5 Tips for Managing Security During a Merger

Merger and acquisition (M&A) activity in the business industry has been on the rise in recent years. This has been highlighted by big-name mergers between companies like Verizon and Yahoo, and LinkedIn and Microsoft. Outside of Fortune 500 companies, there are thousands of other merger agreements that occur each year. Market consolidations are happening everywhere as companies seek to combine resources and market share to stimulate efficiencies. Unfortunately, during these large transactions, many cybercriminals will use this time to exploit weaknesses in data security. A merger or acquisition is extremely sensitive. Aside from the millions of dollars that could potentially be changing hands, sensitive data, and intellectual property is also be exchanged. It should go without saying that security has to be the number priority for any company engaging in this process. There are a few tips that could help firms with managing security during a merger.

Virtual Data Rooms


Virtual data rooms allow for the secure sharing of important financial and legal documents as well as other sensitive information. A secure VDR provides users a repository to upload important business information and then provide it to clients, investors, and company leadership over the internet in a controlled environment. Also called virtual deal rooms, these secure data rooms are similar to file-share services like Google Docs or Microsoft OneDrive in that they provide a place for online collaboration. VDRs are different, however, in that the security provided is similar to that of large financial firms. Virtual data room providers devote all of their resources to keeping confidential documents secure, private, and manageable.

Using a Virtual Data Room During a Merger


During a merger deal, there can be a litany of information and documents that need to be exchanged among several parties. Traditionally this was handled through the use of physical data rooms. These rooms were highly secure and provided a place for all interested parties to review and interact with important documents. Due to cost, efficiency, and security benefits, the VDR has replaced these physical rooms as the chief vehicle for disclosing confidential information. VDRs allow companies to operate more efficiently and more securely during large transactions. When a business is going through a merger process, five things must be done with a secure virtual data room to ensure security during this vulnerable time.

  1. 256bit Encryption and SSL Encryption – The most important goal is to prevent hackers from intercepting data while it’s being transmitted. This level of online security will also ensure that your data cannot be viewed by the service provider or any other unauthorized individuals. This will usually be a standard for virtual data rooms, but your company should make sure this level of security is provided.
  2. Permission-Based User Roles – It’s important to maintain control over document security during a merger. Permission-based user roles is a good way to do so. The assigned administrator of the VDR can create user roles and assign permissions as to who can view data and for how long. Each file can be restricted based on preferences and the individual user roles set up by the administrator. This is also a way to enforce other provisions such as restricting printing or requiring an NDA before access is granted.
  3. Audit Logs – When an administrator assigns user roles, there will be a complete trail that documents all access to data. Information in the log will show who viewed a document when they viewed it, and for how long. Other activities such as whether they printed the document will also be available. This is obviously important to ensure that secure documents are not being exploited.
  4. Watermarks – Dynamic watermarks add another layer to document security. If a document is printed, a prominent watermark will make it clear that the document is confidential and must not be shared. The administrator can also make watermarks include the names of individuals who print the document. Attaching watermarks to all documents will go a long way towards holding individuals accountable for mishandling information.
  5. Revoked Access – When a key participant from one of the parties leaves it is imperative that they not be allowed continued access to documents and the VDR. Administrators can revoke access to a virtual data room and all of the confidential documents. Additionally, individual access should be revoked once tasks have been completed, ensuring that data is protected from casual snooping.

When a merger is taking place, ultimately, the right virtual data rooms will allow businesses to focus on the deal, their customers, and their business partners rather than the security of their online information. Corporate records need to be protected and finding a virtual data room repository and instituting security features will assure data security.