Back to Blog

How to protect your investors' sensitive data from hackers

Part 3 of a 3 part series
Josiah Mann

Stop sharing sensitive files over email directly

Asking small investment companies to not share investor data over email is tough - but when it comes to documents it’s a good practice to use a service specifically for sharing them securely - think Google Drive, Dropbox, etc.

In the first part of this series, we fixed the problem of having to use the same password everywhere by setting up a password manager.

In the second part, we took things one step further by requiring bad actors to have access to both our password (something we know) and our phone / device (something we have) to be able to access our sensitive investor data.

In this part, we’ll take a look at how we can simple use services like Dropbox or Google Drive to implement the cybersecurity “principle of least privilege” when sharing documents with investors or teammates.

<div style="padding:62.5% 0 0 0;position:relative;"><iframe src="https://player.vimeo.com/video/359079053?title=0&byline=0&portrait=0" style="position:absolute;top:0;left:0;width:100%;height:100%;" frameborder="0" allow="autoplay; fullscreen" allowfullscreen></iframe></div><script src="https://player.vimeo.com/api/player.js"></script>

TLDW: Create folders in Dropbox or Google for individuals or groups and only share the information that is absolutely necessary by manually adding their email addresses if possible.

PS. Investor Deal Room provides unlimited secure document storage by allowing you to share sensitive documents either with individual investor in their personal dashboard or with all investors in a given deal or fund. Investor documents are stored on Amazon’s secure data-centers and two factor authentication provides an additional level of security to both you and your investors.

If you’re managing a lot of investors or plan to in the near future, click here to schedule a demo.

This is part 3 in a 3 part series:

How to protect your investors' sensitive data from hackers - part 1 of 3

How to protect your investors' sensitive data from hackers - part 2 of 3

How to protect your investors' sensitive data from hackers - part 3 of 3

BONUS - How to protect your investors' sensitive data from hackers

Share on social media: 

More from the Blog

How to protect your investors' sensitive data from hackers

Part 2 of a 3 part series

Two factor authentication can seem like a hassle, especially when you have to log into a website over and over and it requires two factor authentication every single time you login.But the reason two factor authentication is becoming so popular is because it works.

Read Story

How to protect your investors' sensitive data from hackers

Part 1 of a 3 part series

Most small investment firms often don’t have an IT department at all, it’s no surprise that they don’t have great IT policies in place. As a result, email inboxes for these smaller companies are often packed to the brim with sensitive investor data - everything from banking information, to social security and EIN numbers, to entire investor profiles in the form of subscription agreements.After the most recent wave of leaked passwords, private equity and real estate investment companies would be wise to take a quick inventory to determine if their approach to storing and sharing investor’s sensitive personal information puts them at risk of being compromised in a data breach.

Read Story

Get more content like this

Receive helpful tips, tricks, training, and best practices from across the private equity real estate and syndication world.
We will never share your email address with third parties.