Sensitive documents stored in the online repositories are the subject for advanced protection because the potential leakage can lead to the disastrous consequences for the organization, among which there are transaction failure, losing the market value, and a decrease in competitiveness. To protect the confidential information from disclosure, it is recommended to use a virtual data room for storage and distribution. Providers of online services apply the variety of measures for files protection among which there are the following:
Current standard approved by the U.S. government for sensitive files protection is 256-bit AES SSL. Using it makes the information in the data room visible and readable only to those parties, which are authorized in the system. What is more, the documents get automatically encrypted when insecure network is used. This security measure is one of the most significant for safe document storage and distribution.
The main purpose of using dynamic watermarks is to protect the files from illegal distribution. Considering that sometimes the important information can get dishonestly appropriated even by the authorized members, there appears a need to tie the certain files to their owner. Watermarks are in fact the digital printing on the paper background that may indicate the personal owner`s information (or the name of organization to which it belongs), the name of the project, etc. Watermarks are inalienable and thus no document can be printed or distributed without them.
The most secure and progressive system of getting authorized in the data room is the two-way authentication. It proceeds in two stages: first, the user has to enter the permanent password for entering, and next, he has to print down a code that was sent to his mobile device. Each code is valid only for the definite session and expires within a limited period of time. The similar way of logging in is considered the safest and is used by many banks and financial organizations around the globe.
It is without doubt that the safest storing systems must be well protected against hacker`s attacks. Permanent work of antivirus software allows to find and defeat the attacks of malicious software. Corrupted and damaged files do not get into the data room.
Owners of the virtual data room can select their safety settings. One of the available options is to restrict the use of “Print Screen” button so it will not operate when the contents of the data room are shown on the screen.
This option is similar to the previous one and belongs to the category of viewing restrictions. It protects the data from camera-based attacks by blocking the information on the screen.
All the data in the repository undergoes a permanent backup that allows to save files from loss or erroneous removal
Except the data protection from the unauthorized access, providers have to care about the safety of information in the data centers. The most secure way is to use duplicate data centers that are located in different parts of the world. This way helps to make the data safe even in case any emergency happens in one of the areas. Among the obligatory measures for the data centers there are also the presence of recovery systems, access to the alternative sources of power, and permanent surveillance. To identify the level of reliability of provider`s data centers, it is recommended to check how it meets the requirements of governmental certifications, among which there are the following:
ISO 27001: 2013 – international IT security standard, which includes the major requirements for the level of information security and provides the description of best practices in the field of information security management.
SOC 2 (Service Organization Controls, type 2) – a set of standards for measuring the level of control of the financial information in the organization. From a data room perspective, it identifies how safe the management and operation is implemented in the definite online repository.
SSAE 16 (Statement on Standards for Attestation Engagements 16) – international auditing standard that defines how effective and controlled the reposting system presented in the virtual data room is.
Storing and distribution are not the only purposes of a good virtual data room. In order to gain control of all the operation within the repository, it is necessary to have opportunities for the proper file management. These are some of the possibilities that the trusted virtual services offer:
This feature is the most important among the management-related ones. It allows the owners of the data room to set the permissions and restrictions on use for different files. Rights management is always necessary when many different participants are involved in the work on the project. Each must have the access only to the files that concern his field of activity. With this feature, owners have the advanced control of the users` file accessing. The indicated restrictions may be related either to viewing the document at all or to performing the certain operations with it (e.g.: printing, downloading). All the settings are flexible and can be easily changed if the participant gets more rights in the process.
The necessity to set access expiry is most often used in mergers and acquisitions when participants have limited time for due diligence. Owners set the date after which some or all the users cannot access some or all the files in the system any more. For business deals, the access expiry date usually coincides in time with the date of a final negotiation or the agreement signing.
To simplify the file management, it is possible to unite users in groups according to their rights and to set the collective permissions for all the members of the certain group. This feature is useful when the transaction involves a lot of participants with similar roles in the process.
In this kind of permission setting, rights are different based on the role and position of an individual in a certain organization. Leading company representatives are sure to have the greater rights in the system.
Comprehensive audit tools in the virtual data room give many benefits to its owners; they help to keep control over the repository; to identify the most interested users; to learn about the most popular users` concerns; and to get well prepared for the negotiation or the final meeting.
It includes the surveillance of all the user`s actions in the system from the moment of authorization. The major information that can be received by the owners with the help of tracking tools is: which files were accessed by the user, when and how often, each session time period, operations with the documents, which were performed. What is more, tracking can be not only user-based, but document-based as well. This way, owners can check the following aspects for each document: who accessed it and when, what operations were performed, etc.
The results of the performed audit are hard to comprehend without the appropriate reporting tools. The reporting systems interpret the users` activity for the given period of time and present the information in a graphical way according to the chosen criteria. Administrators can use these reports to identify the potential partners of the organization, to define the most influential parties, and to learn which documents they were most interested in. This feature is invaluable for mergers and acquisitions, because the proper preparation for the final agreement can have influence on its effectiveness.
In order to make operations in the data room the fastest and the most convenient, providers apply a variety of different measures, the combination of which add to the users` comfort and transaction speed. Here are some of them:
The existing interface can be changed according to the client`s wishes, the company logo and attributes can be applied. This feature is usually used by well-known organizations and big corporations that have a recognizable logo and company colors.
Though this feature is considered a supplementary one, it has a special importance for many types of business transactions. It is a room for communication between the members of the deal, where communicating is both secure and quick. Users get immediately notified when they get answers to their questions. This section helps to avoid the repetitions of the same answers by opening access to some answers to all the users of the system. What is more, the analysis of Q&A contents performed by the administrators also add to the company insight.
Users have a possibility to work with files in Microsoft Office Word, Excel and Power Point formats without losing in security.
When it comes to large amounts of information, advanced searching systems are the necessity. The system recognizes search requests in a variety of existing languages.
High speed of uploads is achieved with the help of two features: bulk uploads – for attaching a number of files simultaneously and drag-and-drop – for automatic dropping the files. These small features are used to increase the speed of operation.
Virtual solutions are not tied to any physical location. In the same way, they are not tied to any device, so the operation can be performed on the basis of smartphones, notebooks and tablets as well as computers. Check the main features that concern the remote accessing:
It is important for the applications for remote accessing developed by the providers to be non-footprint. Only in this case the operations in the data room will leave no traces on the device and thus it will be impossible to retrieve the data from the lost or stolen device.
To make operating the data room by mobile more convenient, providers apply the modified versions of interface specifically for the purpose of remote accessing.
Best providers use simple installation procedures where no plugins are required. This way users do not have to waste time on application installment and settings.
Mobile devices are used not only to access the contents of the data room, but also to get immediately notified about the changes in the repository.