Autocorrect can go straight to he’ll.

Heard of that new band 1023 Megabytes? They’re good but don’t have a gig just yet.

Why can’t Microsoft employees relax? Because they’re always on Edge.

What kind of computer sings the best? A Dell.

Why do programmers prefer dark mode? Because light attracts bugs.

There are 10 types of people in the world: those who understand binary, and those who don’t.

Why shouldn’t you fart in an Apple store? They don’t have Windows

Why are iPhone chargers not called Apple Juice?!

Where did the software developer go?! I don’t know, he ransomware!

Contact Us
Click here for Support

Dorks Delivered Blog

How To Mitigate The IT Security Risks Of M&A

How To Mitigate The IT Security Risks Of M&A

How To Mitigate The IT Security Risks Of M&A

Mergers and Acquisitions (M&A) are hard to ignore in the reality of the business world. It is a time filled with back and forth negotiations, strategising, guessing and second-guessing your instincts. Traditionally, the deal would become final and irrevocable with the signing of contracts. A formal shake of hands would then pass the control from one to the other. If you look closer, the transition period would be full of chaos and hiccups.

Data security too would not be handled as well as it should have been. Thanks to new and improved laws and advanced technology, a lot of streamlining has occurred in the M&A procedures. In spite of that, one thing that still remains critical and more so due to its sensitivity is “IT security”. The associated IT security risks of M&A can sour the entire deal.

What is the Challenge?

M&A activities is not a normal days work. These are carried out for months before things can be finalised. During this time of analysis and negotiations, sensitive data is in the hands of third parties at many times. Also, limited inside access is given to them so that they can perform their job post haste and with due diligence. When paired with lax security this is the time when most proprietary information falls in the wrong hands. A perpetual threat from hackers does not make the job any easier either. The significant risk of data exposure and theft becomes more prominent during M&A.

The Different IT Security Aspects

The different aspects of security that must be considered during M&A are –

1. Physical Location security – first and foremost the place to secure is the actual premise itself where the IT assets are located. Once that is done, employees access to the location has to be looked into.

2. Data Security – Next comes securing all the electronic and physical data. This could include employees, clients, contracts, financials, and legal documents. Backups should also be secured and recovery procedures carefully analysed to check for possible leaks.

3. Software Security – Any new or old application or software should be checked for viruses and trojans. This can be done by application penetration testing for both desktops and mobiles.

4. Network Security – This would include the security of routers, firewalls, analysing access points, and web servers during the integration of workstations and all such network devices.

5. Architectural Design Flaw Analysis – This would relate to finding any flaws in the design models and technology stacks which could result in potential security threats.

6. IT Compliance – Adopting policies which would guarantee application and tools compliance is something you need to make sure of. If separate policies are being used it could cause chaos to the IT security.

The Solution

Review all third partiesMitigating the IT risk of M&A is not impossible. The only thing it requires is stringent controls and hard work. In order to protect the IT assets and close all possible loopholes here are a few things you can do (trust me, they’ll make your job and life a lot smoother) –

1. Review All Third-parties – There are multiple third parties involved in a merger and acquisition. These would typically involve an independent auditing firm, one or more law firms, some investment banks, a couple of advisory firms and the counterparty itself.

Sensitive data within them exchanges hands multiple times. If the party itself is corrupt or if they don’t have ample IT security your data could fall into the wrong hands with ease. A review of all the third parties will give you a chance to access their reputation as well as security measures they have in place. If you are not satisfied with their security you could ask them to upgrade it or look for a more secure partner.

2. Control Access – Giving admin privileges to data is not a good decision. Access should be given only on a need to know basis and then too it can be further restricted by making it a “read only” access. Permissions should not be given to allow the third party to make any copies of it.

All the information should be viewable on screen if possible. In case of any hard copies, they should be destroyed as soon as they solve their purpose. Also, at every stage of M&A, all the data is not required. You should refrain from putting everything on the figurative table at once.

A good solution is to have multi-tiered document access. As the deal moves forward, greater access can be provided. However, if the deal does fall flat at any time you will know which information the third-parties had.

3. Assessment Of Vendor Tools – Vendors come onboard with their own set of software tools. These tools are mostly used for analysis, assessment and drawing up comprehensive reports. It is quite possible that one or more tools used by the vendor are already infected with malware. The risk of this malware passing down into your own systems and network devices is quite high. An assessment of vendor tools will give you a chance to mitigate any associated risk.

4. Monitor internet – As soon as the news of a merger or acquisition hits the newsstands, you will see a rise in the number of fake accounts that are set up using either the company name or those of its employees. Not only that, but the darknet also gets buzzing. For hackers, this is the prime playground where they drop tidbits of information regarding the possibility of an unethical entry into the company servers. At such a point, it is necessary to keep track of all internet activity that mentions you as the buyer or the company which is being acquired. All fake accounts in the name of the company itself and its employees should be reported immediately and deleted. There will also be a noticeable rise in social media activity mentioning your company time and again. All news which is unjust and false should be immediately addressed because this could lead to the downfall of a possible deal.

5. Review Target Firm Security – Security measures being used by the counterparty are also of major concern. You can’t just assume that everything is as it should ideally be. For all you may know, they could have let their security become lax in the aftermath of the M&A announcement. Before anything else, ask your security experts to review the security measures in place at the target firm and how they could be further strengthened if necessary.  

Bottom Line

The heart of the matter is that firms involved in M&A should do so only after thoughtful consideration. Then too, adhering to secure SDLC, assessment of all tools used by the vendors, architectural risk analysis, assessment of security at physical locations, and application penetration will mitigate the IT security risks of M&A.

Share the Post:

Subscribe to our Newsletter

Subscribe to our newsletter for regular IT news, tips, tricks, jokes, podcasts and other interesting stuff. It’s a hoot!

We take your privacy very seriously solemnly promise not to SPAM you.

Related Posts

We can help with:

Click here to see all services

Dorks Delivered
5.0
Based on 52 reviews
powered by Google
review us on
Kennard
02:22 28 Nov 24
I am very Satisfied with the services provided by Dorks; the teams are highly responsive and supportive.
Eleanor Swanepoel
08:38 19 Nov 24
The Dorks got me into my system after it was locked out and the device destined for landfill. Having worked with the Dorks team for 4 years, I have always found them responsive, helpful and diligent. Thoroughly recommend!
Trent Marshall
03:33 15 Nov 24
Josh and the entire Dorks team could not be any more professional, helpful, friendly and knowledgeable if they tried. Time and time again they were patient and went above and beyond to resolve numerous complicated IT issues for myself and my team, at all hours of the day and night. I recommend them to all size and scale of businesses, as no problem is too large for the Dorks! Thanks again Josh and I wish you and the team every success in work and in life.
Meg Dennis
21:27 08 Nov 24
There are very few organisations that have a service culture of going above and beyond. Josh Lewis, Dorks founder did that this week with myself and several peers, helping us through a difficult IT situation. Dorks Managed IT Services are relationship grounded, solution oriented and outcomes based. They are outstanding in their sector.
Meenakshi Vivek
06:46 08 Nov 24
I had the pleasure of speaking with Joshua from Dorks on an IT issue outside of their scope, and I couldn't be more impressed. He went above and beyond to not only resolve my problem quickly on late Friday afternoon but also was very friendly and supportive. His dedication to ensuring everything was working perfectly, truly stood out. Highly recommend Joshua Lewis @Dorks for anyone needing reliable and expert IT assistance!Thank you so much Josh!
Mark Mathews
02:16 15 Aug 24
I've been a client of Dorks Delivered for many years and for good reason! They are so easy to deal with, value for money, host and manage my website, provide office software at discounted rates, easily fix website issues etc. A seamless and easy IT company to deal and communicate with that I highly recommend for all your IT needs.
john aguiflor
03:59 05 Dec 23
Definitely a dream work place!
The Irrigation Shop
02:52 28 Nov 23
These Dorks are fantastic. Always ready to solve any problem we have. Cyber-security, hardware, even tips on marketing. Josh is always approachable and friendly, and the team are top-notch!
Rob Swanson
21:25 27 Nov 23
Dorks has helped get our company IT needs on track and streamlined. They are easily contactable when problems occur and are quick to get you back up and running!
Rimas Veselis
16:55 27 Nov 23
Always extremely helpful!
Mark Ong
02:00 27 Nov 23
The best organisation I've work with so far. All staff are hands-on and they will understand your business in order to support you the best way possible. They are the partners you need for any kind of tech solutions. I love that they are open to two-way feedback and will let you know if something is realistic or not and what is the best solution to move forward given the circumstances. It is no surprise that they come highly recommended for me.
Ben Rayner
01:28 27 Nov 23
Very happy to recommend Dorks Delivered with Teck support etc, we worked together for over 10 years and have all issues resolved promptly.Thanks Team Dorks
Tim Nelson
01:04 20 Nov 23
A refreshing company to manage my IT requirements. Over and above service, and always coming to me with new ideas and concepts
Louise Bedford
03:10 28 Aug 23
Joshua Lewis is a super star. Generous of spirit, skilled as an interviewer, and gifted with the ability to see exactly what people need - I'm sure you'll enjoy dealing with Dorks Delivered.
Dave Abbot
09:08 09 Aug 23
Absolute guns in the industry. Trustworthy reliable and brutally honest.
Tanner Anderson
07:24 04 Aug 23
Working with the team at Dorks is always a pleasure!
Bryan Nillos
00:21 03 Aug 23
Great place and great people to work with. The best MSP, value for money!
Kubrador
04:28 02 Aug 23
I strongly endorse Dorks Delivered for their outstanding Managed IT Services! With a proactive and reliable team, they provide round-the-clock support and top-notch cybersecurity, making them an invaluable partner for achieving business success.
Mark Pope
05:26 06 Jul 23
Definitely talk to Josh Lewis and the Dorks about your managed IT needs. Apart from being smart and having a great team, I have found him to be genuinely concerned about his clients, coming up with the best advice that suits their needs.
Cameron Quin
03:52 05 Jul 23
Honestly, our business wouldn't survive without them. Josh and his team just know everything and I have peace of mind when it comes to the uptime. Of my business. And they give awesome little freebies!!
Adrian Peterson
23:49 25 Apr 23
We recently transferred our I.T. needs to Dorks Delivered and they have been fantastic. The response times, ease of accessibility to them and their understanding of our needs have been brilliant. It's been a complete 180 degree shift from our previous vendor Mercury I.T. We are so pleased with the change and would happily recommend Dorks Delivered to other businesses.
js_loader

Give our IT support team a try...for FREE!

Your first IT support task is FREE (Normally $199) – Yep, absolutely free (up to 4 hours)! Experience how our team can help your business today.

Click here or ring 07 3166 5465 to claim your FREE IT Support Task!

Want to rub shoulders with the greats? We work with the best…

Client Logo - Subway
Client Logo - Westfield
Client Logo - Hewlett Packard
Client Logo - Microsoft
Client Logo - Xero
Client Logo - Queensland Government

When did your current ‘IT guy’ last pay YOU for downtime? Click here to learn about the Dorks Guarantee!

Facebook-f Twitter Linkedin-in Youtube
View Map

CALL FOR A FREE ASSESSMENT

AWARD-WINNING IT SERVICES
Dorks Delivered Pty Ltd © 2025 | All rights reserved | ABN: 89 023 607 782

Refund Policy | Privacy Policy | Terms of Service