FAQ
VDR Security FAQ: Encryption, Permissions, Watermarking & Audit Trails
The most comprehensive FAQ on virtual data room security — 33 questions covering encryption, access controls, watermarking, audit logs, MFA, SSO, data residency, and more.
Encryption & Data Protection
How VDRs encrypt data at rest and in transit, and protect against breaches.
How is data encrypted in a virtual data room?
What is AES-256 encryption and why does it matter?
What is TLS 1.3 and how is it different from older versions?
Can the VDR provider decrypt my documents?
Are backups encrypted?
What happens to my data if the VDR provider is breached?
Access Controls & Authentication
How VDRs control who can access what, and verify user identity.
What is multi-factor authentication (MFA) and is it required?
What is SSO and does my VDR support it?
How granular can VDR access permissions be?
Can I restrict access to specific IP addresses?
What is just-in-time access provisioning?
How do I revoke access when someone leaves the deal?
Document Protection
How VDRs protect individual documents from copying, printing, and redistribution.
What is dynamic watermarking?
What is view-only mode with screenshot protection?
Can I disable printing and downloading?
What is screen capture prevention?
Can documents be revoked after being downloaded?
Audit & Monitoring
How VDRs track, log, and report on every action in the data room.
What is an immutable audit trail?
What is recorded in a VDR audit log?
Can audit logs be deleted or modified?
How long are audit logs retained?
Can I get real-time alerts on suspicious activity?
Security Infrastructure
How VDRs are hosted, replicated, and protected at the infrastructure level.
Where is VDR data physically stored?
What is the VDR's uptime SLA?
What happens if a VDR data center goes down?
Does the VDR undergo penetration testing?
Is the VDR provider SOC 2 Type II certified?
Common VDR Security Questions
The questions deal teams, legal teams, and security teams ask most often.
Is a VDR more secure than email for sharing deal documents?
Is a VDR more secure than Dropbox, Google Drive, or SharePoint?
Can I use a VDR for classified or top-secret data?
What happens if a VDR user shares their password?
Can I tell if a document has been leaked?
What questions should I ask a VDR provider about security?
Related VDR Resources
Continue exploring VDR security
FAQ
VDR compliance FAQ →
SOC 2, ISO 27001, GDPR, HIPAA, SEC 17a-4 — all the compliance questions answered.
Guide
VDR security: 10 critical features →
The 10-point security checklist to use before signing with any VDR provider.
Guide
VDR security & compliance guide →
The definitive 22-minute guide to VDR security standards and evaluation.
See the SpaceNexus security stack in action
SOC 2 Type II certified, ISO 27001 accredited, GDPR compliant. Get a security overview, our SOC 2 report under NDA, and a personalized demo.