Data rooms from Admincontrol are custom-designed to streamline and support due diligence processes. In the data room, the company can share confidential documentation and perform Q&A rounds in a user-friendly, intuitive and secure environment. The data room is designed to provide easy-to-use procedures for all parties.
The solution ensures rapid, transparent and secure information sharing when conducting, for example, M&A transactions, restructurings, stock exchange listings, capital injections, procurements and outsourcing.
Some of the benefits of using data room from Admincontrol
• The data room is built around a streamlined process and is user-friendly and intuitive
• Structure and control of data and sensitive documents
• Secure interaction and sharing outside of the enterprise
• Clean Room functionality for Clean Teams
• Access and support available, 24/7/365
• Dedicated client manager assistance during start-up and throughout the entire process
EFFECTIVE DUE DILIGENCE
Due diligence is a critical core aspect of restructuring activities, company divestments and the evaluation of new strategic partnerships. The company must be prepared to disclose everything from customer contacts to bonus agreements, patent certificates and much more. This process is crucial for the final valuation of the company. Sales processes are sometimes initiated on short notice, and they are always in addition to day-to-day operations and activities. We know this is very demanding for the company, and have designed our data rooms to easily facilitate this work as much as possible. In addition, we have clear recommendations for how you should proceed in the due diligence process in order to achieve the best possible outcome.
In some cases, strategic processes come in from the sidelines and due diligence ideally has to be performed immediately. In other cases, the process is planned over several years. It is becoming more and more common for changes of ownership and financing to be incorporated into strategies and business plans, so why not ensure that you are well-prepared? We call this pre-due diligence and in reality it is about defining a dependable structure for business-critical information and documents. The benefit of having full control of this information is that you are then able to spend time and energy on the interested parties, instead of gathering, producing and making content available once the process is already under way. This will increase the likelihood of a positive outcome for the company.
Control of all relevant documents is a sound basis for due diligence. The important thing to consider is that they will have to be shared with interested parties who are not part of the company. In addition to storing and structuring data, a data room’s role is also to ensure that the data can be securely shared in confidence with external parties. Efficient access control is absolutely critical once the project is under way and different parties are to be invited into the data room to inspect information and documents. Another critical aspect of due diligence is the question and answer facility (Q&A). Large numbers of questions have to be answered in a controlled and efficient manner. An agile Q&A module is core functionality for a good data room solution like Admincontrol. All user activity in the data room is logged and made available through reports.
With Admincontrol, you also get your own consultant to assist with all the necessary functionality. Your most business-critical projects are safe with us.
AREAS OF USE
Admincontrol’s data rooms are used in a variety of situations. The common denominator is that business-critical information and documents need to be structured and shared across different groups of people, including some from the outside of the enterprise.
This necessitates an efficient solution that provides secure storage and transparent access 24/7/365.
THE MOST COMMON AREAS OF USE FOR ADMINCONTROL’S DATA ROOMS:
• Capital injections
• Stock exchange listing
• Property transactions
DATA PROTECTION AND SECURITY
Data protection and security are crucially important for Admincontrol and something that most of our customers are concerned about. We cater for these requirements by maintaining a constant focus on security at every stage: from product development and day-to-day operations to the phasing out of equipment. Admincontrol has taken all the requisite steps for complying with data protection legislation and the GDPR.
SAFE AND SECURE
The security measures ensure that customer data is kept safe and secure and is available only to registered users with access privileges. Users without the right privileges have no access to the customer data. If devices with offline data go astray, they can easily be deleted using remote wipe. All employees in Admincontrol are security cleared and may be listed on customers’ insider list if desired.
Safe and secure
Security measures and internal control at Admincontrol are founded on our ISO 27001:2013 certification and comply with relevant legislation and security requirements.
Admincontrol has annual ISAE 3402 Type II audits performed by independent, certified auditors, who verify the internal control and ensure that our security measures are properly implemented and that they were fully functional throughout the entire calendar year.
In its development work, Admincontrol follows OWASP guidelines for secure development and OWASP ASVS, which is a standard for performing security verification at application level. Admincontrol performs regular security testing of production systems and applications.
Admincontrol uses Microsoft® .NET 4.0 technology to develop secure online applications. All data are stored on a Microsoft® SQL Server.
In Admincontrol, each user has a unique username and password which must be entered every time a user logs on. The password is not saved in the database in plain text. Admincontrol only stores one-way encrypted passwords using secure and recognised algorithms, thereby ensuring the highest possible password protection. In addition, an automatically generated one-time code is sent to the user’s mobile (SMS 2-factor solution) every time the user logs on.
For our Nordic users, we also offer authentication based on national eID solutions, such as BankID (Norway and Sweden), NemID (Denmark) and mobile BankID (Norway).
When customers are granted access to the portal, all data, including username and password, are encrypted using state-of-the-art TLS encryption. This powerful encryption protects the documents and other data as they are transmitted between your devices and the server. In addition, all data stored in the solution are encrypted with AES256 encryption.
The user rights are role based and grant rights at folder level. All information is linked to folders, including details of meetings and decisions. To assign users to a specific role, the customer’s user and administrator must grant rights to the relevant users or ask Admincontrol’s staff for assistance. Admincontrol is unable to assign rights without verifying that the request comes from an authorised user who is approved by the customer’s organisation.
All documents are kept in an encrypted storage solution and access to them is only possible through the Admincontrol applications. All PDF documents are read in a reader that leaves no traces of the document on the client device. The PDF reader’s cache is deleted when the document is closed. All other file types are handled as ordinary files and attachments, and can be downloaded in a readable form. Admincontrol is able to guarantee that a document does not leave a digital trace on the client device. The customer’s administrator can control printing rights for each document and choose whether the document can be downloaded in the ordinary way or may only be read in the secure PDF reader.
Security in data centres
Admincontrol’s servers are located in secure data centres that meet all modern security and environmental requirements. All the necessary ISO certifications is in place. The server environment is operated using state-of-the-art solutions, and we only use hardware, software and middleware from major manufacturers on the market. The rooms used are also protected by the following security measures:
• 24/7 manned security
• Monitoring system, e.g. humidity, temperature and fire sensors
• CCTV video surveillance
• Intruder-proof access control
• UPS with backup generator
• Automatic fire-extinguishing systems
All access to buildings and rooms is logged in an access control system. All access points to the rooms are video-monitored. Only authorised Admincontrol personnel have access to the physical equipment on which the portal runs.
Security monitoring and testing
All user activity is logged in the application log with exact time, IP address, username and information about whether the login succeeded or not. This includes the opening, editing, deletion and creation of documents, meeting or tasks. Furthermore, all user activity on the server and in the operating system is logged. Admincontrol has dedicated High-Availability firewalls and traffic logs for all traffic in and out of the servers. All traffic is monitored in real time in order to detect and block threats (IDS/IPS solution). All warnings from the detection system are analysed by security experts at a security centre that is manned 24/7/365.
At regular intervals, Admincontrol orders comprehensive security analyses and penetration testing to be carried out by an external, independent IT security company. The analysis covers both applications and infrastructure associated with the portal. The aim is to detect potential vulnerabilities and weaknesses that could be exploited by a potential hacker attack, and to rectify any potential weaknesses as quickly and efficiently as possible.