Q: WHY DOES A VIRTUAL DATA ROOM SOLUTION MATTER DURING THE COURSE OF A DEAL?
Ed Bifulk: The primary and most important reason a virtual data room (VDR) matters during the course of a deal is because it allows everyone involved to view the information in real time, letting them make informed decisions. Utilizing a virtual data room such as Merrill DataSite helps reduce transaction times and deal expense while at the same time allowing multiple users to view all the information at the touch of a button. People involved in a sale need to know exactly who is viewing their information—and the superior security of a Merrill DataSite provides this peace of mind. Surety, the mitigation of risk, and accessibility mean that dealmakers are increasingly depending on VDRs to facilitate their deals. A VDR can also be used on the buy side or as a high-level collaborative tool in information sharing. It also provides the ideal solution for securely sharing information between designated parties over a significant period of time. For example, when the transaction is completed, DataSite can be used to help monitor every aspect of the performance of a company on an ongoing basis.
Q: TECHNOLOGY IS CONSTANTLY CHANGING AND INCREASINGLY A CHALLENGE IN TERMS OF SECURITY. HOW CAN AN ORGANIZATION ACCOUNT FOR THESE CHANGES AND POTENTIAL RISKS?
EB: As we know with the cyberhacking that has taken place recently, data security means protecting a database from destructive forces and the unwanted actions of unauthorized users. Best practices contain more technical security precautions that most should know, and if they haven’t already, all IT professionals should implement. Hardware-based security solutions can prevent read-and-write access to data and hence offer very strong protection against tampering and unauthorized access. The best way for a company to protect its confidential documents and information during a deal is to use a VDR. This has become a normal practice throughout the industry as the days of the old deal room at a hotel or conference center are obsolete. The security and focus of that data room includes employing several layers of security, such as:
- Be ISO 27001 accredited that complies fully with an Information Security Management System (ISMS).
- Client data should be 256-bit SSL encrypted with EV from VeriSign®.
- Allow only one login per person at any time and follow strict protocols on passwords.
- View documents as encrypted images through a secure viewer—no files on a hard drive.
- Don’t subcontract hosting management; be the Application Service Provider.
- Place full disclaimer language upon first logging into a project and even each time a user logs into a project to ensure that users accept conditions of use.
- Printing rights should be controlled for each user, down to the document level.
- Secure documents further with a tamper-proof personalized watermark that appears on any document viewed or printed.