So, You Use DropBox As Your Secure Data Room Or LP Portal?

We have interesting conversations with clients and prospects regularly about our ShareSecure data room and secure data rooms in general.

In those discussions, we’ve found that there are some common misconceptions that people in the financial industry have about data room security. And, unfortunately, these “myths” represent a real risk. In some cases, people who believe them end up paying for more security than they’re getting in return or paying for features they don’t need.

But there’s an even worse potential outcome. Some of the people we talk with are using protective measures that are easily circumvented or no protective measures at all. This leaves them vulnerable to a security breach that can have both immediate and lasting consequences.

In the short term, there is the time, effort, and money expended to investigate and remedy the breach. And over the long term, the damage to a firm’s reputation for having failed to protect stakeholder data can be disastrous.

Below are the three misconceptions we encounter most often.

Myth #1 – More Security Features Equals Greater Data Room Security

Frankly, this statement depends on how you define security. If you’re just referring to the number of “security features,” then certainly some secure data room providers can tout a long list of features they’ve built into their systems.

In building our secure data room, we carefully considered the feature set and have intentionally not included a number of features because we feel that much of the functionality that expensive legacy secure data rooms offer isn’t relevant to the market they serve. Consequently, it drives up the cost of the product unnecessarily. That’s great for the provider, but not for the consumer.

One of these features, for example, is limiting a user’s ability to print or take screenshots of documents. When this feature was first introduced by those providers long ago, no one had camera phones, so preventing someone from printing hard copies of reports or taking a screenshot actually meant that, to a large extent, you could keep them from illicitly sharing information.

Today, everyone has a camera in their pocket and a continuous internet connection. Nevertheless, some people still consider printing/screenshot restrictions (and other outdated functionality) to be important and will continue to pay for it. But the truth is that if information is accessible online and people have bad intentions, there will always be ways to share it. As a result, forcing customers who need a secure data room to pay for this outdated and unnecessary feature is unreasonable.

Myth #2 – Well-Known Data Rooms Are More Secure

In the Private Equity industry, we’ve found that many people consider Dropbox to be the gold standard for sharing documents with LPs. However, you may have read this article on Dropbox security explaining that  a number of sensitive documents that were shared on the platform ended up freely accessible on the internet. 

That’s a call nobody wants to have with an investor or other stakeholder!

The same security flaw was present on the Box file sharing platform at the time. In each case, the security breach resulted from a design choice to make sharing links easier. Both platforms have been updated since this issue was discovered, of course, but the incidents underscore an important point: The big data room providers are no less susceptible to security flaws. And, you could argue that being a well-known platform makes them more of a target for hackers.

These breaches also highlight some of the drawbacks of financial institutions relying on a data-sharing service that was designed for general consumer use rather than specifically for a firm’s needs.

Myth #3 – Complete Data Room Security is Achievable

As noted above, if information can be displayed on an electronic device, it can be copied, shared, and sent around the world in seconds. There’s simply no way around that. That’s a troubling reality to wrestle with, but it’s important to keep in mind that your documents and data are safer online today than they are in a filing cabinet in your office.

The objective with developing and maintaining online secure data rooms isn’t to create something that is immune to cyberattacks at all cost. Rather, the goal is to build virtual data rooms that are affordable and highly secure while still facilitating the efficient and effective exchange of information. You’ve got to protect your data, but you also have to close deals.

In other words, it’s about balance. You want a secure data room like ShareSecure that gives you the best of both worlds.

Click here to learn more about our data room, ShareSecure.

sector focus
Search