One of my employees told me that, at one of her previous jobs, a team of employees called dozens of the hottest agencies around the country, posing as search consultants. They requested information on behalf of their anonymous (read: fictitious) client; once they received the materials, they called back a few of the more innovative agencies and asked them more about their philosophies, their ways of doing business, how they kept staff motivated, etc. At the end of their “search” they had new business materials and best practices from 36 agencies that they would use to revamp their own practices and promotional materials. Surprisingly, during this information gathering period only one agency declined to participate.

When you think of corporate espionage, you may think of Tom Cruise types rappelling into a high-tech R&D lab. Or perhaps you think the biggest threat is from “genius” computer hackers? The truth is most information gathering is done on a very low-tech level and by employees whose primary job responsibilities lie elsewhere.

The target is not just the techy details of the latest computer chip. Information on new products, packaging and point of sale across all categories is extremely valuable to your competition. And while you might take precautions to guard such information, the firms you work with on product ideation, package design and point of sale can sometimes become the easiest target for corporate espionage.

How real is the threat? According to the U.S. Chamber of Commerce, corporate espionage costs U.S. shareholders at least $25 billion a year in intellectual property losses. Technical vulnerabilities are responsible for less than 20 percent of this total.

The daunting implication is that common, low-tech stealth techniques can be the most damaging to your brand.

You’re dead wrong if you think confidentially agreements are enough to control the outward flow of information from your branding and design firm partners. Unless their staff is completely aware of how the competition may try to extract information, your brand is probably quite vulnerable. As illustrated in the anecdote above, even moderately skilled sleuths are often able to persuade well-meaning companies to hand over valuable information.

That’s why it’s not only important for you to have sensitivity toward brand security, but for each of your partner agencies to establish thoughtful practices to maintain intellectual property. What follows are some guidelines, culled from the stringent systems we’ve set in place, to assist you in encouraging that effort.

Sign on the dotted line. Every brand marketer begins a project by having partner agencies sign confidentiality agreements. But do know whether your agencies have their own employees and interns sign them, making sure they understand the repercussions of violating these agreements?

You should also ask that your agencies specifically warn their employees about headhunters. It’s common practice for those looking for competitive information to sometimes pose as such. They dangle lucrative (if nonexistent) jobs as bait, and ask employees to show them “what’s new and hot.” Even legitimate headhunters are a real security risk. Regardless, your partners should know the serious legal consequences that could result from an “innocent” conversation.

Office access. Find out how your agencies handle office visits. We’ve taken a cue from our clients and restricted access to our office, developing a policy of fully escorted guests only. We actively discourage visits by vendors, friends and family and even clients. Ask your partners to do the same.

They should also have a plan to cover the instances when a visitor really has to make a site visit. We ask that employees work on less sensitive materials, have “fake” graphics/designs on their computer screens and we often restrict access to work areas that need to continue operation while visitors are in the building. Whenever a client visits our business, the comping and prototype studio door is always closed.

Degrees of separation. It’s easier to contain sensitive information if you can keep it on a need-to-know basis. When possible, ask that your partners limit their use of outside vendors. Find out exactly who will be working on your brand. We’ve limited our reliance on outside vendors by purchasing extensive technology and equipment that allows us to work on prototypes and comps in-house—so fewer people touch the project. Even among our internal staff, we make sure that only a small team works on sensitive projects. And we ask these team members to limit discussion to those actively working on the project.

This “need to know” attitude should also extend to everyone outside the doors of your partners’ offices, including spouses, moms and neighbors. We also emphasize that places like trade shows and industry events are especially dangerous, and tell our employees to assume everyone around them works for the competition.

It surprises me how few companies pay attention to such low-tech precautions. And there are other relatively easy and inexpensive measures your agency partners can take. Do they set the alarm systems each night and turn off computers? Do they have a policy of keeping work in the building, making employees obtain permission to take work or files home? Do they have the ability to read e-mails and track web activity of their employees if needed? We don’t always utilize this access, but we feel deterrence is as important as detection.

What about hard copies and project files? We like to shred and do it on some level every day. Does your agency? I often tell my team that my biggest nightmare is to come into work one day and find that the neighborhood dog has been in the trash, and confidential work is blowing all over the parking lot. As a result, we make sure we shred any paper that may contain project information or graphics.

And what primer on security would be complete without some mention of code names?  It’s good practice to use code names for very sensitive projects, and to ask that your agency partners adopt them internally. Code names not only obscure the nature of the project from prying eyes, it also reminds employees to treat projects with special security care.

After reading all this you may think you don’t want to foster such a paranoid atmosphere. But, in all probability, these simple measures will make you less paranoid. By letting your agency partners and their employees know that what they do is important, and by protecting that work responsibly, you can make sure that everyone lives up to their commitment to enhance and protect your brand. BP

Tom Newmaster is COO and a partner at William Fox Munroe, a packaging development firm based outside of Philadelphia.

Although we don’t encourage corporate espionage, we’ve all been engaged in consumer espionage for decades. Every marketing manager is involved in  intelligence gathering on some level.

The great news is that thanks to the Internet, consumers are telling us more about how they live and shop than ever before. There is lots of information to be had for the marketer who knows where and how to look. In fact there are hundreds of ways to ethically “spy” on consumers from the comfort of your own desk.

People everywhere have begun to post, stream and even lead parts of their lives online. We’re invited to virtually live alongside them. We can access minute-by-minute online diaries or watch live webcam feeds. Flickr.com, for example, offers millions of tagged photos showing people at home, at parties, opening Christmas gifts, playing with their children and in almost every imaginable activity.

What else can you learn online? You can learn what your consumers are feeling, saying, reading, watching, and what they are listening to. You can learn how they use your products, or your competitor’s products.

Want to know how people use packaging? Search Flickr.com for photos tagged “package” to see how/if people are interacting with your packaging. Do a Google image search against your product’s brand name to get a visual snapshot of how consumers view your brand.

Need consumer diaries? Start looking through blogs. Blogsearch.google.com, Bloglines.com and Blogpulse.com are all good starting points for sorting through the millions of blogs now online. (If you’re not comfortable relying on the opinions of a few over-interested participants, you should probably also revisit your position on focus groups.) Blogs have become so commonplace that some companies have taken a proactive role and launched their own blogs, encouraging feedback by offering small product incentives for consumer viewpoints.

And that’s just to get you started. Trendwatching.com has a great tutorial on researching consumers online; it’s a practice they’ve dubbed Virtual Anthropology. Check www.springwise.com for new product intelligence. See what teens are thinking through reports at www.trendcentral.com. Check www.influxinsights.com for blogs on a variety of relevant topics.

The list is almost endless, and the biggest challenge is finding the places most relevant to your product or category. Once you’ve found those sites, keeping up or “spying” on consumers will be easier than ever.