Virtual data rooms (VDRs) are secure online repositories that are ideal for sharing sensitive and confidential information with third parties during major transactions, such as mergers and acquisitions. But how do you set up a virtual data room in the first place? In this article, we’ll go over the steps of setting up a virtual data room, from picking the right provider to going live in production.

1. Select the best VDR solution

Choosing the right VDR provider will help you prepare for M&A transactions, fundraising rounds, audits, and any situation where you need to share sensitive information with a third party. Be sure to consider factors such as:

  • Feature set: VDRs are much more than simple file repositories—they can also help you organize, tag, and search for documents, among other features (more on this later).

  • Ease of use: To avoid wasting time during the transaction, VDRs should be convenient and easy to set up and use.

  • Security: Your choice of VDR must have robust security features to ensure that your data will be safe under lock and key.

  • User base: Come up with a rough estimate for the number of users who will be accessing the VDR, and make sure that your chosen solution can accommodate them.

  • Price: VDRs are available at a wide range of price points. Cloud-based VDR solutions are increasingly popular because they charge a recurring operating expense instead of a one-time capital expense, which can be out of reach for companies with smaller budgets.

2. Decide which documents to place in the VDR

Once you’ve chosen your VDR solution, you need to figure out which files and documents should go inside it. The right answer here will depend on how exactly you plan to use the VDR. Do you primarily need it to prepare for an upcoming M&A deal, or will you continue to use it on an ongoing basis as a repository for restricted corporate information?

3. Organize files and folders

Organizing your virtual data room will help complete processes such as due diligence and audits much more quickly. Some good advice for organizing the files in your VDR is:

  • Define a clear file naming scheme that allows users to identify the document without opening it

  • Use folders and directories to help classify files into the right categories

  • Regularly test and update the VDR to ensure that it contains the right documents

4. Establish user roles and access

Organizing the files and folders in your VDR will also make it much easier to define users’ access privileges to the appropriate documents. For example, auditors may require access to certain documents that shouldn’t be available to angel investors, and vice versa.

Before granting access to any third party, take the time to plan out the different types of user roles that you want to have in your VDR, and the different types of files that they should be able to view. For additional protection, you can employ VDR features such as watermarking and access logs to ensure that sensitive documents don’t fall into the wrong hands.

5. Establish NDAs

Signing a non-disclosure agreement is sometimes, but not always, a precondition to gaining access to a VDR or to viewing certain documents. While NDAs aren’t strictly necessary in all situations, you should strongly consider drafting your own NDA as an additional layer of protection. Many VDR solutions come with their own stock NDA text that you can modify to fit your situation.

6. Confirm software settings

After the steps above are complete, you should run a final check of all your VDR settings, including security protocols and user permissions, before the software goes live. Once you’ve double-checked and triple-checked everything, you can start sending invitations to your user base.

New Call-to-action