When you use a virtual data room to conduct business, you are often passing around large amounts of confidential information.  The data could be confidential for you and your business or for your customers, which is your responsibility to protect.  This can include private and strategic information such as pricing, new product specs, personal data or financial data that could cause harm if it falls into the wrong hands.

In order to protect such information, virtual data room providers must provide a high level of security.  This includes much more than just a login.  It includes encryption to prevent hackers from gaining access, virus protection to prevent users from getting attacked when they download documents, and security measures for the people that are handling the documents or managing the room, such as IT personnel. 

Here are some of the areas to ensure the files are protected.

1) Intrusion from Outside Sources

You must ensure that virtual data room providers have adequate protection from viruses and hackers.  To do this, you need to find out what type of software programs they use to scan for protection.  Conventional scanners are the standard and can be run automatically or when requested by the user. New options include memory-resident scanners that wait in the background for triggers to alert them for the need to scan and behaviour-based detection, which looks for suspicious behaviour to begin scanning. It’s not enough to have a good system for preventing viruses and other problems.  These systems must be updated to keep up with the newest viruses that are created.  They should install patches and have periodic updates to ensure that the system can detect the newest threats. Virtual data room providers should also have an intrusion detection system that can detect when someone has attempted to access the system without permission. These systems may stop the intrusion or just log information about it. They can be used for internal staff as well as outside threats.

2) Internal Security

More people will have access to your virtual data room other than you and your clients.  To ensure that your information is protected from personnel threats, you need to determine if a Non-Disclosure Agreement is signed by anyone with access.  You also want to find out about policies the virtual data room providers have in place for hiring personnel.  They should do background checks and utilize other measures that protect their clients from having sensitive information stolen.  There should also be physical measures in place to protect the site of the provider from unauthorized access.


3) Compliance

You should ask your virtual data room providers about their compliance and certifications.  They will hold validation for certain compliance frameworks and you may need to know if it is the right level of compliance for your business.  This will depend on your own regulatory requirements.

As attacks on businesses become more advanced, the protection employed by data room providers must be increasingly more sophisticated to ensure adequate protection of your information.  If you want to truly feel comfortable with the security of your virtual data room provider, make sure you ask for details about their security before you decide on the provider you will work with.  A secure data room is one that takes these measures seriously, and puts the highest of priorities on keeping security procedures to keep client data secure. Whether you are a potential client of a data room service or you are a provider, you want the most up-to-date protection for your own safety and for that of your clients or customers.