Latest News Editor's Choice

Technology / Computers

Security - Why it Matters for Due Diligence - use a data room

by Staff writer
28 Apr 2021 at 00:53hrs | Views
After the stock market crashed in 1929, a new law was formed. The Securities Act of 1933 sought to help investors make more informed decisions. It was also made to allow more transparency, avoid fraud and other dubious activities in the sale of securities. It is from this law that the phrase, or term, due diligence came from.
Nowadays, companies and individuals are expected to practice a level of due diligence before they enter into any agreement and this applies to the access of sensitive documents, records, and data.
Companies have a responsibility to keep sensitive and important data out of reach of the wrong hands. Hackers, cybercriminals, and anyone involved in industrial espionage would love to get hold of certain information, so this needs to be stored effectively, and safely. This is where due diligence comes in as the storage methods used must be General Data Protection Regulation compliant.
And, to do this, many companies use data rooms through third-party suppliers.

What is a data room?

Data rooms come in two main forms; physical and virtual. Data rooms are designed to be secure areas that store sensitive information that will be used for mergers, acquisitions, and court proceedings. The purpose of the room is to share and store this data securely and allow only authorized people to access it.
Physical and virtual data rooms allow you to effectively manage records but there are some big differences between them. As the names imply, one of them is a physical room that can be accessed and the other is a cloud-based form of storage.

What is a physical data room?

These are often called due to diligence rooms and they are put in place to make sure that GDPR compliance is observed. Due diligence during mergers or legal proceedings is essential.
For example, if a merger or acquisition was going ahead, the seller would place documents, records, and other important information into the due diligence room. Access to this information would only be made available to certain parties, including the buyers and their lawyers.
The reason for this goes back to the Securities Act of 1933 and the need for full transparency in these types of investments. Security is important so that due diligence is followed and no data breach happens and everything remains GDPR compliant.

Why use a virtual data room?

A virtual data room is used in the same way as a due diligence room except that it isn't a physical place that clients can visit. A virtual data room will hold all the records, and data online instead of in a room and it will be used in the same way but accessed differently.
The owner of the virtual data room will set the rules and choose which software to use with the room. When looking for a data room provider, the owner will look for high levels of security, access to the room at any time of the day or night all year round, a strong client list to show trust, and value for money.
One of the key benefits of using a virtual data room is the cost-savings. Physical rooms take up space and they will need to be secured by the owner and monitored for access. This all takes time and money. Virtual data rooms are provided by third parties who take care of all the technical details and can provide a cost-effective solution.

Who uses virtual data rooms?

The need for security and due diligence isn't limited to just one industry or a certain part of the world. This is a necessary part of business everywhere and in some countries such as Zimbabwe, they are recording spikes in company mergers happening. This shows that virtual data rooms are needed all over the world.
Industries that use these online due diligence rooms include oil and gas, biotech, pharma, mining, governments, investment bankers, private equity, and legal services. Companies such as Deloitte, Barclays, and Roche turn to data room providers to ensure their data is secure and out of reach of hackers.

What are the risks of not having a secure data room?

If important records are not kept securely then you risk having unauthorized people viewing and stealing sensitive data. This will lead to a GDPR breach and in turn, you could face very heavy penalties.
Different regions have different penalties for GDPR breaches. In the UK and Europe, the fine is up to either £17.5 million or €18 million, respectively, or 4% of the annual worldwide turnover, whichever is the greater. For a global national company, 4% could be a whopping fine to pay for something that could be avoided.
By not securing data correctly you are leaving yourself wide open to hackers and cybercriminals.

What is cybercrime?

Anyone who uses a computer or mobile device to access the internet should be aware of the potential to become a target for cybercrime. Hackers target individuals and businesses, usually intending to steal data or extort money.
Cybercriminals are either individuals working alone or as part of an organized group. Previously, many viruses were simply malicious pieces of code written by solo hackers from their bedrooms. Now though, cybercrime is becoming much more organized and is likely to involve organized attacks on companies.
There have been some very big data breaches in recent history and these include companies such as Adobe, Equifax, Marriott, and the biggest breach of all, Yahoo.

What damage could a breach do?

If you don't organize a secure virtual data room you could end up being hit in the same way that Yahoo was. The company was in the process of being acquired by Verizon and was eventually sold for $4.48 billion.
However, a data breach allowed hackers to access 3 billion user accounts. This resulted in $50 million in fines for the biggest data breach in history and another $350 million wiped off the valuation of the company.
Not taking due diligence and data breaches is an expensive way to do business.

What are the advantages of having a virtual data room?

As mentioned before, virtual data rooms are less expensive than managing a physical room. You will have access 24 hours, 7 days a week, every day of the year, and will not need to worry about security.
One of the main benefits of a virtual data room is the data is stored well away from your own buildings, making it harder for hackers to locate. You set up your own passwords and who can access the data and everything is stored in compliance with international security standards.

The software tracks and records anyone accessing the data so there is a complete record of who has viewed which documents. There is also the option to redact information for certain users.
The biggest benefit and reason to use a virtual data room is that it puts all the security responsibilities in the hands of experts who will make sure you are GDPR compliant.


Data rooms and due diligence matter because without them you will be leaving your sensitive data wide open to economic or industrial espionage, data breaches, and in turn very heavy fines.
If you are hit with a data breach it might not only cost you a fine but it could damage any merger or acquisition that is taking place.

Source - Byo24News