How market analysis firms can prevent insider content leaks in the hybrid working era

We take a look at the growing issue of insider content leaks, the workplace trends causing their growth, and what features you should include in your content delivery system to reduce the severity and regularity of leaks once they occur.

The two phrases most synonymous with the post-pandemic workplace zeitgeist – hybrid working and ‘The Great Resignation’ – which have come to symbolise increasing worker autonomy to decide how, when, and where we work, are simultaneously raising concerns among many businesses for a different reason: the loss of intellectual property.

This concern is felt acutely amongst providers of high-value market analysis. With content selling for thousands of dollars, any sharing of information with competitors from former employees or those working outside of the controlled office environment is costly.

As employees working from home need access to more information with conventional information-sharing networks eroded outside an office setting, the democratisation of corporate information has become a necessity. This newly granted openness, combined with high staff turnover is understandably causing concern.

If left unchecked, the combination of high employee churn and hybrid working can create a perfect storm of accidental leaks of high-value data and content as well as more nefarious dissemination caused by ‘insider attacks’, where employees purposely share reports and data with new employers, friends at other analyst firms, or rivals.

What is the information industry saying?

Various research reports should read as warning signs for business information firms. A report from the Ponemon Institute documenting data breaches found that 75% of employees say they have access to data they shouldn’t and 25% of employees are willing to sell data to a competitor for less than $8,000. Ponemon also found that insider incidents have grown 47% in just two years.

In its 2021 Data Breach Investigations Report, Verizon found that a massive 44% of all breaches in organisations of less than 1,000 employees were insider jobs. They also discovered that 93% of breaches were driven by profit, while ‘pure fun’ was another top motivation.

In our recent article, Securing high-value content: How to ensure the right content doesn’t fall into the wrong hands, we looked at the three types of external intellectual property thieves analyst firms are vulnerable to, but the same behaviour can be committed in a similar fashion by internal employees.

Three personas of ‘insider’ information sharers:

The internal sharer –  occurs (often accidentally) when an employee distributes high-value information into an unauthorised area of the internal knowledge centre or sends it to colleagues who don’t have permission to view the content. This results in a higher likelihood of valuable information leaks.

The external distributor – this offence arises (often maliciously) when a user shares content with friends outside of their organisation or with members of their new organisation. Commonly caused by corporate accounts not being fully closed once employees have left the company.

The home driver saver – involves fewer people and is a less immediate threat but still takes the content out of the publisher’s possession and could evolve into the other two distributors in the future.

75% of employees say they have access to data they shouldn’t and 25% of employees are willing to sell data to a competitor for less than $8,000. Insider incidents have grown 47% in just two years.

Research from the Ponemon Institute

Reducing the likelihood of insider content leaks

The question for analysis providers operating in the hybrid working age therefore is: how can ‘insider attacks’ and accidental leaks be stopped in practice without disrupting analysts’ ability to produce reports or find critical information?

Here are four features you should ensure are present in your content repository to reduce the regularity and impact of these leaks on your valuable intellectual property:

1. Prevent full download

This is a helpful preventative measure that limits the amount of data internal users can take offline and disseminate among friends and colleagues at other organisations. This measure, combined with workflow tools that allow for the creation of custom deliverables, means that users – both internal and customer accounts – will not need to download whole reports and will only export the sections they need. Accidental shares of full-length reports will become less common and purposeful dissemination more difficult and time-consuming to commit.

2. View online only

In a similar vein to preventing full downloads (although this method prevents even partial downloads!), setting your content in ‘View Only’ mode means your information and data are safely secured in your content repository and can’t be moved into an unmonitored offline space. A workable middle ground is to set certain content as ‘View Only’ and others as downloadable, depending on the user and what level of access they need to certain information.

3. Licensing

The ability to set different access management rights depending on individual user requirements is underpinned by a flexible licensing system and is critical to the wider issue of protecting internal assets. Licensing systems are now highly flexible and allow administrators to set tailored licenses based on the user’s exact needs and requirements. Administrators can regularly audit and review usage and set personalised access rights depending on seniority, department, or individual need.

4. Content Usage analytics

This can be a difficult concept to convey to employees as you don’t want to create an atmosphere of surveillance and suspicion. However, the ability to track user behaviour and analyse what content has been downloaded from your content library is invaluable when identifying a breach’s origin if you do suspect a data leak.

Finding the balance in the hybrid working era

Publishers of market analysis must be particularly aware of the risks associated with our increasingly hybrid, fluid working world due to the high value and sensitivity of their digital content.

Analyst firms can, of course, completely lockdown their internal content repositories and only allow a select number of system administrators or lead analysts to access resources. But what purpose would this serve? It would plague your employees with inefficiencies, leading to frustration with the lack of information at their disposal.

Instead, investment in a full-stack content repository and delivery system that possesses the threat-mitigating features listed above, when combined with regular reviews and audits of access permissions will reduce the severity and frequency of accidental content leaks and purposeful insider attacks.

Securing high-value content: How to ensure the right content doesn’t fall into the wrong hands

As thieves try to steal expensive content and customers ignore the terms of their subscription licence by ‘sharing’ with colleagues, securing paid-for published reports and data must be a priority for market analysis firms.

As a publisher of market intelligence, imagine the following scenario. Coca-Cola*, one of your largest corporate accounts, purchases an enterprise license for your annual overview of the global soft drinks market. The report is delivered to them as a PDF, and you assume it is being used internally as per the stated licensing agreement. However, you soon learn that Pepsi* are using data in presentations and business reports that could only have come from one place: your annual overview of the global soft drinks market. But you know that Pepsi didn’t purchase a copy!

Often in this situation, content is not shared with malicious intent: many customers simply have a laissez-faire attitude to licensing and sending a report to a friend in a rival organisation is often done thoughtlessly due to the ease of sharing PDFs. In other instances, it is done deliberately to steal revenues and undercut the publisher’s hard work. Regardless of intent, both forms of distribution are financially damaging for publishers.

*(disclaimer: Coca-Cola and Pepsi have been referenced purely for illustrative purposes and this example does not reflect on the integrity of their employees!)

Production Costs

Business information’s value is unquantifiable, but the content’s price reflects the production costs for a niche market, the expertise of the author and the cost of research and data collection.

Syndicated market research reports are undoubtedly highly valuable products. Every report is produced by several teams, from the authoring analyst (or analysts) to editorial who ensure factual correctness and consistency, followed by production who work on design, layout, and quality control. Sales and marketing teams then join the fold to decide how to package and sell the content. This process involves many people, many hours of work, and significant expense to the publisher.

Securing this painstakingly produced, high-value content is at the forefront of any provider’s mind and is increasingly relevant as cyber-security concerns seep into our everyday working and personal lives. Content is extremely easy to steal or lose control of in a complex and ever-changing digital security landscape. Publishers should be aware of the common security hazards, and solutions, that regularly trouble providers of market intelligence.

Copyright Theft

At its crudest, copyright theft is stealing, re-packaging and selling, usually at cut-price, the same content publishers have spent weeks or months putting together. Copyright theft is a growing issue in the B2B publishing community, as with increasing regularity, organised networks work together to obtain high-value content, remove any references to the actual copyright owner from the report, dataset or video and market it often for a fraction of the price.

One industry figure posting in the Renewd online community, a network for subscriptions professionals and B2B publishers, identified over 80 pseudo-information firms working together to disseminate copyrighted material and shockingly found over 90 examples of their content listed on 11 individual sites. Networks of this nature will grow in number and become more sophisticated in their tactics, so publishers must be aware of this threat.

Solution: Vet all purchasers of your content – ensure that buyers input some personal information before making purchases. If, for example, an individual is trying to buy a $4,000 report and has no associated company of note this should raise alarm bells.

Mass Sharing

In a similar vein to copyright theft, mass sharing involves the downloading of licensed content and distributing without the permission of the publisher. Often unlicensed distribution of content is committed by one of your loyal (or so you thought) subscribers rather than an anonymous denizen of the internet.

There are 3 main forms of mass sharing:

  1. The internal sharer – occurs when a registered user downloads a whole report and uploads it to their corporate intranet or internal knowledge centre.
  2. The external distributor – this offence arises when a user shares content with friends outside of their organisation.
  3. The home drive saver – involves fewer people but still takes the content out of the publishers’ possession and could evolve into the other two distributors in the future.

Commenting on this type of threat, Edwin Bailey, Director of Marketing at Content Catalyst, who has over 20 years of experience in licensing content said; “Content delivered as PDFs via email is most at risk to this form of theft, and although publishers may have DRM systems in place these can be easily bypassed via password sharing or manipulation of the PDF document’s properties. Most subscribers are, of course, reliable and trustworthy. However, it only takes one user to bypass these rudimentary safeguards before your content is freely passed around another corporate account without your knowledge.”

Solution: Invest in a content delivery system capable of tracking content usage and managing access rights. Analytics and licensing allow greater control over usage and enables site administrators to keep tabs on potential rule-breakers. Having settings that prevent users from downloading whole reports offline can also be an effective preventative measure.

“Most subscribers are, of course, reliable and trustworthy. However, it only takes one user to bypass these rudimentary safeguards before your content is freely passed around another corporate account without your knowledge.”

Edwin Bailey

Director of Marketing, Content Catalyst

Corporate account sharing and fair use policy

Fair use policies have often been a sticking point between publishers and clients. Breaches of fair use frequently come in the form of password sharing amongst colleagues. Corporate licenses are granted with certain limits – a common restriction being the number of users associated with the account. Once the company reaches the pre-agreed number of users accessing the provider’s content, the client should move to the next pricing bracket and be charged a higher fee for access.

For example, a corporate team buying an account with 20 registered users when there are 100 members in their department should be flagged as a risk. If unregistered customer employees then ask the publisher’s analysts or salespeople content-related questions, this is an obvious sign of unauthorised access and may confirm the suspicion of password sharing.

Solution: Tracking IP access is a handy way of getting a sense of the number of devices accessing your site. Again, usage analytics, particularly those related to log-ins and geographical location are vital: if you can see that a certain account is logged in 24 hours a day with constant activity, it’s possible to deduce that the password is not just being shared amongst direct colleagues but across multiple time-zones – a major breach of fair usage policy.

Password breaches

In June of 2021, the largest ever password data breach was leaked – 8.4 billion passwords in total were compromised1. This problem is not sector-specific, but the sheer volume of passwords leaked every year makes this an issue publishers should be wary of.

Tom Gibbs, CIO at Content Catalyst who has been at the forefront of keeping Publish Interactive secure, explains that “the ubiquitous threat of data breaches means publishers should strive to implement security via a combination of best practices and a robust tech ecosystem.” Five security features he recommends that publishers should consider to ensure content security are (these are also all features of the Publish Interactive platform):

  1. 2-Factor authentication – reduces the chance of password sharing among colleagues and external attackers as only permitted IP addresses will receive entry codes.
  2. Password age – a setting that allows site administrators to enforce the frequency that users must reset their password.
  3. Trusted domains – restricts which email domains can access the site.
  4. ReCAPTCHA – this widget will ensure bots are unable to register to your site.
  5. SSO integration – with providers Okta and Microsoft Azure AD, facilitating better password practices and more secure log-in systems.

Solution: Invest in subscription software or a content delivery platform that has a range of features designed to counteract and reduce the threat of content breaches. It’s also important to sign-up to specialist password protectors, such as LastPass for your internal employees and if you are sharing passwords over email, ensure you use encrypted password services, such as PW Push.

A more secure future

Publishers must ensure the security of their content – the myriad of threats can be hard to keep up with, but with the right technology, secure best practice policies and the diligence of employees to monitor and track unusual activity, your painstakingly produced content can be kept safe and secure.



  • Management
  • Security
  • Technology

Related Content

Four Building Blocks for High-Performing B2B Subscriptions

  • Management
  • Subscribers
  • Subscription Renewals

3 reasons why data visualisation tools are the future of market analysis content

  • Analyst Workflow
  • Content Management
  • Management

Evergreen content: providing market analysis for the modern B2B information consumer

  • Analyst Workflow
  • Editorial
  • Market Reports

Becoming a subscriber-first market analysis provider

Understand how niche research firms can use technology to successfully shift from a transactional model to recurring revenues