So, you use DropBox as your Data Room or LP Portal?
By Jeff Williams,
I’ve had a number of interesting conversations with clients and prospects in the last few months regarding our ShareSecure data room and data rooms in general.
During these conversations, I’ve noticed some common misconceptions that a lot of people in the financial industry have about data room security–misconceptions that often result in people paying for more security than they’re getting or paying more for security features that they don’t need or are easily circumvented.
Myth #1 – More security features equals greater security.
Frankly, this depends on how you define security. If you’re referring to simply the number of “security features,” then certainly some data room providers can tout a long list of features they’ve built into their systems. In building our online data room, we have intentionally ignored a number of features because we feel a lot of the security features that the expensive legacy data room providers offer are not relevant to the market they serve and therefore unnecessarily drive up the cost.
One of these features, for example, is limiting a user’s ability to print or take screenshots of documents. When this feature was first introduced by those providers, no one had camera phones, so preventing someone from printing something out or from taking a screenshot actually meant that to a large extent you could keep them from illicitly sharing things.
But now, everyone has a camera in their pocket. Some people obviously consider these features to be important and they’ll continue to pay for them. But the truth these days is that if something is on the internet and people have bad intentions, there are always ways to share it. As a result, forcing customers to pay for such a feature may be outdated.
Myth #2 – Well-known data rooms are more secure.
In the Private Equity industry, we’ve found that a lot of people consider Dropbox to be the standard for sharing documents with LPs. You may have read the article about Dropbox security, a number of sensitive documents that had been shared via Dropbox ending up freely accessible on the internet.
The same security flaw was also present on the Box file sharing platform. In both cases, the security breach resulted from a design choice to make sharing links easier but it demonstrates the fact that the big data room providers are no less susceptible to security flaws.
In this case, I think it also highlights some of the drawbacks of using a data sharing service that was designed for general consumer use rather than for use by financial institutions.
Myth #3 – Complete data room security is achievable.
As I said earlier, if it can appear on a computer screen, it can be copied, shared, and sent around the world in seconds. There’s no way around that.
Now I realize that is a scary thought for some but the reality is that in most cases your data and your documents are safer online than they are in a filing cabinet in your office. The trick with building online data rooms isn’t to build something that is immune to security flaws at all cost, but rather to build virtual data rooms that are affordable, very secure, and that facilitates the exchange of information as efficiently as possible