To put users on notice of your company's copyright, all "top-level" or primary Web pages should have a copyright notice such as "All Rights Reserved, (c) 2000-2004 ABC Company."
Every company Web area that allows outsiders to post content must have guidelines that detail prohibited conduct and reserve your right to edit, modify or delete content as you see fit. Your legal department can tailor appropriate guidelines for your site.
For trademarks owned by your company, the first use of any trademarks and service marks appearing on a publicly-accessible Web page should be designated with a (R) symbol for registered marks, a (TM) for trademarks or an "sm" symbol for unregistered marks, to provide specific notice to end users of your company's rights. Your company's trademark rights can also be stated in the "Legal Information" hyperlink at the bottom of a main, external Web page.
Ensure that your company has clear license rights to use any patented technology on any internal or external site. Such licenses should indemnify your company for the use of the technology against third-party claims of infringement.
If your company links to other associations or companies, don't use these links to suggest your organization endorses the site or the site's content or owner.
When "posting" cryptography-related software on a server, especially any server located in the United States, get approval from your legal department.
Constantly update content because outdated information on your company's Web site can expose you to liability. If your company places time-sensitive offers on its Web page, indicate when the offers expire. And broken links annoy potential customers looking for information; automated link crawlers can check the veracity of your site's links.
If you need to copyprotect images, models and such, copy-protection tools can be found through a search engine by entering terms like "Digital Rights Management" or "protect Web content." You can also ask other large companies what they are using -- just be forewarned that some will tell you and some won't.
Get the latest on international encryption information from the Bureau of Export Administration's Office of Strategic Trade and Foreign Policy Controls, Information Technology Control Division.
About the author
Shelley Bard, CISSP, is a senior security network engineer with Verizon Federal Network Systems (FNS). An infosecurity professional for 17 years, Bard has briefed and written infosecurity assessments and technical reports for the White House and Department of Defense, special interest groups, industry and academia. Please e-mail any comments to mailto:firstname.lastname@example.org
Opinions expressed in this column are those of Shelley Bard and don't necessarily reflect those of Verizon FNS.
Last week: Are you throwing out company secrets? (Part 2 -- data destruction)
Next week: Social engineering