Despite all the investments in cutting-edge technology, venture capital is still an industry that is slow to change itself. Jeff Bussgang has written about it before with regard to the persistent demographic of VC firms. HubSpot’s Brad Coffey recently posted a blog at OnStartups that examined the ways that Google Ventures is disrupting the VC industry. It’s definitely worth a read to see how Google Ventures is thinking outside of the typical VC box and leveraging their own expertise to encourage and transform entrepreneurship.
Even if a VC firm doesn’t have the name recognition or resources of a Google, there are simple ways that it can make itself stand apart from the pack. By engaging the technology that is disrupting the way our culture interacts, processes information, and expects to stay informed, VCs can take the best of what technology has to offer to enhance the start-up community.
It is actually quite surprising how few venture capital firms are involved in social media of any kind. Many have no presence on sites like Facebook or Twitter. Very few blog. Even the firms’ websites can tend to be stiff and limited, throwbacks to the previous decade’s approach to website design. By contrast, a few of the most active VC firms in the country seem to understand the importance of social media and do have a strong presence. They understand the importance of using it for establishing thought leadership, reaching their target market, and growing their network. Especially when investing in technology start-ups, it’s critical to speak your “investees” language by communicating through the mediums they are using. What does this mean? Join LinkedIn. Set up a Twitter account. Create a Facebook page. Blog regularly. Put out content that informs and encourages entrepreneurship. Your expertise and experience is valuable, so make it social.
Deployed software is so yesterday. It’s all about the cloud. As we become increasingly mobile, the convenience of accessing your information anywhere you have an internet connection just makes sense. You can manage your pipeline through a cloud-based CRM so that it’s available whenever you need it and not just when you’re in the office. Woo potential investors with a branded investor portal from which they can see their investment activity and tax documents. Have your portfolio companies provide their interim financials, audited financials, board packages, and other reports via a secure online dashboard. All of this amounts to greater convenience, transparency, and efficiency for the firm.
Storing paper is costly and risky. Going paperless has so many advantages, not the least of which is peace of mind when your most important data is backed-up and secure. Over the last three years boards of directors are turning in increasing numbers to boardroom software for the distribution of board packages and the management of other board-related functions. No need to print, collate, and mail massive board books when it can be accessed via a lightweight tablet device at the click of a button. No need to worry about confidential information falling into the wrong hands.
Can you think of other ways VCs can use technology to stand apart?
Five years ago, the thought of company board members turning to a screen instead of briefing books was so novel that the phrase board portal was contained by quotes in an American Banking Association newsletter. Three years ago, only 9 percent of directors reported using online portal to access information or communicate with their fellow board members. Today, fully half of board members do, according to a new survey issued by KPMG’s Audit Committee Institute.
The survey, which was published in June, detailed that online board management is rapidly growing and will likely continue, with another 20 percent of respondents planning to introduce a portal to their boards in the next year. They are mostly used to post pre-meeting materials and update the board between meetings.
Such a rapid rate of adoption should not be too surprising. Board portals provide a clear advantage over paper reports. Moreover, many board members began demanding better access to corporate information and financials following the 2002 passage of the Sarbanes-Oxley Act, which holds boards responsible for internal controls and audits of their companies.
Security Worries Linger
But even when companies adopt board portals, KPMG still notes some concerns. The most common worry is security. More than 75 percent of the survey’s respondents say they are concerned about the security of a board portal. And the burgeoning demand for board portal software has spawned dozens of businesses in recent years -- more than 100 companies are listed under portal software on software comparison site Capterra – might include a few unscrupulous or disorganized ones that could compromise boardroom confidentiality.
Still, the KPMG survey indicates that these privacy concerns are not so worrisome that companies are turning from board portals. And they are continuing to evolve, from secure websites to mobile aps. Nearly 20 percent of survey respondents say they provide a tablet, such as an iPad to its board members to access the portal. That number is expected to double in the next year.
Redefining Boards or Just Making Life Easier?
This increased connectivity could eventually change the role or influence of boards on companies. While board portals are obviously more convenient, they also offer directors an opportunity to be more engaged in committees and have greater communication among themselves and management. This raises question: Will Board Portals change the nature of Boards themselves?
Click here to read the entire KPMG Audit Committee Institute report.
The folks at Dropbox are probably happy to see June come to an end, but they likely won’t forget it for a long time. That is all due to a relatively small, but very devastating data security breach that hit the file hosting service. Don’t say we didn’t warn you.
During a four-hour window on June 18, Dropbox visitors could log into accounts using any password. Not much was harm done; fewer than 100 accounts were affected and TechCrunch reports that Dropbox has only been able to find one person who discovered and actively took advantage of the breach. But the blow to Dropbox’s credibility is sure to be severe. The company’s entire business plan is predicated on a reassurance that users’ personal and proprietary information can be stored in the cloud without falling into the wrong hands. Without that reassurance, users might as well put all their sensitive information on a personal website.
But the Dropbox episode and similar security breaches, including one affecting GoogleDocs, teaches us that we can’t leave it up to the cloud to protect the information. We still play a role in safeguarding our information. Here are three steps that can go far toward protecting your data.
Know What You Are Storing Online and Treat it Accordingly.
Keep your most sensitive information under control. Former Symantec CEO John Thompson recommends using Digital Rights Management (DRM) – those digital locks that have long been used by copyright holders to thwart file-sharers – to protect especially high-value documents and other files. Forbes.com quotes Thompson likening DRMs to individual bodyguards who will protect your sensitive information even if the lock on the door (That would be Dropbox security, in this analogy) is broken.
Learn the Basics of Online Security, and Demand your Service Provider Has It
The silver lining to these increasingly common reports of password leaks and high-profile hackings is that a collection of certifications and other designations have sprung up to evaluate any data management service. DDC holds three separate certifications, including the standard used by the United States Department of Defense to ensure that information remains safeguarded. We offer a definition of each certification and how we are audited to ensure we and our service hosts meet them on our website.
Manage Your Users
All the protection to outside threats will do your business no good if you are defenseless to inside threats. And these insiders probably won’t be disgruntled employees, either. Security firm RSA found that most data breaches are committed by dedicated, hard-working members of the staff who simply got careless about where they stored their information. Just as you train employees on workplace safety, a few hours orienting them to data safety can probably prevent the worst from happening.
Ultimately, no website or service can guarantee total protection online. But some smart planning, as outlined in the above three steps, can help mitigate any damage done in the event that the walls protecting your data happen to fall.
In the wake of the most recent corporate scandal involving Rajat Gupta, the issue of board confidentiality is as important as ever. Gupta allegedely leaked insider tips from his Goldman Sachs and Procter & Gamble board seats that benefited his associate, Raj Rajaratnam, to the tune of some $17 million. Regardless of the legal outcome, the lesson is patently obvious. Companies can be held liable for the actions of board members, and it is therefore in every company's best interest to scrutinize board-related activity that makes them vulnerable.
The liability of human error
The greatest threat to board confidentiality is actually inadvertant human error. Companies spend thousands of dollars on high-tech security both for their premises and their electronic systems but often forget about the vulnerability introduced by well-meaning employees.
We recently heard the story of a security consulting group that broke into the boardroom of another company. The board packages were laid out around the table in preparation for the next day's meeting, and the security group snapped a photo of themselves on the boardroom table holding a copy of the board package and the early morning paper for date proof. Think about how easy it is to gain access to a building. Hold boxes in both arms, and someone will hold the door. Pose as a repairman or housekeeping and no one will question you.
The liability of "reply all" and "forward"
Email functions interject a tremendous amount of liability into board room communication. Our own CEO experienced this himself when he continued to receive board emails years after going off the board simply because he had been on an email originally and someone kept hitting "reply all". This is a surefire way to get confidential information into the wrong hands.
The liability of board package changes
One CEO we spoke with shared that his board package is comprised of about a dozen file attachments in different file formats, PDF, PPT, Excel, etc. Inevitably after the initial package goes out, some of those attachments change and then get resent to the board. By the time of the board meeting, the board members have received multiple emails with different versions of the materials they need to be familiar with for the board meeting. It's a scramble at the end to make sure everyone has the correct information, and the margin for error is large. In fact, it wouldn't be difficult at all for a piece of sensitive information that wasn't supposed to be there to make its way into the official board package during document shuffle.
The liability of hard copy mailing
Believe it or not, many board packages are still distributed in hard copy form via mail carrier. Whether it be FedEx, DHL, or the good ol' USPS, hard copy mail is subject to destruction from weather and rough handling. Worst of all if, it is possible for sensitive, confidential information to fall into the wrong hands.
The liability of email storage and Google docs
Email is an insecure place to keep your board packages and other communications. Google docs is an insecure place to share boardroom information. We've talked about the security issues that have plagued Google before. Take a hard look at the tools you are using to store and share board materials and make sure they meet the security you need for that level of confidentiality.
What are some other areas that you know of which threaten board confidentiality? How are you addressing them at your company?
Last week we introduced the concept of Critical Data Management (CDM), defining it is as theguardianship or your company’s most important information. We talked a little bit about the items that comprise your critical data. There will be much more on that to come. For now though, think of your critical data as the paper heartbeat of your organization. These are the kinds of documents, agreements, and information that are vital to the very existence of your enterprise. They include things like your articles of incorporation, your confidentiality agreements, your tax ID, your vendor agreements, insurance contracts, financing documents, and so on.
For many executives and organization leaders, this critical data isn’t needed on a daily basis…until it is needed, that is. At DDC we know both from firsthand experience and from countless interactions with others who have gone through the fire drill that not having your paperwork in order during a major corporate event will cost you one way or another. Not convinced? Listen here.
In light of this, here are the four key characteristics of CDM.
Organized and Actionable
For your critical data to be truly managed it must first be organized. How else will you find it when you need it? Throwing documents into a folder is not organization. For your information to be organized it must meet two criteria.
- The document itself must be filed – We have all experienced the moments of, “I think I called that file…,” where we scratch our heads and try search term after search term hunting for an elusive document in vain. Organization imposes a structure and system that makes it possible to find documents easily, saving valuable time and endless frustration.
- The document’s contents, or meta data, must be filed – Once you locate the file itself, finding a particular detail within it is another matter altogether. Some of your documents may be hundreds of pages long. We’ve all known the pain of searching for a single date or contract term in a multi-page agreement. A holistic approach to organization means that the key pieces of information, or meta data, contained within documents, such as dates, terms, individuals, are themselves categorized so that they are easy to find.
Once information is organized into categories, it needs to be usable. In other words, it needs to work for you. It should produce reminders, populate reports, provide contact details. When a contract needs to be renewed, you should be notified. When minutes are due, you should be reminded. Need to contact all the members of a specific board sub-committee? You should be able to do that at the click of a button without hunting for individual email addresses. When your critical data ceases to be just figures and names on a page but instead produces actions that save you time and enable your workflow, you have left the realm of storing the data and entered the domain of managing it.
Available and Protected
To be truly useful, your critical data must be accessible while still safe. If you need an important file, but can’t get at it, it is of no value. If you know an important piece of financial information is on your CFO’s laptop, but she is unreachable, so too is that information. What if the unthinkable were to happen? What if a flood or fire wiped out your physical files? What if your hard drive crashed and you hadn’t backed up? What if one of your top executives left disgruntled and took his files with him? And from the dramatic to the more mundane, what if you simply left your laptop at work, but needed to check something really important over the weekend. The CDM solution guarantees that your critical data is always available. From convenient online access controlled by individual permission levels so that only those who should see it do, your data is available whenever and wherever you need to reach it. And above all, your data is secure from breech with stringent security protocols and redundant back-ups. Not only does CDM save you time and improve your workflow, it gives you peace of mind and confidence that the paper heartbeat of your organization is protected.
To find out more about DDC’s CDM solutions can get you organized and protected, click here.
The running joke among startups these days is that you can almost completely run your company on free software, which is great for cash-strapped entrepreneurs. From Bizspark to Mailchimp and all the social networking sites in between, there is certainly value in the freemium model. However, the recent breech in security over at Google got us thinking, “What are your key documents worth?”
Running a business, whatever its stage, comes with a tremendous amount of paperwork. The list of materials that pile up, from tax ID numbers and employment agreements to articles of incorporation and insurance contracts, only increases the longer you are in business and the bigger your company gets.
Sadly, a lot of startups think that Google Docs is a passable place to stick such files. It’s free. It’s shareable. It’s adequate. Unfortunately, when it comes to all the paperwork that accompanies running a business, you just can’t take that risk. It’s one thing to store a marketing plan or sales pipeline in Google Docs. It’s another to use it for filing confidential and critical corporate information. Plus, Google Docs is storage, plain and simple. Nothing else. If you’re looking for a business tool to help you keep your corporate information organized, summarized, accessible, shareable, and completely secure, you’ll need to find another option, like SmartBoard.
As you consider how to keep your business growing and prepare for whatever the future may hold, ask yourself this question. What are my company’s documents worth? What would happen if I lost them either through electronic failure or physical disaster? What key documents are in the inboxes of people who may not always be with the company? If you’re even a little uncertain, check out DocDeps’s solutions.