July 7, 2006

Coke case could spur review of security policies

By Anupama Chandrasekaran

NEW YORK (Reuters) - U.S. bosses could be scurrying to lock
file cabinets and recover printouts from their waste baskets
after federal prosecutors this week charged three people with
stealing information from Coca-Cola Co. and trying to sell it
to rival PepsiCo Inc..

"Companies invest substantial sums of money in technology
today," said Chris Renk, a partner at law firm Banner &
Witcoff, which specializes in intellectual property law. "They
make use of passwords and firewalls to lock up trade secrets
and sometimes they overlook the simple things."

In the Coke case, Joya Williams, 41, an administrative
assistant who worked for the director of global brand marketing
at Coca-Cola was the source of the trade secrets that were to
be sold, prosecutors charged on Wednesday.

Video surveillance showed Williams at her desk going
through files in search of documents and stuffing them in her
bags, prosecutors said.

While the episode highlights the importance of simple
security measures such as locking up confidential documents, it
also puts the spotlight on thorough background searches of
employees of all levels, surveillance experts said.

"A lot of times companies say 'This person is just a
secretary and I don't need to do everything on them as far as
screening,"' said Jason Morris, president of employee screening
firm Background Information Services. "Your secretary may not
have the keys to the safe but he or she may have access to your
CEO's e-mails, which could have the formula for a Coke product
in them."

The Coke episode is a wake-up call for many American
corporations to put their security policies under the

"When anything happens on a magnitude like this in a
competitive industry, it forces everyone to stop and re-examine
what their existing policies are," said No. 2 U.S. beer maker
Miller's spokesman Pete Marino.

And Ron Wilson, chief operating officer of bottler
Philadelphia Coca-Cola Bottling Co, agrees. "We might have to
review our systems -- and we will," Wilson said.

Coke Chief Executive Neville Isdell also said in a memo to
employees that the company will review its information
protection policies.

One way to ensure a tighter rein on confidential documents
would be to allow well-monitored but controlled access to such

"Maintenance of access to trade secrets on a need-to-know
basis is critical," Banner & Witcoff's Renk said. "In Coke's
case, it seems like the administrative assistant who didn't
need to have access to such information did indeed have access
to the trade secrets."

But despite having stringent security measures in place, it
is important not to create an environment of fear and distrust
among employees, analysts said.

"The problem with oversecuritizing is that you put too much
under wraps and you don't get the benefit of people interacting
each other," said Manny Goldman, a beverage industry