Korporacyjna Racja Stanu
IT Technology

Software House: Intellectual Property Protection

We implemented a doctrine for protecting intangible assets. We secured the source code and databases against the departure of key developers to the competition.

0 data leaks
ClientCodeShield Solutions
IndustryIT Technology
TimelineMay–July 2024

The owner of CodeShield Solutions noticed that two key developers started asking too often about the code ownership structure. The IT market in Wroclaw is small, and the risk that proprietary algorithms would go to the competition along with the people became real.

IP AuditGit SecurityIT LawAsset ProtectionB2B Security

The challenge

The company was managing 14 active projects for medical sector clients. The problem was that 8 developers had full, uncontrolled access to main code repositories and production databases. Old B2B contracts contained leaky provisions on the transfer of copyrights, which in practice prevented effective pursuit of claims in court.

The situation was tense because one of the team leaders received an offer from a direct rival. Lack of exit procedures and technical safeguards meant that CodeShield could lose contracts worth 340,000 PLN in one month. The owner felt he was losing control over what was most important – over the code for which clients had already paid.

Our approach

We started with an audit of 11 active B2B contracts and 3 employment contracts. Korporacyjna Racja Stanu assigned two specialists who analyzed access logs and permission structures in Git systems for 9 business days. We focused on hard data: who, when, and how much code was downloaded to private drives.

The next step was to prepare new contract annexes that precisely define the moment rights transfer and introduce contractual penalties for confidentiality breaches. We didn't play corporate niceties. We put it plainly: we are protecting the company's capital to ensure salary stability for the rest of the 12-person team.

The solution

We introduced a distributed permissions system. Now no employee has insight into the entire architecture without a clear business reason. We implemented the 'Numbers Don't Lie' doctrine – every data export is logged and requires authorization from a second administrator. We also changed the 'offboarding' process.

Additionally, we organized short training for management on business secret protection. We showed how to recognize symptoms of an employee's planned departure with a database. All legal documents were adapted to current case law in Wroclaw, providing a real basis for possible compensation processes.

Results

Within 47 days of implementation, the company fully isolated key code segments. When one of the developers actually left for the competition in June, he was unable to take any valuable data, and his access was blocked 14 minutes after submitting his resignation.

0
IP theft incidents
11
signed legal annexes
14 min
access cutoff time after resignation
340k
PLN of secured capital in contracts

Timeline

  1. May 12, 2024
    Audit of logs and permissions in the Git system
  2. May 29, 2024
    Review of 14 contracts and preparation of new annexes
  3. June 15, 2024
    Implementation of two-step data export authorization
  4. July 4, 2024
    Closure of process and test access cutoff

"I was afraid that the developers would consider the new contracts a lack of trust and leave. It turned out that clear rules calmed them down. Now I know my code is safe, even if someone changes colors."

Andrzej Woźniak CTO & Co-owner, CodeShield Solutions August 2024
← Back to case studies