Key Questions to Ask When Comparing Virtual Data Room Providers - Part 1

Introduction
Questionnaire
Conclusion

STAY CONNECTED

EXPLORE MORE

Introduction

Virtual Data Rooms (VDR) have existed since the early 2000’s to enable the sharing of sensitive files. The challenge nowadays is to figure out which VDR solution makes the most sense for your organization and use case. The sheer number of solutions and providers on the market complicate the decision-making process but with some research using thoughtfully curated questions, the best options quickly rise to the top of the consideration list.

In this series, we’ll explore the variety of challenges and requirements that should be considered when evaluating a Virtual Data Room solution.

Question 1: Who will be accessing the virtual data room and what will they be expected to do?

Typically, your VDR will be accessed by both internal and external users, however, it’s important to gauge who those users are and what they will be expected to do. Tasks can range from simple activities like opening and viewing a PDF file, editing excel workbooks, collaborating on contracts, all the way to performing full due diligence and more. Evaluate how the VDR provider handles each of your use cases and how easy or difficult it is to perform the tasks, both from an internal user and external user’s point of view. Give special attention to the balance of security and ease of use. Increased security restrictions can lead to a degradation of functionality which can result in poor adoption. In addition to performing their business tasks, evaluate the administrative overhead of first-time login, navigation, and getting end user support.

Q2: Where will your data be stored?

Cloud solutions allow you to upload sensitive data for safekeeping. The geographic location of the datacenter could have an impact on your decision if you must comply with certain data protection policies such as GDPR. Some solutions such as Govern 365 do not host data and store all content within your own tenant. This way, data sovereignty is ensured and you remain compliant.

Q3: Are there audit trails? (access/system/application and activity)? If yes – does the application log any sensitive information? What sensitive information is being logged?

Almost all solutions provide an audit trail of access to data rooms and files. Evaluate the level of detail each solution provides and the ease of access to this data. Be sure to evaluate how often this data is refreshed and how easily you can get to it. Another aspect of data logging is where these logs are stored. Some of this data may be sensitive so be sure to include this as a part of your evaluation criteria.

Q4: Does the solution encrypt data? If not, what other security controls does the solution provide beyond access control?

It’s critical in today’s day in age to be in control of your sensitive data. Data encryption is a common method of safeguarding sensitive data from unauthorized access, however, not all encryption is built the same. Evaluate how your content will be safeguarded with considerations to taking screenshots, copying text/images, and other means of exfiltrating data.

Q5: What platforms can the solution and content be accessed from?

External users could be using a variety of devices and operating systems to access your data. Some organizations have a very clear idea of the external user landscape but not all are fortunate enough to be as privy. The best solutions work across a multitude of devices, including mobile, so make sure you ask providers about which platforms they support and what known limitations you should be aware of.

Download VDR Whitepaper

Stop spending on purchasing expensive Virtual Data Room (VDR) solutions. Use Govern 365 to quickly create Microsoft 365 data rooms or SharePoint online data rooms.

Download

Q6: What collaboration features does the solution offer?

Q7: What permission levels can be applied to the users and what restrictions can they enforce?

Q8: What reporting metrics can be easily accessed by managers for insights into data room activity?

Q9: Can data retention policies be enforced by the VDR?

Q10: What is the external user experience? Is there a portal for the end users?

Q11: Where are files being stored?

Q12: What storage limits, if any, does the solution impose?

Q13: Can user access be limited by geography/location?

Q14: How easy is it for a new user to log-in and share or access files?

Q15: What level of technical support, adoption, training and governance are offered?

Stay tuned for our upcoming articles where we’ll dive deeper into questions 6-10. It’s easy to make the right decision when you are armed with the right information.

Conclusion

Be sure to reach out to the Govern365 experts at contact us at [email protected] and see how well Govern 365 VDR’s fit your needs. We’re happy to help you address your needs and make the best possible decision.

I hope this has been a useful article and hope to see you on the next one!