Merrill DataSite is the first VDR provider to understand the customers' and industry's need to provide the highest level of security by obtaining an ISO/IEC 27001:2005 certificate of registration and sets the standard as the world's only VDR certified for their operations in the United States and Europe.
Given the confidential nature of any transaction employing a data room, security is a high priority for Merrill DataSite. This is why we employ several layers of security:
- Client data is 256-bit SSL encrypted with Extended Validation (EV) by VeriSign®; optional two-factor RSA SecurID™ tokens are available.
- Data at rest encryption and TLS email encryption available; ask your Merrill DataSite representative for further details.
- Strong passwords are required for the application. Additionally, one-time passwords are used for project registration with mandatory password changes upon first login.
- Documents are viewed as encrypted images through Merrill DataSite’s secure viewer – no cached files are left on the user’s hard drive.
- Merrill is the Application Service Provider (ASP), owning, operating, and managing the entire DataSite infrastructure.
- Full disclaimer language is required at a minimum upon first logging into a project and optionally can be required each time a user logs in.
- Printing rights can be controlled for each user, down to the document level.
- Time-out feature is adjustable for each user group.
- Documents can be further secured by adding a tamper-proof personalized watermark, chosen by the client, that appears on any document being viewed or printed.