Has anyone ever done a data security review during due diligence? I've had a few searchers ask me about this topic recently, and I don't have great perspective, but obviously an increasingly important issue for target companies.
Would appreciate any/all guidance on this, including where to turn if you decide it's something you want to do during diligence.
Data Security Review during Due Diligence?
by an investor from Harvard University - Harvard Business School
More on Searchfunder
Searchfunder is an online community and toolkit for searchfunds. Over 80% of those involved in searchfunds maintain a Searchfunder.com account to help them network, problem solve challenges, and keep up with the industry.
We maintain partnerships with database providers that make searching more effective, efficient and affordable along with features that help searchers find deals and investors and vice versa.
We maintain partnerships with database providers that make searching more effective, efficient and affordable along with features that help searchers find deals and investors and vice versa.
Specifically, data security refers to the procedures around protection of data from unauthorized access and corruption throughout its lifecycle. This includes data encryption, hashing, tokenization, key management and backup practices that protect data across all applications and platforms.
As you can imagine that covers a lot of ground in a modern business, irregardless of size, that leverage Cloud platforms to host their service and third party SaaS applications to run their business.
I have found a security risk assessment is good place to start as part of an overall technology due diligence, which takes into account a businesses regulatory obligation, industry standards, information security policies and procedures, previous breaches, engineering and devops procedures, vulnerability management to name a few!
Happy to discuss more. Jonathan.