A data room is an electronic storage system that lets documents be stored in a secure environment. It also provides a number of additional features to assist with the due diligence process. These tools include annotation tools, granular permissions, activity tracking and watermarking.
The most common use of the data room is to share security documents (SOC 2 documents and compliance certificates, etc.) with clients to support the due diligence process. Sharing this information with other parties before the deal is completed is a great way to accelerate the due diligence process and decrease the risk.
Email is used by companies to share SOC 2 documents as well as other documentation. This isn’t just inefficient, but also leads to problems with revision control. It’s also vulnerable as email-related attacks are increasing, which can lead to compromised inboxes, stolen credentials and the phishing exploits.
Many secure storage and file sharing services, such as Box and Dropbox allow access to documents on any device or in any location. They provide a high degree of security, but the majority of companies and individuals require more. Documents that are sensitive and are used to raise funds or due diligence deals need to be stored in software with higher levels of security.
The most important question to ask any “secure data room’ is does it restrict authorized users from sharing documents with non-authorized users? Unfortunately, the answer is almost always “no”. The majority of secure data rooms do not restrict the number of times same user credentials may be used to login to the system. Users are able to reuse logins on their personal devices or copy and paste a link into the browser of a friend’s PC.