Get All Access for $5/mo

Data Security and the Downside Risk of M&As Here's why specialists are using a template - Information rights management technology (IRM) - to protect sensitive information from unauthorized access

By Bimal Raj

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock

Mergers and acquisitions (M&As) are good for business. But in these days of unpredictable risks pertaining to data security, mergers also come with unforeseen headaches. This is because security issues have gone beyond being a technology risk to an elevated plain of business risk. Studies have shown that such risk was the primary cause for many M&As to go haywire after the deal was consummated. Data privacy, security, and data breach risks are important due diligence issues in the deal landscape. Post-acquisition discovery of security mix-ups are a far too common downward risk.

It's a Big Problem

Reports say that more than 40per cent of companies engaged in a deal transaction end up with a bug related to data breach during the integration process post acquisition or merger. More even for those acquiring companies that intend to scrutinize data security issues as part of the due diligence process, often legal eagles conducting such homework do not adequately understand the changing threat perceptions or comprehend in full the particular risks associated with the target company. More often than not, the lawyers settle for asking an array of usual, privacy-related questions of a company even when that company does not collect or handle consumer data at a granular level on an on-going basis.

The focus on privacy and not security more generally in part is due to a general lack of awareness of broader security issues. To a large degree, an overemphasis on data breach risks is not surprising since companies must publicly disclose breaches of personal data to consumers, and more often than not the big time breaches only get attention while a large chunk of data compromises go sans red flagged.

The Core Reason

This is because when a deal is getting executed the most important concern for everyone involved in the transaction is data privacy and security. Even though parties involved in the transaction sign the non-disclosure agreements (NDA), it is important to limit the exposure to the data on a need-to-know basis.

In the process of due diligence and deal evaluation, a lot of sensitive information like company financials, intellectual property, customer contracts etc get shared among the parties concerned. What happens if the deal does not consummate is left to everybody's guess. Even though usual disclaimer of non-disclosure may take care of the confidentially part, it is always prudent to limit the buyer's exposure to the data to mitigate future risks. This is because the sensitive data can be used by the buyer to evaluate other opportunities or can be used by competitors which may upend the company's future business prospect.

Technology

This has prompted M&A specialists to use a much-refined template - Information rights management technology (IRM) - to protect sensitive information from unauthorized access. Virtual data rooms (VDR) use IRM and provide a safe and highly functional environment to the parties involved in the transaction. It acts as an online repository of data. VDR provides the document control where data owner can share the information on view only screen so that the user cannot download or take print outs or cut and paste of the information shared. As these data rooms are cloud-based and can be accessed from anywhere and at any time which gives flexibility to the users. It gives excellent control of the data shared. If the deal is not happening, then the owner can revoke the permission to the data room instantly. After that buyer with whom data had been shared, will not be able to access it. The owner can also provide controlled access and set rights to the data on a user by user basis by allowing print and download capabilities and can track document access and usage. Therefore the key takeaway is to share sensitive data with adequate protections and precautions.

Bimal Raj

Partner, Singhi Advisors

News and Trends

"45% of All Ongoing Hydropower Projects in India are Ours": Patel Engineering

Patel Engineering reported a turnover of INR 4,400 crore in the last fiscal year, with a projected 10 per cent growth for the current year.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Living

70% of Small Business Owners Experience Monthly Burnout. Follow These 3 Rules to Avoid the Same Fate.

Here are three guidelines to help entrepreneurs achieve balance, growth and success in both their professional and personal endeavors.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Franchise

Kick-Start Your Small Business With These Cost Effective Strategies

Starting a small business is an exciting adventure, brimming with both opportunities and challenges. A key to success is effectively managing costs from the outset.

Science & Technology

5 Rule-Bending AI Hacks to Make Your Mornings More Productive and Profitable

By 2025, AI will transform productivity by streamlining workflows and cutting costs. Major companies like Microsoft, Google, and OpenAI are leading the way, advancing AI into "Phase 3," where tools act as digital assistants. Discover 5 AI hacks to boost efficiency and redefine your daily routine.