This is a service level agreement for the provision of specified information technology services. The agreement is between Finman account management, LLC, Datanal Inc., and Minertak Inc. This document officially recognizes the level of service between the concerned parties. Certain clauses in this service agreement need to be adjusted in measurable terms. This will make the document secure Finman’s data and intellectual property effectively. Adjustments would also help Finman measure, justify, and maybe compare their services with other industry players (Smedinghoff, 2008). Any adjustments or altercations must ensure and recognize Finman as the true owner of data.
The first amendment would be to impose stiffer penalties to those who violate or invade people’s privacy. Management of customer, employees and supplier data is a risk issue for organizations. Finman needs to be extremely cautious in ensuring that personal data are properly secured. This service agreement should clearly define how the bridge of the personal data clauses should be handled. I would recommend the persons suspected to have undue access to personal data should be dismissed forthwith; their contribution in terms of innovation should be terminated immediately (Hiles, 2002). Any idea of product developed as a result of stealing information from Finman must be declared the property of Finman. The service act should be further enacted to ensure that Finman gets the sole rights to own information as opposite to Datanal and Minertake.
Termination would deter people from stealing other people’s ideas or contributions. The company should recognize each person’s contributions through patents or trade secretes. For instance, if a member comes up with an idea or innovation that is beneficial to the company, Finman needs to recognize that contribution. The compensation clause should be similarly amended to be in tandem with the above recommendations. The owner of an idea or an innovation should receive a compensation that is equivalent to the cost of the product for a period not exceeding 20 years. A similar compensation should be considered if the owner of the software wants to dispose of his or her product.
Under the same period, no such product should be developed using the same technique or similar idea without the authorization by Finman. The company should recognize original products or ideas only. This service level agreement places emphasis on the originality of their content. The personal conduct clause should stipulate that members who do not present original and innovative ideas be dismissed. Similarly, members who come up with original solutions will be recognized accordingly (Smedinghoff, 2008).
An independent body should be established to deal with issues of quality. Under the current service level agreement, it is not clear for any party in the agreement to verify what the other party is doing on the other side. The agreement should clearly outline the benchmarks that each party should follow in implementing the agreed metrics. An independent party would be instrumental in establishing a common plan that each member should adhere to strictly. The team should comprise experts drawn from all parties involved in business. There must be a consensus among all team members in determining whether a product meets its requirements or not. This would ensure that individual contributions are recognized and owned respectively.
Under the deliverables and feedback clause, both Datanal and Minertak need to present their report in a month’s time instead of three months. At this stage, Finman should review the joint progress of two companies. This is meant to discourage both organizations from wasting their time and resources on efforts that would go futile, in case Finman rejects their contribution. The other reason would be the dynamic nature of the industry. There are numerous developments happening at a fast pace in the information technology industry. Three months is a lot of time – many changes and alterations would have occurred. These alterations would further ensure that Finman develops technologies that are relevant to their customers (Hiles, 2002).
Termination and agreement should be amended to ensure that Finman does not terminate the service level immediately. Instead, malfeasance and non-performance need to be investigated for a period not exceeding one year. Matters pertaining to information technology should not be decided instantly. A team of experts should investigate the cause for at least one year before taking appropriate steps. This would ensure that genuine efforts do not go to waste.
Finman needs to adopt encryption to prevent an unauthorized access and alteration of its sensitive data. Encryption secures data from an external and internal attack. Only persons with necessary authorization will have the privilege to access the company’s domain. Under encryption, crucial information shall be encrypted and channeled to desired destinations only. It would be very difficult for any person to intercept such information. Most organizations are using encryption as a method of protecting sensitive information.
Looking at the Finman’s service agreement, one fact stands out clearly. Finman stores and handles extremely sensitive information; therefore, the company must develop dependable back-up systems. Online storage would be the best back-up system for the company. However, lead companies like Datanal and Minertek must be barred from accessing Finman’s domain. Access to these companies must be restricted to limit any chances of obtaining the company’s sensitive data. In this respect, Finman needs to enact policies regarding the access by employees and other parties.
This, therefore, means that the clause governing scope of work must be adjusted to limit access of the Datanal and Minertak experts to Finman’s data. To achieve this effectively, Finman must impose strict controls on the transfers of laptops and other hand-held devices by employees to third parties. Furthermore, the use of laptops away from work places should also be constricted, as laptops with sensitive company information can be easily stolen, thus putting the company in the danger of losing confidential data. There have already been cases where companies lost the sensitive data because of theft. Thieves have the potential to break in employees’ houses and steal the important information stored in laptops (Smedinghoff, 2008).
In order to prevent an unauthorized access through eavesdropping, Finman should install cell phone jammers in its conference rooms and all other places where sensitive information is discussed. Lead companies in the transaction like Datanal and Minertak need ensure that the safety of partner’s data is imperative in contracts of this nature. In some cases, dishonest employees collude with their seniors to steal secret information from the host companies. This practice and the loopholes relating to this must be sealed at all costs. This will ensure that none of the companies would face the inconveniences in the event of data loss.
In corporate business models, cases of cybercrimes are very common. Trade in data are often littered with hackers who are always exploring possibilities to maximize their return on investment through boosting revenue data and minimizing overheads. Finman must be aware of the danger it stands to face in the industry; thus, a strict access and dissemination system must be put in place. All possible loopholes that hackers use to gain access must be sealed. In this regard, confidential information, including trade secrets, must not be stored online. The service agreement should be amended to include a compliant section where Finman can arbitrate its data breach claims. This means that all parties in the transaction must set up a joint committee to address issues arising from form data breach. The committee must regularly review the progress and address any security challenges. Although, it is challenging to maintain appropriate data security in contracts of this nature, all parties must adhere to a common code of conduct work in harmony. Issues of suspicion must be addressed within the shortest time possible to limit the chances of dishonesty (Smedinghoff, 2008).
Insofar as Finman should focus on protecting its data from external attacks, emphasis should be put on protections from internal attacks. 70 percent of cybercrimes occur from internal attack. A sizeable fraction of data breaches result from a direct use of copies of production databases for testing and development. During testing and development, cases of data breach are common due to employee’s error or accidental loss of data. In this case, Finman needs to focus on securing data throughout its systems and procedures. International data privacy laws for the organizations developing consumer software should adopt a mechanism that promotes and rewards innovation.
This means that Finman must amend its service act to make sure that it conforms to the provisions of international data protection laws. Clauses touching on property rights, and intellectual property in particular, should be enacted to recognize Finman as the owners of data. Datanal and Minertak come in the contract as third parties; therefore, they have no powers to claim ownership of any formula or ideas gained in their corporation with Finman. Similarly, Datanal and Minertak should de-identify their data or recognize their contribution of Finman in their service delivery. This would guarantee Finman the necessary intellectual property rights. The company will have the exclusive rights regarding ownership of its products.