secure dealing rooms

Secure Data Rooms

Secure Data Room: Secure Document Sharing, Access & Control

  Free Trial & Demo

“Fantastic product… outstanding support.”

“We would recommend Locklizard to others”

“The clear leader for PDF DRM protection”

“Our ebook sales have gone through the roof”

“Simple & secure – protects IPR from theft”

Trusted by:

Why Locklizard for a secure data room & secure document sharing?

Protect documents – due diligence, compliance, litigation, corporate transactions – from unauthorized distribution

Security issues, poor performance (speed of rendering, scrolling & searching), fixed document structures, yet another system for you and users to use – these are just some of the reasons why you should consider Locklizard Document DRM security over a secure virtual data room.

  • No Passwords

    There are no passwords or codes for users to enter, so they cannot be shared.  Keys are transparently and securely transferred to authorized devices and locked to those devices.

    Unlike secure deal rooms, users cannot share access information, and therefore your ‘protected’ documents with others.

    Having no passwords also solves the password  management headache – Locklizard securely and transparently delivers document keys to a secure keystore locked to each device.

  • Secure Distribution

    Full control over document distribution:

    • Protect documents on your local computer – no uploading of unprotected files to a server where they could be exposed to attack.  You retain full control over unprotected documents and ensure they can never be exposed to the wrong people.
    • Distribute secure documents just like any other file – upload them to a cloud server, your website, send by email or distribute on a USB, etc.
    • You are not forced to use yet another system where you have to manage user passwords or use a fixed document structure for displaying your protected documents – easily integrate protected documents with your existing systems and automate document protection and administration.
  • DRM Controls

    A wide range of digital rights management controls to ensure documents cannot be copied or shared and you retain full control over them at all times.

    • Block screenshots – stops users from taking high-quality screen grabs using screen grabbing tools.  Cloud-hosted secure dealing room systems CANNOT stop screen grabbing because they do not install any software on the client device.
    • Disable printing (or limit the number of prints).  If printing is allowed, then we automatically prevent printing to file drivers (e.g. PDF files)– this is NOT possible to prevent with cloud-hosted secure dealing room systems.
    • Expire documents after a number of days use, views, prints, or on a fixed date.
    • Revoke documents and user access instantly (regardless of where they are located).
    • Track how documents are used by whom and when – know who you are actually tracking compared to shared emails and IP addresses.
    • Allow offline use with full protection– no forcing of users to be online to view protected documents.
  • Device & location locking

    Control the devices and locations your protected documents can be accessed from.

    • Automatically locks document use to authorized devices to prevent sharing.
    • Control the number of devices for each user that your protected documents can be used on.

    • Lock use to locations to control where your protected documents can be used from (e.g. office only).  This enables you to easily control BYOD use since documents on a mobile device will be available for use in the office but not when taken home.
  • Dynamic Watermarks

    Add dynamic watermarks to viewed and/or printed pages.  Dynamic variables are replaced by user data at print/view time.

    You only have to protect a document once for all users rather than having to protect documents individually for each user in order to display unique user information (name, email, etc.).

  • Secure Viewers

    • Installed Viewers provide stronger security than cloud-based systems – no uncontrolled browser environment where users can easily circumvent security controls.

    • We don’t expose user’s systems to attack by forcing users to enable JavaScript or turn off security functionality in Adobe Acrobat or other applications.
    • We don’t use or allow plugins since they easily break and can be used to bypass security.

    • No decrypting of files on a server or use of temporary files – documents are decrypted locally by the Viewer in memory so they cannot be compromised.
    • Unlike slow browser environments, large and complex documents are displayed instantly with fast scrolling and search.

    • You can also publish documents securely for zero installation viewing on USB devices (totally offline) or viewing in a Browser.
    • DRM controls are always enforced for both online and offline documents regardless of their location.

  • Simple to use

    Our document security software is simple to use – secure documents by right clicking on them in Windows Explorer.

    You only have to protect a document once for all users to control individual expiry access etc.

    Manage users and document access via our web-based administration system.

    Automate document protection, and automate administration (user management and document access) with our command line and API tools.

    Once users have clicked on a link to activate their license they don’t need to do anything else (i.e. enter a password, login, etc.) to open documents that they have been authorized to view.

  • Cost Savings

    No charges per document or user – just a one off fee for unlimited documents and users.

    Perpetual licenses save thousands – 3 year use would be a $11,800 saving compared to a $500 monthly fee.

    Host on premise in your own environment or use our ready-to-go AWS hosted systems.

Share documents securely: most secure virtual data room – no useless passwords

Locklizard takes your document security seriously – see why secure virtual data rooms are just snake oil.

Share documents securely without insecure JavaScriptpasswords or plug-ins, and enforce access, location, expiry, and usage controls for both online and offline documents.  Protect confidential and sensitive business documents – due diligence, compliance, litigation, M&A, fundraising and corporate transactions – regardless of location with US Gov Strength encryption, licensing, and DRM controls.

Using DRM in secure data rooms to protect & control confidential & sensitive business documents

  Business requirements

In any enterprise, there’s information that has to be kept secret, but must be distributed, and therefore has to be identified with any recipient in the event that it is ‘leaked’.

Here we address two examples of this requirement and show how to identify secure data room solutions that meet business needs.  The first example is the control of board of management information, and the second is the control of information exchanged during mergers and acquisitions (M&A).

  Sharing documents securely

The critical feature of both of the above scenarios is that highly confidential information and documentation has to be made available to people who are not necessarily to be ‘trusted’ because their personal future is not determined by maintaining the confidentiality of the information.  That is not to be interpreted in a negative fashion.  Independent directors are an essential component guaranteeing the governance of an enterprise.  Potential sellers of an enterprise do not want to reveal secrets, unless, perhaps, they are jilted at the altar of acquisition.

So, there’s the problem in a nutshell.  There are many occasions at which you are obliged to share secrets with people who you cannot control, and you must take any steps you reasonably can to reduce their ability to cause harm.

Board minutes are only just one example of internal documents that need to be strictly controlled, yet have to go outside of the control of the enterprise – though admittedly a high stakes one. They can contain material that, should it become public for any reason, could have a significant impact upon the share price and future status of the business.

In mergers and acquisitions, the stakes are, perhaps, just blindingly obvious.  Information disclosed in the M&A process is usually highly confidential and misusing the knowledge surrounding that range from simply being commercially sensitive to requiring serious explanation to the share trading body of the enterprise’s country.  To put it bluntly, inappropriate disclosure could result in jail time.

  What is a data room?

A typical secure docs data room relies upon access controls to prevent unauthorized users from gaining access to information (due diligence, compliance, litigation, corporate transactions, fund raising, etc.).  This may be achieved in a number of ways.  For users connecting on an internal network, it may simply be login ID and password that grants uncontrolled access to everything defined for that user.

When outsiders need to be given access to information, IT departments create areas on servers, sometimes called virtual data rooms or online data rooms, where information can be stored and access controlled through the use of one or more specific logon id/password combinations. Sometimes incoming IP address monitoring also plays a role to limit the potential for people to give their logon details to others (assuming of course they are not all connecting via a proxy using the same IP) and thus defeat the access control.

This latter approach also allows a degree of monitoring of user activity through the use of cookies, and it can be made to appear more secure by using the SSL service to encrypt the information being transferred between the ends.

What neither of these IT approaches achieves is the ability to prevent the authorized user from taking copies of information to which they have legitimate access and passing those copies on to others.  They also do not provide any linkage that can identify the source of unauthorized distribution.

   Alternate approaches to data rooms

Data rooms are just one way for businesses to share documents.  Other online sharing solutions are available that provide different levels of collaboration, security measures, and ease of use.

  Document collaboration platforms

An alternative approach, especially for internal systems, could be to use a document collaboration system such as MicroSoft 365 with Azure AD.  These have various controls for defining user groups, and it may be possible to allow outsiders to have access by making outsiders appear to be insiders (rather like the IT solutions considered above).  What is more problematic about this type of solution is that collaboration systems expect documents to be editable, and that there is some hierarchy of users where some approve documents.  Commonly in the business cases described above, information is authorized before it is made available, recipients are not allowed to change anything, and some activities, such as printing, may need to be forbidden, or tightly controlled.  Ease of use is also an issue – they use policies to control access and use, which are often complex to setup and administer.

A simpler document collaboration system is Google Docs.  There are no complex policies to setup, and you can easily give access to third parties.  The downside however with Google Docs is weak security – users can add some text to the URL in the browser and disable JavaScript to bypass all restrictions.  While Microsoft Rights Management has also been broken, it requires some technical skill to bypass restrictions.

  DRM solutions

Then there are DRM based solutions.  These have significant benefits over the other solutions described, because they can allow authorized recipients to use information without having to grant them access either to internal networks or to servers.  Documents are locked to physical devices so they cannot be shared and keys are not made available to users (unlike simple login credentials to an online service).

Where access is granted for limited periods of time this can be automated so that documents are revoked automatically with no manual effort.  Alternatively, access  can be switched on and off again as suits the situation.  These facilities are significantly different from administering ‘secure data rooms’.

Finally, DRM solutions have additional features, such as being able to link the authorized user’s identity to viewed images and printed images.  This dissuades them from sharing information in an inappropriate manner and prevents authorized users from being able to readily pass on copies of controlled information.

  Cloud based secure data rooms & secure virtual data rooms

The most common type of secure data room in use today are cloud-hosted secure data rooms, also known as online data rooms, or virtual data room solutions.  An example of  a virtual data room provider is DocSend, but there are hundreds of other virtual data room vendors such as Intralinks, Firmex and Digify that offer startups and mature businesses a solution to sharing fundraising, private equity, IPO, and other sensitive information.

What is a secure virtual data room or secureVDR?

Virtual data rooms enable companies to securely share confidential business documents with third parties without having to invest in infrastructure or spend time setting up access control systems.  At first glance, cloud-hosted secure virtual data rooms seem to be an ideal solution for secure document exchange with external groups.  However, they do have some major security issues.

Who uses virtual data rooms?

Virtual data rooms are typically used by businesses to house and share documents of a sensitive nature.  They are especially common during the merger and acquisition (M&A) process, where firms may need to share many confidential documents with outside parties and potential buyers.

You’ll also see virtual online data rooms used to secure contracts, financial transactions, partnerships, audits, as well as to communicate with lawyers and regulators, and more.

Secure data room security issues
  1. All cloud-hosted secure deal rooms rely on passwords for authentication.  Passwords, links, and other login credentials can be easily shared with other users (despite any claims to the contrary) so that means your confidential documents can be too.  Even two-factor authentication codes may be shared.
  2. Multiple users can login at the same time using the same login credentials.
  3. Document content is decrypted on the server, which then passes it to the client device using SSL.  That might sound secure, but browsers save content to temporary files (caching) to speed up rendering.  So, your unprotected documents could be recovered by users from the browser’s temporary file location.
  4. You have to upload your unprotected documents to a cloud server where they are outside of your control.  In theory, they are then encrypted and the unprotected version is deleted – but what if something goes wrong and your unprotected documents remain stored on a cloud server for possible future access?
  5. Because documents are accessed using a browser, there is no security software installed on the local computer / remote device to enforce document controls – this provides easy ways to remove document protection. Screenshots and printing, for example, cannot be properly controlled, and files are usually cached to the user’s local PC unencrypted.
  6. Unknown browser environments (i.e. uncommon browsers), browser plugins and browser development tools can all be used to circumvent the limited security controls.  For an example of how insecure JavaScript-based browser controls are, see how easy it is to bypass Google Docs security.
  7. Allowing document downloads for offline viewing provides either no or weak protection.  Some secure data room vendors enable users to view PDF files offline using Adobe Acrobat.  However, they either provide NO protection (apart from a watermark which can be easily removed), or force users to enable JavaScript or turn off security controls in Acrobat and/other third-party PDF readers.  This would be a good time to consider who is legally responsible if a user’s system is hacked.
  8. You have no idea who you are actually tracking since login credentials can be shared with other users, and multiple users can log in with the same IP address when using a VPN.
  9. If you allow printing, users can print to unprotected PDF files.
  10. Users can take high-quality screenshots of document content using screen grabber tools.

The security issues above are why secure data room systems are keen to show off their security credentials – i.e. how secure their hosting system backbone is.  It needs to be secure with all those temporary files sitting on the server in plaintext while the files are decrypted.  You might therefore ask: is encryption of data-at-rest in a secure room important?  Well yes, if the server gets hacked – but there are clearly easier ways into the system (and to access your documents) than that.

  Is encryption of data-at-rest in a secure data room important?


Encryption of data-at-rest in a secure data room is important, but it’s only part of the story.

If data is encrypted at rest (i.e. stored encrypted on a cloud server) that ensures hackers cannot access your documents by gaining entry to the server (assuming of course that encryption keys are not left vulnerable).

The main purpose of a secure data room, however, is to enable secure document sharing – allowing only those you have authorized to view protected documents.  If authorized users can share links and login credentials with others, then hackers breaking into a server to try and access your documents may be the least of your worries.

Encryption of data-at-rest may not be the silver bullet you think it is – it is just one component of data room security.

  What is the most secure virtual data room?


The most secure virtual data room system is one that can:

  • provide secure and transparent key management so users do not enter any login information that can be shared with others
  • lock documents to devices so they will not open if copied to another device
  • provide the same full protection for both online documents (those viewed in the Web browser viewer) and offline documents (downloaded files)
  • decrypt document content on the client in memory (so it is not cached to disk) rather than on the server
  • stop multiple users logging in at the same time with the same credentials
  • stop printing to PDF and other file formats
  • stop screen grabbing software
  • protect documents on your local device so they are not exposed on a cloud server

Many secure data rooms that advertise themselves as the ‘most secure data room’ or ‘highly secure data room’ do not provide any of these basic security features.

  So, secure data rooms for secure document sharing?


Secure data rooms were developed using the techniques of a central control system administered by IT departments.  They achieved considerable success, although they did not prevent their users from being able to obtain copies of documents and pass them on without detection.

Cloud hosted secure data rooms expanded on the need to share documents securely outside of the constraints of an internal IT system, but also have major shortcomings.  These password-based systems have still not addressed being able to stop users sharing sensitive documents with others – they just provide better monitoring so you can see ‘who’ (what login details) has accessed what documents.

DRM solutions for documents that don’t rely on passwords or plugins provide a much more secure solution to document sharing and distribution.  They provide better control over the use of documents, lock use to devices and locations so they cannot be shared, and provide better operational flexibility for those who have to set up and administer the secure distribution of sensitive information.

If you want to protect confidential and sensitive business documents, due diligence, compliance, litigation, corporate transactions, and other M&A deal documents from unauthorized access, distribution and use, then an installed Viewer that can lock documents to devices is the only effective way of sharing documents securely.

   FAQs

How do you make a data room?

The easiest way to set up a data room is through a virtual data room cloud provider.  They require minimal set up and don’t require you to have on-site server infrastructure as  you use their data centers.  However, they also have many flaws (mentioned above), such as the ability to extract information from the browser cache, an inability to prevent screenshots, etc.

Is a secure data room really secure?

Despite the name, secure data rooms are anything but secure.  While yes, the server space they’re hosted on is secure, the protection they are able to provide to content hosted on the service is very limited.  If you are sharing confidential information or intellectual property with third parties then you need to be aware of these limitations.

How much does it cost to set up a secure data room?

Despite their ineffectiveness, data rooms do not come cheap.  A data room provider will charge anywhere between $250-$1000 a month.  An extortionate amount on the high-end considering that they don’t provide effective security.

Are data rooms suitable for mergers and acquisitions?

Only if you have a high degree of trust in everyone involved in the due diligence process.  As passwords can still be shared and document content may still be extracted, it’s easily possible for your M&A documents to leak.  Also, some online data room providers serve documents over the Internet as images so features such as full-text search are not available.  You therefore need to consider the usability of the system and functionality that you require for your M&A transaction.  You may be better served by a document DRM solution.

What’s the difference in Dropbox vs a secure data room?

Though both are based on the cloud and have secure server space, data rooms are more specifically geared towards the enterprise.  They usually allow you to group users, have more permissions, gain insight into use via analytics, and grant a finer control over those permissions.  Data rooms also usually make more effort to get security certifications.

However, it’s important not to get too caught up in these certifications and features.  Though data rooms can be considered slightly better at protecting documents than DropBox, they’re still far from effective due to the username/password authentication most use, the inability for browsers to prevent many forms of copying, and the storage of temporary files.

How do data rooms differ from secure file sharing sites?

An online data room enables users to view documents online in the browser, and provides additional controls over how documents can be used – such as preventing printing.  Secure file sharing sites on the other hand provide restricted access to files and folders that users download for use on their local device.  There are no restrictions on how those files are then used.

What is the best option for sharing documents securely?

Locklizard PDF DRM security.  With Locklizard you can lock documents to devices so they cannot be shared, provide offline use with full protection, prevent screenshots, stop copying, printing and editing, remotely revoke access and automatically expire documents.  Unlike virtual data room solutions, we do not force users to access documents online (browsers are slow and provide weak security) and you protect documents offline for maximum security.  While Locklizard is not a virtual data room provider, you can use our DRM software to create your own secure data room and brand it with your own logo and images.

Customer Testimonials