Securing the deal the smart way as threats evolve

Dan Ryding, Head of Engineering, thedocyard

Security has always been a high priority in deal making. Confidentiality is key. Huge amount of sensitive information is involved. Maintaining its integrity is critically important. Now, as the security environment evolves fast, so too are the already significant risks faced by the industry.

Several forces are colliding to increase the threat faced by organisations. Even prior to COVID-19, technology users were rightly looking for greater flexibility, improved ease of use and 24x7 connectivity across a varying array of devices. On the other hand, cyber attackers are increasing the sophistication of their attacks and strategies – and their ambition – at a frightening rate.

The jump in remote working adds yet another twist to the deal risk landscape. Traditionally, InfoSec/IT teams were able to control access paths through internal networks on devices that they provided to staff. These could be tightly monitored and secured. That’s no longer the case. With many people now working from home over the public internet and often using their own devices this has created a unique challenge for both internal InfoSec and IT teams.

On top of this, smaller to medium sized businesses cannot afford, or don’t have the resources needed, to provide a secure working from home environment, and that by far increases the risk when they engage in a deal.

Other security challenges in deal making have been around – but not adequately addressed – for a long time. These include maintaining security in an environment where multi-national, multi-party transactions are common, most users are new to the platform, and only use it in bursts for a short period of time.

Administrators of a deal quite often cannot control the technical and InfoSec capability of parties who need to transact in various stages of the deal. This makes securing these platforms very difficult, and something that is not seen or required in more common consumer type platforms. In addition, the frequency with which documents are being exchanged means there are all too many opportunities for something to fall into the wrong hands.

The consequences if this happens are huge. Any unauthorised access or altering of information would most likely see a deal completely fall through, tarnishing reputations, and potentially resulting in a very time consuming, and expensive legal action. Not to mention that it could lead to ongoing business damage for the affected party if their proprietary information gets into the hands of competitors, for example.

Growing concern, stronger security features

After 15 years in the industry, it’s reassuring to see that security is a growing priority - for our customers and in general. Education around the importance of security is improving - though there is still a long way to go. The reporting of major security events is becoming more mainstream.

During the year in which I’ve served as Head of Engineering at thedocyard and my prior six years as Chief Technology Officer at legaltech services provider, InfoTrack, I’ve seen a massive improvement in the security appetite and technical competency of users.

Faced with a fast-changing security environment and growing user expectations, thedocyard has prioritised a number of security features which ensure all deals within the platform are highly protected. Taken together, these features give deal makers and any users they invite into the platform complete confidence their data is safe within thedocyard.

1. Multi-level security controls and monitoring

Multiple levels of security controls and alerting/monitoring systems ensure any information and data within the platform is secure. These include strict password policies and multi-factor authentication (MFA) capabilities.

2. Machine-learning aids threat detection

Based on the Microsoft Azure global network, thedocyard benefits from an industry-leading machine learning capability which aids in early detection of new threats and exploits. This intrusion detection and access monitoring system leverages machine learning to conduct behaviour analytics that will quickly see if a user logs in from an unfamiliar location, disparate geographic locations or shows unexpected interest in particular resources.

3. Finely-grained permissions

All access within the platform is securely defined and segregated, with an audit trail that shows all user activities within the deal space. In Virtual Data Rooms, this audit trail only extends to what happens in the data room. In thedocyard, it covers every stage of the deal.

It is no longer a matter of “if”, but “when” a major security issue will affect any organisation – including deal makers. With plenty of tools and frameworks designed to support organisations’ getting work done in a more secure way, there’s no need to expose your reputation and bottom-line to unnecessary risk.

Drop me a line if you’d like to discuss how thedocyard can help your organisation’s deals flow in a more secure way.

Built by deal-makers for deal-makers, thedocyard provides workflow, compliance and productivity in one platform. Learn more about our end to end deal management platform or book an online demo with our customer success team.