Stop sharing sensitive files over email directly
Asking small investment companies to not share investor data over email is tough - but when it comes to documents it’s a good practice to use a service specifically for sharing them securely - think Google Drive, Dropbox, etc.
In the first part of this series, we fixed the problem of having to use the same password everywhere by setting up a password manager.
In the second part, we took things one step further by requiring bad actors to have access to both our password (something we know) and our phone / device (something we have) to be able to access our sensitive investor data.
In this part, we’ll take a look at how we can simple use services like Dropbox or Google Drive to implement the cybersecurity “principle of least privilege” when sharing documents with investors or teammates.
<div style="padding:62.5% 0 0 0;position:relative;"><iframe src="https://player.vimeo.com/video/359079053?title=0&byline=0&portrait=0" style="position:absolute;top:0;left:0;width:100%;height:100%;" frameborder="0" allow="autoplay; fullscreen" allowfullscreen></iframe></div><script src="https://player.vimeo.com/api/player.js"></script>
TLDW: Create folders in Dropbox or Google for individuals or groups and only share the information that is absolutely necessary by manually adding their email addresses if possible.
PS. Investor Deal Room provides unlimited secure document storage by allowing you to share sensitive documents either with individual investor in their personal dashboard or with all investors in a given deal or fund. Investor documents are stored on Amazon’s secure data-centers and two factor authentication provides an additional level of security to both you and your investors.
If you’re managing a lot of investors or plan to in the near future, click here to schedule a demo.
This is part 3 in a 3 part series:
How to protect your investors' sensitive data from hackers - part 3 of 3