
How DRM security can create a secure data room / secure dealroom
What is a virtual data room or dealroom?
Although the two terms deal room and data room may seem very different – a deal room is something used in mergers and acquisitions and a data room is somewhere you put private data that you want to share in a controlled manner – it turns out that are really very similar.
A data room or data rooms are used to securely share information that is confidential – due diligence documents for auditors or regulators, for instance. Data rooms are also used to provide confidential information to partners and contractors but you do not want them to be able to pass them on. Where these are hosted on the Internet they can be referred to as Virtual data rooms or v-rooms (presumably now we have cloud computing there will be a virtual cloud data room or vc-room).
So a data room may be internal or external. The users of the data rooms may be any that are authorized. Authorization to use data rooms is usually granted by the owner of the data in the data room, although in some instances it may be a third party such as a law firm or a firm of contracts administrators.
On the other hand. deal rooms or dealing rooms are much favored by lawyers. A dealing room is, literally, where a deal is put together. So in a dealing room you would expect to find sensitive documents that are being shared, probably on a time limited basis, with very specific groups of people who must not be able to take them away from the dealing room. Documents in a dealing room include due diligence reports (usually from accountants or market analysts) and draft bidding documents.
The special characteristic of file security in a deal room is that they have a definable ‘life’ being available to bidders, and that life must be extensible. In both cases it must be possible to ensure that only authorized users may access the content of files, and use may need to be logged.
Previously access control systems have been used for data rooms and dealing rooms, but they have not proved adequate in preventing users from taking copies of documents. DRM controls are needed to deliver a properly secure data room or secure deal room. Using DRM to secure a virtual data room means that you can prevent people from making unauthorized copies of documents (most things in a deal room are confidential) or from saving them and then forwarding on. DRM controls can also add watermarks identifying the user of the data room or the dealing room, which will dissuade them from taking photos of the screen (for instance).