1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Online security written in search bar

New technology has allowed companies to expand and to make money in ways that would not have been possible before. Unfortunately, 24-hour Internet access, the proliferation of smartphones and electronic banking have also given rise to a new type of crime: cyber attacks. Cyber attacks occur when an unauthorized person accesses a computer system and steals information or causes problems. While preventing an online security breach may seem like a problem for a company’s IT department, today’s CFOs should care about cybersecurity and must become involved in protecting their companies from any online security threats. Below are three reasons why preventing an online security breach has become a responsibility of the CFO.

Security Breaches Negatively Impact the Bottom Line

The number of cyber attacks related to stealing customers’ personal information and financial data is on the rise. Last Christmas, Target made news when hackers stole more than 100 million customer credit card numbers stored in Target’s computer databases. Close to a year later, Target has spent approximately $148 million to correct the breach, provide affected customers with free credit screening, and update its security. As a result, the megastore expects a large drop in profits as it approaches the next holiday season and customers may be loathe to shop there this year.

Target’s case is not an isolated incident; in general, organizations experience 122 successful cyber attacks per week, and many of these may be related to stealing customers’ financial data and/or personal information.

Controlling Online Risk Reassures Investors

Online security risks represent a large potential loss for both consumers and businesses. For this reason, if a business doesn’t have adequate security measures in place, investors may become nervous about backing the business. Investors don’t want to put money into a business that may experience huge losses or close altogether because of a security breach. Thus, the CFO has a vested interest in cybersecurity.  Greater security combined with cybersecurity insurance and a clean up plan should a breach occur puts investors’ minds at ease.

The CFO Prioritizes Company Expenditure for Software

In order to protect a business from cyber attacks and potential losses resulting from such attacks, security policies must be followed across the company and put into place by the leadership team: the CEO, CFO, etc. The CFO has a particularly important role to play because he or she is responsible for making financial decisions involving the purchase of software. When making these decisions, the CFO must take online security into account so that he or she can accurately determine whether decisions are in the company’s long-term financial interests.

Cybersecurity is not just an IT problem; it is a company-wide concern. For CFOs, cybersecurity is of particular interest because breaches can wreak havoc on a company’s finances. CFOs should work closely with the IT department to understand security risks and take those risks into account when making financial decisions on the company’s behalf.

No Comments »


It happens to all business, regardless of size. Important business documents pile up so you put them into files, and files pile up so you put them into a file cabinet, and as the business grows, you need another file cabinet and the cycle repeats itself.  There are other solutions. Virtual data rooms are often used as online filing cabinet- a corporate repository of a company’s most important documents. Implementing this can help move towards a ‘paperless’ office.

What is a paperless office?

The word “paperless” is a bit misleading, because every business of any size will still have at least some work that is done via paper. Tax forms, snail mail, and incoming paperwork from clients are just a few examples. The difference in a paperless office is that you most often develop, keep, and transmit documents electronically.

Many business functions can easily be done without paper. You can send and receive faxes, communicate with clients and vendors, share documents with investors, conduct banking and financial activities, or invoice clients and accept their payments – all electronically, and all without the clutter of paper.

What are the advantages of a paperless office?

Working in a paperless office takes some adjustment, but the benefits realized are well worth the effort.

Thirty years ago, only the largest organizations could afford to go paperless because it was expensive to make the change. The equipment was expensive, the technology was in its infancy, and the conversion process for old records was cumbersome at best. In today’s world, though, going paperless is affordable for businesses of all shapes and sizes thanks to affordable equipment, dramatic improvements in technology, and streamlined conversion processes for old records.

Some advantages of going paperless include:

-Lower costs for paper and printer supplies
-Less space requirements for filing cabinets and physical document storage
-Increased efficiency and productivity
-Easy to reference and access electronic records
-Efficient and controlled sharing of documents, especially with other offices or outside parties
-Greater continuation in the event of a disaster
-Environmentally friendly

Isn’t it hard to make the change?

Yes and no. It is relatively easy to go paperless on a “moving forward” basis by using your computer and and setting up an online repository to keep your company’s documents. The challenge for many business owners is to find the time to convert old records to electronic form.

You might choose to purchase your own scanner and work through your records a little at a time. A better option for many people, though, is to use a self-serve high-speed scanning or printing center. Using a high-speed scanner is easy, convenient, and dramatically speeds up the process of converting old records.

Important precautions

There are a important precautions necessary to ensure the safety and security of electronic files. Make sure archive your documents using a secure solution.  A virtual data room is a secure option as a place to start building your corporate repository. Most VDR solutions provide robust security and strict permissions for access and sharing.

With a little bit of planning and discipline you can easily take the necessary precautions and move forward with your paperless office.

No Comments »

With the media coverage of security breaches, some people are confused about privacy, the cloud and what it means when sensitive information is stored in the cloud. By carefully evaluating any solution you choose to store your information in, you will be taking steps to safeguard your data. Using certain techniques, you can protect your data from hackers and identity thieves. While the information below is meant for businesses storing sensitive information, the same advice can be applied to any individual storing and sharing confidential information in the cloud.

Always Use SSL

Secured sockets layer (SSL) is a form of encryption used to pass sensitive data from your web browser to a web server. When you order product, submit private information, or enter payment details, always look for “https” in the browser’s address bar to ensure that the site is using SSL. SSL is the standard for passing sensitive data to a web server, and SSL is a part of security audits for online companies. Every website that asks for private data should incorporate SSL on the web server. If the web server does not have SSL, you should not enter private data and find another provider.

Use a Reputable Cloud Provider

You have several cloud providers available, but not all cloud providers are created equal. Before you choose a cloud provider, do your research and make sure the provider has support and security. The cloud provider must offer security to protect your data. A reputable cloud provider will have technical support and monitoring every hour of the day for seven days a week. Take references and look at their security procedures to ensure they are taking precautions to safeguard your business’sdata.

Encrypt Stored Data

For extremely sensitive data, you should encrypt it while at rest. The advantage of encrypting stored data is that the data is useless to hackers if they manage to break the cloud host’s security.

Use Two-Factor Authentication

Choose a cloud storage provider that has two-factor authentication- and be sure you and your employees turn it on. Two-factor authentication requires a second form of identity verification, most often a text code sent to a cell phone, before access is granted. With two-factor authentication active, even if passwords are compromised, access to your information will be denied.

Understand Sharing Permissions

Often, you will need to share these critical business documents with other users.  When considering sharing information, be sure you understand your chosen provider’s different levels of permissions and access. This is extremely important and will ensure only intended recipients can view the data. When vetting solutions to store your data, verify that they offer the level of permissions you need to control access to your data.

Cloud storage is a safe and convenient way to maintain corporate archives. Before you choose a provider, do your research and understand how cloud security works to avoid being a victim a cybersecurity breach or even an unitentional breach caused by accidental sharing. A data room is a popular way to store critical business documents with absolute security and controlled sharing. Doing research and taking the proper precautions can go a long way in protecting your sensitive information.

No Comments »

Whether investing in a startup, buying a business, or merging with another business, interested parties typically perform an investigative process known as due diligence. After all, they absolutely need to know what they are getting into before making a decision to invest, buy, or merge. The due diligence process is an obligation that all serious contenders should take seriously.

What is Due Diligence?

The dictionary defines due diligence as:

-Reasonable steps taken by a person in order to satisfy a legal requirement, especially in buying or selling something

-A comprehensive appraisal of a business undertaken by a prospective buyer, especially to establish its assets and liabilities and evaluate its commercial potential

When investing in or acquiring a company, potential buyers need to gather a large amount of data to make an informed decision on the process. For example, they would need to know about the company’s:

-Business plan and model
-Market Valuation
-Profits and losses
-Debt position
-Status of accounts receivable
-Past performance
-Management team
-Risks and liabilities
-Ongoing expenses
-Recurring revenues
-And much more…

It is the seller’s responsibility to provide investors, buyers, and potential business partners with the information needed to make an informed decision. Yes, it means turning over extremely sensitive corporate documents such as profit and loss statements, business plans, payroll records, patent applications, proprietary design files, and so on.

Streamlining the Due Diligence Process

Sellers recognize that buyers and investors need this sensitive information in order to make an informed decision, yet they also need to take measures to ensure that their data is properly protected.  As an example, you may show your proprietary information to a dozen potential investors. In the end, only a few will invest. You need to have taken proper measures to safeguard your information.

Because of the high-level of sensitivity of documents shared during the due diligence practice, it is preferable to manage it in a in a secure data room, as opposed to a collaboration solution like Dropbox. While these types of solutions are very easy to use and convenient, they don’t have the added security features needed to protect your sensitive data or features to asses buyer or investor interest. Access to the virtual data room is granted only to those who have a legitimate interest. Even then, access is usually restricted to the bare minimum required. Documents are often displayed as “view only” so that they never leave the company’s control. Non-disclosure agreements are standard in many virtual data rooms and required upon firts login- and these can also be used to hold each participant legally accountable for maintaining confidentiality.

The due diligence process is a must, but it’s inherently filled with conflict. Using a secure virtual data room can both streamline the process and ensure that both sides get what they need without undue risk.

No Comments »

Saving the Money

Are you a founder wondering whether allowing angel investment into your startup is a good idea? Or weighing the pros and cons of raising a Series A round via a venture capital investment? Deciding on the appropriate funding route for your company is not as easy as it might seem. With multiple options like equity crowdfunding, angel investment, and venture capital as possible funding options, choosing the right path for the long-term future of your company is not a decision that should be rushed. Fortunately, there are a number of extremely helpful blogs where you can discover tremendous amounts of fundraising advice.

Seeking funding wisdom from a variety of sources can help you avoid potential pitfalls as you decide on the appropriate course of action for your company. Discovering specific characteristics that venture capital firms look for in a founder, or rookie mistakes that turn off angel investors, are just some of the truths you can uncover when you read top blogs from fundraising experts. But how do you know which blogs to read? How do you know who to trust and who is just huffing and puffing in an attempt to make themselves appear to be a more seasoned investor than they actually are?

Here at SecureDocs, we’ve rounded up our top ten (and a couple more for good measure) blogs for funding wisdom. Some of our favorites may be blogs you already follow. Others may be fresh discoveries. Each of our favorites offers an incredible wealth of information for those considering their funding options. As you check out these blogs, you’ll find a virtual goldmine of fund-raising advice if you use the search function on each site. Mine previous posts for search terms like fundraising, raising, funding, warning signs, investment, and strategy. If you dig into the archives on each of these sites, you’ll find answers to fundraising questions you didn’t even know to ask. Without further ado, here’s our top ten must-read blogs for fund raising wisdom:

Paul Graham’s ‘Paul Graham’

 Mark Suster’s ‘Both Sides of the Table’

Fred Wilson’s ‘AVC’

Naval Ravikant & Babak Nivi’s ‘Venture Hacks’

Openview Partners’ ‘Labs’

Brad Feld’s ‘Feld Thoughts’

CB Insights

Sean Ellis’ ‘Startup Marketing’

Dharmesh Shah’s ‘On Startups’

Nic Brisbourne’s ‘The Equity Kicker’

In addition to the above-listed must-read blogs, Medium (medium.com/search) and SlideShare (slideshare.net) are also valuable sources of fundraising information. Search for terms like startup lessons, lessons learned, pitch deck, and fundraising in order to uncover the enormous resources on both Medium and SlideShare.

Whether you are considering seed funding for your early-stage startup, pondering a Series A round, or questioning whether closing a later round is a viable option, the above-listed sites can be extremely helpful. Dig into each of these blogs, follow the authors on Twitter, and immerse yourself in the funding knowledge at your disposal. We think you’ll understand why these blogs made our top ten list.

No Comments »

BankSimple Blog: Six Tips for Safer Online Banking
As companies generate, store, and share more and more confidential information online, finding a secure document storage provider becomes a priority. There are many different solutions to choose from that range in price from free to hundreds of thousands of dollars a year. Free solutions, like Dropbox, have been popular by consumers and individuals are using it in their workplace for confidential business documents. Using a personal file sharing account for secure document storage of business documents is generally not a good idea, and prompting many companies to take a closer look at secure document storage platforms. Here is a list of five things you must consider when vetting providers.

Offsite Backup for Disaster Recovery- Automatic encrypted online backup is a key component in any disaster recovery plan as protection against hardware failure, theft, virus attack, deletion, and natural disaster. Any secure document storage solution you choose should have this in place to guarantee the safety of your sensitive documents.

Data Encryption – Data encryption is a process that converts data into an unreadable format.  The document storage solution you choose should protect documents while at rest using AES. Documents should also travel over encrypted SSL/TLS connections.

User Roles and Permissions – Another way to protect documents from unauthorized access is to set up and enforce user roles and permissions. Not everybody will require the same access to company data, and you should be able to chose who sees what. This is a critical component of any document storage solution, as many breaches are caused by unintentional human error. The odds of that decreases the more that access is regulated. In addition to selecting who has access to what, you should be able to chose what they do with the information- view-only, no download, full access, etc.

Two-Factor Authentication – It’s wise to implement two-factor authentication to protect against password-sharing, password-cracking, and carelessness. With two-factor authentication, a second factor is required to verify the user’s identity. For example, after entering the correct password, a user may then need to enter a one-time PIN number which is sent to the user’s smartphone via SMS.

Privacy- Since you are likely storing sensitive company information in the solution you choose, it is advisable to check the privacy policy of the provider you are considering. How do they treat the confidential information (names, email addresses) of invited users? Do they market to them or share them? Who has acsess to your data? Who from their support team or engineers can see your data? While these questions are often overlooked when evaluating the security of a system, they are important considerations.

This is a jumping off point of items to consider when vetting the security of secure document storage platforms. Other considerations consider ease of use, your company’s individual use case, and whether or not the solution is being used for finalized, signature documents or as a collaboration tool. In any case, security should be top-of-mind.


No Comments »


Finding funding for your entrepreneurial endeavour is not as straight forward as it would seem. While you might initially think that as soon as you have established a product/market fit the venture capitalists will come calling, nothing is further from the truth. With startup companies around the globe clamouring for venture capital investment, today’s investors can cherry pick their investments and your startup idea might not make the cut. Fear not though, as venture capital investment is not your only hope. In fact, accepting a venture capital investment might not even be in your best interest. You might instead want to consider opting for equity crowdfunding instead. There are numerous crowdfunding platforms you can consider. Following are just a few options you can consider before you sign a term sheet from a venture capitalist.


Seedrs offers a platform that lets entrepreneurs raise funding for their ventures from a variety of sources. Investments on the Seedrs platform can come from family and friends, business associates, community members, or even angel investors.



If your entrepreneurial idea is a consumer or retail product, you might want to take a look at CircleUp as a potential funding opportunity. CircleUp connects verified investors with product startups in need of funding. Whether you’re launching a food truck concept or a new beverage, you can get your product in front of potential investors who might be considering adding a consumer product startup to their investment portfolio. You can raise a little bit of funding from numerous investors instead of accepting a lump sum investment from one venture capital firm.



Crowdcube lets startup founders pitch potential investors for funding. Similar to the way Kickstarter or Indiegogo raise funding for products, Crowdcube lets entrepreneurs solicit funding from investors. Business proposals can be in a wide variety of sectors including manufacturing, retail, and tourism. Explore Crowdcube’s platform details to see whether you might want to consider funding your venture via the crowd.


Our Crowd

Currently active in Israel, Our Crowd will soon allow investors to pool their investments into global startups around the world. Our Crowd combines the best parts of venture capital and angel investing into a unique crowdfunding platform. Review the specifics of their offering to see if Our Crowd might be a good fit for your entrepreneurial idea.



If your startup company already has a strong legion of supporters, you might want to investigate Alphaworks as a possible funding source. Alphaworks helps startups with strong community support to connect with accredited investors. Community supporters are able to invest alongside traditional angel investors. Review the funding details of Alphaworks to see if their platform might work for your funding needs.


These are just five of numerous funding options you can consider. Understanding that accepting venture capital investment is not your only choice is crucial if you want to build a successful company and maintain control of your business. While venture capital investment is the right choice for some businesses (especially if you want to scale on a global level), it is not necessarily the wisest choice for all entrepreneurs. Knowing what your alternatives are is extremely important, especially if you are getting to the negotiation stage with potential funding partners.

No Comments »

Mergers and acquisitions and funding rounds used to require the creation of a physical, paper-based deal room where decision-makers could perform due diligence and review sensitive corporate documents in a controlled environment. These deal rooms were usually hosted at the vendor company or  law offices  with staffers  who assisted as needed as well as made sure that no one walked out with unauthorized copies of the documents.

While documentation was closely monitored, they really weren’t that great. First, you had to get there. This meant travel — oftentimes across country. You know the drill: if the deal room was located in New York and you worked out of Los Angeles, performing due diligence meant packing your suitcase, booking a flight, and kissing your family goodbye for a few days.

If you were the host of the deal room, you had your own set of issues. For example, you had to host all of these potential investors, buyers, or auditors,  usually at great expense.

Today, it has become much simpler. Thankfully, the virtual deal room has provided a solid, and in most cases preferable, option to the traditional deal room.

For starters, a virtual deal room is hosted online. Thus, travel requirements and scheduling conflicts are immediately taken out of the equation. Once you grant access to decision makers, they can log in and review your documents at their leisure. There’s no need to have a full-time paralegal hovering over investors, making sure that they’re both cared for and supervised so that they don’t walk off with your documents.

You can take security even further by requiring two-factor authentication, requiring the signing of a non-disclosure agreement prior to displaying any documents, and watermarking your documents. Finally, virtual deal rooms generate comprehensive audit logs, allowing you to gauge investor interest and see exactly who’s viewed what.

If you’re on the due diligence end, your life is much easier, too. Simply log in and access the documents that you need in an online virtual deal room — all without the hassles of modern travel. Instead of kissing your family goodbye, you can access a virtual deal room from the comfort of home.

No matter which side of the deal you are on, a virtual deal room can prove to be much more efficient than the traditional one.

No Comments »

Filing cabinets

Moving the company’s financial documents from a physical filing cabinet to an online document repository is a smart move, allowing for greater security and flexibility. The first step is to vet your options and ensure the virtual data room or other document storage service you choose has the proper security controls and features you need. After that’s done, you may wonder want to do next. Use the tips below to transition from a paper-based system to an online corporate repository.

-Create folders - How you structure your corporate repository is up to you. However, your folder hierarchy will impact users, making it important to create a folder structure that is both well organized and user friendly. For example, you might create main folders for corporate records, financials, and material agreements. Within each main folder, you could then create subfolders and sub-subfolders if needed.

-Create user roles and permissions - Next, set up user roles and permissions. You may not know who the actual individuals are at this point. However, you do know that certain categories of users will need different levels of access. Think about the different needs of CFOs, investors, auditors, department heads, and others who may need access to the corporate repository and assign the bare minimum permissions possible for the job role. This gives you a starting point. You can always add permissions on a case-by-case basis.

-Set up non-disclosure agreements – Access to your corporate repository should be granted only after a user has signed a non-disclosure agreement. Depending on the solution you have selected, you may need to do this manually and then upload a copy of the signed agreement after the fact. With SecureDocs, NDAs are both customizable and automatic. Once you’ve configured your NDA, the system will prompt users to sign before they are granted access to a protected document.

-Upload documents – Now that the basics are in place, it’s time to start uploading documents to your corporate repository. You may need to use a scanner to digitize some of your paper-based files. If you’ve chosen a solution that allows for drag and drop uploads of folders and documents, getting everything into the data room will be simple. Start with the first folder you created and work your way down the hierarchy. Remember to place documents in the most appropriate folder or subfolder. At this point, you may find that you overlooked a category. Make new subfolders as needed, paying special attention to your existing structure.

-Assign permissions – As you upload documents into your repository, you will need to assign permissions. For each user role, you can designate specific permissions to a folder or document such as: no access, view only, download, or full access.

-Invite users – Finally, it’s time to invite users to your corporate repository. It’s not a bad idea to start with a few trusted colleagues to test the system and make sure it’s ready for real-world use.

Setting up an online document repository isn’t overly difficult, especially if you choose a solution with a simple user interface such as SecureDocs. With a well-organized structure and the right user roles and permissions, your end-users should be able to find what they need without compromising security.

No Comments »


The SecureDocs Virtual Data Room team just got back from Bio International 2014  in San Diego, CA. The event was fantastic- we met great people and learned a lot. Albert Oaten, SecureDocs VP of Market Development, offers his perspective. 

The return of the Life Science IPO and M&A markets, and speakers like Richard Branson and Hillary Clinton, put a bounce in the step of executives attending Bio International 2014.  World Cup brought a common international language for everyone to share and reduced seasoned executives to their younger selves, bouncing and kicking soccer balls. The show reflected some general trends in the Life Science Industry including the increasing role national, and state governments are playing to support early stage companies.

Gerard Lenstra, Netherlands, Matthias Bach and Pascal Riewe of Germany

Gerard Lenstra, Netherlands, Matthias Bach and Pascal Riewe of Germany

Increasing numbers of companies are focusing on targeted drug therapy innovation combined with more refined trials that include individuals with specific genome characteristics.  Partnering, business development, and education were the primary themes, but connections and contacts may be the most important outcome for the companies attending.


The mix of international government programs, early stage companies, attractive foreign direct investment incentive options, privately-funded startups with unique technology, coupled with the talented ecosystem of specialized CROs, drug discovery and drug manufacturing solutions, made for a rich participant mix.  The end result was high-IQ researchers interacting with experienced business executives, finding ways to formally and informally help each other.  Bio International 2014 did a great job facilitating after hours environments where everyone could mix together, share drinks and listen to live music.  Early stage entrepreneurs could learn about executing operationally and navigating the business end of fundraising and partnerships.

For vendors like us, it was a great format to meet with our clients and prospective customers in the United States and overseas.  As you might expect, midsize and mature companies were very aware of the risks posed when sharing sensitive information with investors, CRO partners, etc… and almost all use a virtual data room. It was also an opportunity for us to meet with early stage companies that were either starting or preparing for fundraising. Increasingly, we found companies using virtual data rooms as a document repository for ongoing readiness for fundraising series A, B, C…. to M & A or IPO and everything in between.


Overall, Bio International 2014 was not just about the Life Science industry, but the collaboration required among countries and government agencies, coupled with a complex ecosystem of vendors, all needed to move our knowledge forward to improve the length and quality of the human condition.

Thank you to Bio International 2014 for making this a wonderful and productive show for everyone.

No Comments »

Page 1 of 2312345...1020...Last »