, that will help much. Here is where I mentioned as data and code theft using technically.

The second question was on resumes. Yes, technically we can not block that, But legally.

The second question was on resumes. Yes, technically we can not block that, But legally.

Why on earth would anybody be willing to work for you, with such a a clause in your agreement? This would seriously hamper their subsequent ability to obtain work.

While there are projects that demand absolute secrecy, extending to not disclosing it on a resume, those are few and far between. If you're not working on a defense system, etc. this probably doesn't apply to you, though.

From a technical standpoint, there's not a whole lot you can do. If you have multiple projects, or a large project that can be compartmentalized, certainly limit access to that which is needed to get the job done.

You can stop people who mean no harm, but might be sloppy, by eliminating floppy and CD drives. USB keys - you can probably configure Windows or Linux to disallow portable USB devices.

Someone with ill intent is going to walk away with anything they put their hands on. If that's a problem, you need to screen your employees better.

Take-home work is probably the biggest risk, but it's so prevalent in the industry that it's expected - either the ability to work from home part/full time or to get in some "crunch time" in a more pleasant environment than the office. Limit work to on-site, and you also limit your access to employees who won't work under such conditions.

I think that, by and large, if employees feel they are being treated fairly, they are not going to take your stuff.

Frankly, you seem to have an adversarial attitude toward employees, and this might be part of the problem.

I think it's best to be reasonable, fair, and most of all clear. Perhaps, for example, you could provide, in advance of hire, acceptable wording for a resume description of their duties and projects.

I agree with you. But I must have mentioned where we are from. This is an issue in countries like China, India, Phillipines, Ukraine, Polland etc, where the COmpanies can not publish the client's work even in their own profile or portfolio due to confidentiality.

Thanks for the detailed reply anyhow.

Can Someone give a checklist to ensure that the Data/client details or not copied or what are the measurements to be taken as precautious inside a web development company, to prevent employees using client's, project's and other related details in for their self advertisements in resumes?
What can be done at the technology level and in the legal level?

You do not understand what I am asking.
When I am commited to not to reveal any of the client information, is I am in legal contract while getting the work, mentioning that I will not reveal anywhere that we did the work, Man, How can we handle such siuation when your employee publishing in his personal site resume etc.

This situation is quite common in offshore development nations like India. We work on such situations,and others if you do not understand, please ignore my question.

I do not think there somethign unhuman exists here. Its all about contracts and leagal bountries.

You do not understand what I am asking.
When I am committed to not to reveal any of the client information, is I am in legal contract while getting the work, mentioning that I will not reveal anywhere that we did the work, Man, How can we handle such situation when your employee publishing in his personal site resume etc.

I think this has to work with mutual understanding, ask them not to reveal the information openly when not required. I do not know how can I stop.

I can have a contract but then you will have to prove in the court. This is going to be a tedious task.

Another option is let your customer know the truth and I am sure they will understand (hopefully with some loss). "None of our employee will reveal any customer data", This can be quote as no responsibility if they are no more with the company.

Another option, create different level of access details and hide as much as possible.

I hope I had confused you enough; sorry I was just trying to swim under mud.

AjiNIMC

Employees- confidentially clause in the contract
Contractors - confidentially clause in the contract

Offshore contractors is a little harder, if its important you could be bit creative how you outsource, not revealling the details in the first place, or use a good sourcing agent t oensure it doesnt happen.

I think the only reason anyone can get away with that is because it is being done in third-world country. Third-world countries where much worse indignities are tolerated in exchange for survival. I suppose this is a tiny blip in the explotation of third-world workers both by those in first-world countries and by some of the obscenely rich in the third world who know how to crawl over the bodies of their fellow citizens to get ahead.

Again, there ARE situations where it is appropriate to have absolute secrecy. There should be a price to pay for that absolute secrecy. You've denied an employee of a basic right in the workplace, and should have to compensate for that with a (much) higher wage.

Sorry if this sounds harsh. But after reading this for a few days, this is my conclusion: you are asking our assistance to exploit others unreasonably.

In most professions, you will find that doesnt include divulging information about the companies clients.

Non-disclosure agreements certainly are common in the industry, and you should have no difficulty finding examples of non-disclosure agreements. However, many of these agreements contain unenforcable clauses that interfere with employees rights and may violate various right-to-work laws in different countries.

Regardless of the law, non-disclosure agreements are widely ignored when it comes to resumes - both because of non-enforcability and as a practical matter on the part of the employee. He has to be able to discribe what he did at past jobs, or else he has no reasonable expectation of obtaining work.

This is why I say that the best approach to to be reasonable and to communicate very clearly with the propective employee up-front. Instead of a blanket non-disclosure agreement, spell out exactly what kind of disclosure is and is not allowed in a resume. For example, if the client were Sony, would it perhaps be acceptable for them to say "improved widget code in a home entertainment product of a large Japanese electronics manfacturer"?

Why does it matter to the employee that it was for Sony? That should be obvious - the reputation, prestige, etc. of an employer and an employer's clients matters on a resume.

If an employee works for a prestigous company or on a project for a prestigious company, and is not allowed to disclose this in a resume, you have taken away the value of that disclosure for the purpose of obtaining future employment. In my mind, if you really HAVE to do that, you are morally obligated to compensate the employee for what you have taken away. If you do, and the employee then breaks the agreement, you are at least now on high moral ground in seeking damages.

If you DON'T spell it out exactly, then WHEN your employees ignore the non-disclosure agreement when they write their resume (and they WILL) you have no control over what they write. If you give clear examples of acceptable and non-acceptable descriptions, and if they are reasonable, you have some expectation that your wishs will be followed.

Going back to the issue of work product (code, etc.) it is awfully difficult to give a programmer sufficient access to do his job without also as a side-effect giving him the ability to walk away with the code. I don't know of any good technical solution, other than having workers strip-searched upon entry to the workplace, issued uniforms with no pockets, reverse that on the way out. And NO Internet connections, which would be rather impractical.

This is why I say compartmentalize. Give access only where access is needed. At least you minimize what a given employee can take.

Who are those third-world countries in IT industry?

Who are those third-world countries in IT industry?

China
India

Certainly, working conditions in the IT industry in India are far better than in other industries. But that's not saying much, and from what I've read, they are far from what U.S. workers would tolerate. Wages are spiraling up (the inevitable end result of outsourcing) and even that causes problems - for example, there is now a security concern as these "wealthy" IT workers have been targeted by theives, often as they leave work after a long day.

I do not think so! You come to say US workers create the best working conditions in their countries?
>> Have you ever visited any company in India and China? Have you seen how ethical they are? There are o much constraints they have. But they are superior in the world now.

Wages are spiraling up (the inevitable end result of outsourcing) and even that causes problems - for example, there is now a security concern as these "wealthy" IT workers have been targeted by theives, often as they leave work after a long day.

Security issue is global, Thieves are everywhere. They not just in India and China. These and all just some unbiased output from people who loose their position of affected by their poor working conditions.

But they are superior in the world now.

"wealthy" IT workers have been targeted by theives

Thats nothing, wait untill the marketing lot get hold of them :)

Have you ever visited any company in India and China? Have you seen how ethical they are?

No, I haven't visited them. But I've read accounts. Some of them are so "ethical" that they put-up their employees in dormitories, and indenture their employees. (More-so China than India.)

We had that in the U.S. 100 years ago. They called them "company towns". It's a dark spot in America's history. Workers were paid in scrip, redeemable in a company store, which sold goods at inflated prices. They lived in company-supplied housing, rented at inflated prices. Some might call this taking care of your workers needs. Others would call it slavery.

Sure thieves are everywhere. But it seems (generally) to follow high/low wage disparity. I say generally, becuase the U.S. seems to be the exception - for what reason I do not know. (The U.S. unfortunately, has a dangerously increasing dispartity between low and high incomes.) FWIW Brazil (where I HAVE been) is one of the worst. Middle-class people (a very small percentage of the population) live behind locked gates patrolled by armed guards. I actually felt embarassed being "protected" by the mafia-looking guards that shoo-out the "lower classes" from middle-class shopping areas and work places. I know it's necessary, but damn is it creepy. Maybe it's that Americans "feel" equal, even though they may not be. Maybe it's that though they may not BE equal, they still have equal opportunity.

Of course, there are U.S. companies (such as Google) that are coming awfully close to this "ethic". You do get to go to your own home at night, though, and get to sit in an Aeron chair...

Sorry, I didn't mean to turn this thread political, nor to beat the American drum. It's just sad to me to see that in our oursourcing, perhaps we have also outsourced some of our worst past offenses. I'm not blaming India or China - quite the contrary. The demand starts in the U.S., and we don't particularly care how the demand is satisfied...