Data Room Security

Layers of Security

idrShare employs a layered approach to security:

  1. Data Center Security
  2. HTTPS and SSL Encryption
  3. SharePoint Security and User Authentication
  4. Granular Access Controls for documents and data

Each of these security layers is discussed below.

Data Center Security

All customer data rooms are housed with a Rackspace Data Center, in the United States on a dedicated server in Chicago, Illinois.

Best practices are deployed including: SSL Certified Sites; 128-Bit Encryption; Managed Firewalls, Anti-virus software; Multiple Tiered Access Levels and the data is stored on servers within a Tier II SAS 70 certified datacenter.

Rackspace Hosting Security is a powerful, fully integrated portfolio of services, managed devices and best practices — all designed to ensure the highest levels of security for customer data.  Our portfolio covers all three critical security areas: physical security; operational security; and system security.

Physical security includes locking down and logging all physical access to servers at our data center.

Operational security involves creating business processes that follow security best practices to limit access to confidential information and maintain tight security over time.

System security involves locking down customer systems from the inside, starting with hardened operating systems and up-to-date patching. Rackspace offers a full range of options to take system security to the next level.

More details of Rackspace security profile

 

HTTPS and SSL Encryption with Proof of Identity

All customer data room access takes place through a web browser “HTTPS” connection.  HTTPS is an encrypted communications channel that uses an SSL certificate issued and certified byNetwork Solutions.  All data room access and file transfers take place through these secure, encrypted HTTPS connections.

Network Solutions has validated idrShare’s identity as a data room provider.  Network Solutions proves the identity of SSL certificate owner idrShare, providing trust, third-party assurances.

This seal is given to a website only after it passes a complete business verification process, and serves as visual proof of legitimacy for all site visitors.

 

SharePoint Security and User Authentication

SharePoint provides several additional layers of security.

1. User Authentication – users must authenticate using unique user names and passwords in order to gain access to the data room(s)

2. User Groups – users are placed into “groups”, who are assigned a set of permissions and access rights.  The data room administrator can create additional user groups to provide an even higher level of operational security for data rooms,document libraries and folders based on the group of users; e.g., employee, customer, partner, contractor, etc.

3. Access Rights – SharePoint protects document libraries, folders and documents by applying access rights checks each time a user attempts to access a document or file in the data room.  Access rights include the ability to upload, download, modify, check out, check in and delete documents, as well as view access to documents and folders.

4. Access Logs – each time a user access a data room or its contents, a security event is logged, creating an audit trail of all accesses by each user.  The data room admin can run reports to see which documents have been accessed by which users or which documents a particular user has accessed.

5. Change Tracking – users can check documents out, modify them and check in changed versions of documents.  The data room can track all changes and versions of a document.

6. Email Alerts – data room administrators can choose to track some or all changes (e.g., new document uploaded) made to data room contents.


Granular Access Controls

Data room administrators can also apply additional granular access controls to limit what a user can do with a document or folder. For example, a certain folder can be limited to “view-only” access, so that certain sensitive documents can be viewed and printed, but not downloaded.  Watermarking can be used to provide an additional degree of protection against theft or data loss.

Documents can also be restricted to “Eyes Only” access, so that printing is disabled and documents may only be viewed online.

Documents can also be converted automatically to Adobe PDF (with watermarking), so that certain content can be downloaded and used offline, but limited to read-only content (protecting access to the original document).

More details on granular access control of documents