Bernhard Morell and Christoph Urban gave an online lecture on 15.04. 2021 as part of the working group on digitalization of the Bundesverband Mergers & Acquisitions e.V. under the heading “Cyber in M&A transactions“.
The presentation dealt with the question of what aspect secure archiving of digital data and documents plays in this context. It was made clear from the outset that the topic is not specific to M&A, but must be considered much more broadly. Digital archiving is necessary in every business area and is also prescribed in some cases, especially when it comes to data and documents relevant to tax law.
Mr. Morell vividly illustrated that although many companies today have archive or DM (document management) or ECM (enterprise content management) solutions in place, they rely on IT to manage them correctly and thus supposedly rule out data loss. This is not the case, especially for data and documents that need to be stored for long periods of time. Among other things, the topic of data, media and technology ageing was addressed.
Using the example of manufacturer-specific data formats such as Word, Excel and PowerPoint, it was shown that readability over long periods of time can only be guaranteed if the formats are regularly migrated, i.e. transformed into a new format that can be processed at that time.
This was also demonstrated for the media using the example of CD / DVD / Blue Ray, USB stick and external hard disk. The topic of technology aging was only touched on in passing: it refers to the aging of the software systems used, but also the server and storage technologies in the data center: here, too, continuous migration is necessary if data and documents have to be kept available over long periods of time.
It was also explained that, in connection with archiving, it makes sense not only to store the original data format (e.g. Word, Excel, PowerPoint), but also a representation in a stable long-term format. A format is considered long-term stable if it is fully documented and this documentation is freely and publicly accessible. This applies, for example, to the various PDF/a variants.
In order to build a bridge to the M&A process, it was shown at which points in the process documents are created and how they are stored during the process today. Storage in data rooms, whether “on premise” or in the cloud, is standard in this process today. However, the issue of secure storage of these important documents after closing is not sufficiently considered. Today, data and documents are handed over to users via data carriers – the user is now responsible for what happens to the data and how it can be stored securely.
Mr. Morell addressed the current event of the OVH fire on 16.03.2021 and used this example to show that data in the cloud is only secure if it is stored in more than one location of the cloud data center. In the case of the OVH fire, this was not the case for all customers, as this type of processing depends on the contract design and therefore has a direct impact on costs. More security also costs more. Many users of these data centers are not aware of the risks they are taking with which type of contract.
In a digression, Mr. Urban used examples from his professional practice to explain the risks that must be reckoned with in the event of data loss. He impressively demonstrated that only a secure and accessible archive system can help to avoid liability/reputation risks and, above all, compensation costs.
At the end of the presentation, questions regarding the technical connection of the piql archive, which is based on the non-manipulable storage of documents in the form of QR codes on b/w film, were discussed. In addition to the server-side connection via API (application programming interface), the possibility of interactive use via a browser-based solution was presented.
With the piql “Fire&Forget – Archiving”, an efficient and secure way of archiving data and documents was presented, which can be seen as a supplement to existing systems and should record the data that really must not be lost.
