Saw this and brought back some nice memories, so had to register.
As said, scrubbing off whatever markings from any and all of your parts is as effective measure as leaving your door unlocked, but leaving a note asking people kindly not to enter.
If and when any parts of your product sets their feet in the manufacturing world of China, buckle up. If anyone senses that there's some money to be made by copying quite literally anything in your design, trust me, they'll go for it, and they'll go for it hard. Your BOMs will be known in seconds, as will any PCB gerbers be available from the neighbour's copyhouse in matter of days. Firmware binaries, if you're nuts enough to have your stuff programmed at these houses, yep, same stuff there. Anything and everything will be out.
But our legal will have fancy NDAs and whatnots. Sure they will, that won't change a thing.
In my handful of years in related industries, I've seen our products being copied, sometimes in quite interesting ways. So called "strictly confidential" FW-protections have found their ways to clever counterfeit artists to earn their honest bucks to name but a few.
I haven't quite followed what's the modern day method of securing your SoC/MCU/DSP/CPU/whatever you have as the brains of your beauty, but focus there. And this means some heavyweight enough measures to slow down the hackers. How heavy exactly, well, goes back to square one. If there's money to be made, you need to invest on this.
The professional reverse-engineer copiers are something I can't comment much as I've no first hand experience, but the manufacturing houses alone can be a serious problem if taken lightly. Trust me when I say that every single file you share with them, regardless of the legal jargon that might have been bundled with it, will one day be found from some shop floor computers. You know those with no password protection, free access to whoever technician pleases to toy around. And from there, well, who knows where, into the wide blue yonder.
In short, whatever you want to keep in house, keep in house. Not a single one of those Chinese PCBA fabs will keep your precious data within the scope you'd desire.