The ink is dry. The handshakes have been made. Your company has just successfully negotiated a multi-million-mega dollar monster merger or acquisition. And your newest corporate addition has all the promise of taking your business to the next level.
But what’s next? How do you begin integration with your existing IT infrastructure? What sorts of vulnerabilities should your IT department be aware of before marrying your two systems? Is your existing IT infrastructure even set up for marriage? Did your top-brass think of any of this before signing off?
Chances are they didn’t.
And, like cooking a soup on your stovetop, a merger between two organizations only works if all the great ingredients can be mixed, melted and mashed together in one pot. If they can’t, your sweet deal might turn sour in a hurry! Or, worse, if left unattended – burn.
Here are some ways conducting technological due diligence plays a pivotal role before, during and after any merger or acquisition process:
1. A history of breaches – a future of headaches
Conducting conclusive research on a prospective merger or acquisition’s digital history should be a primary first step of your courting process. Asking simple questions like “Have you had a breach?” can vet massive roadblocks further down the merger and acquisitions path. Take the now-infamous 2016 Yahoo!/Verizon merger worth an initial $4.8B, for example. In this instance, since Yahoo! reported two major data breaches of user account data just prior to the sale, Verizon shaved $350M off the final price for the deal. In fact, between 2014 and 2018 alone, there where over 10 major breaches affecting mergers and acquisitions deals, affecting billions of users worldwide.
Since breaches can affect sale prices, stall deals or even cancel them out, careful attention should be paid to poor data hygiene during any merger or acquisitions process. Update your legacy encryption system now.
Common red flags, for example, might be a company not adequately protecting sensitive communications. From legacy encryption systems to not encrypting at all, a company which doesn’t protect is opening another to risk.
With our OneWorld encryption solution, companies can reduce the complexity of legacy systems by consolidating email encryption into a single, scalable cloud-based platform – for a more secure environment for sending sensitive communications. From configurable encryption policies to detailed message reporting, our robust encryption system can help you demonstrate effective risk-mitigating security for any deal
2. Understanding IT infrastructure
When organizations begin to execute elaborate digital transformation plays, any hidden tangled wires, certifications and claims within an existing IT infrastructure suddenly come to the forefront. If left unattended, these tangles can create expensive knots for any merger or acquisition attempts. From obsolete technology lowering a product’s value to legacy systems and processes which simply do not line up.
IT issues need to be top-of-mind throughout any merger or acquisition process. Read more about our certifications.
Proper consultation with your IT department prior to a merger is an effective way to ensure elaborate paper acquisitions play out as planned – especially when you consider that over 50 per cent of initiatives throughout a mergers and acquisitions process, designed to capture synergies, are directly related to IT. A merger or acquisition candidate might claim, for example, that they are SOC2 certified, meaning their security has been vetted and approved by a credible third-party SOC2 evaluator. A member of your IT department can help determine whether this certification is valid or acquired via a third-party.
3. Protecting trade secrets
In order to protect trade secrets, prevent unwanted access and to bring order to your merger or acquisition process, you need to provide protected conduits through which information can be sent, received and replied to.
Mergers and acquisitions can sometimes be periods of organized chaos, as new faces meet new infrastructure and information flies freely from camp A to camp B. Ensure only intended recipients can read your secure message.
In addition to its six flexible secure delivery methods, the OneWorld encryption platform is fully brandable, configurable and features various secure authentication methods. For additional security, OneWorld features a flexible suite of encryption policies which automatically protect any incoming or outbound sensitive data.
4. Sanitizing IT infrastructure
Prior to plugging in to any newly acquired merger or acquisition, be sure to identify any existing vulnerabilities. This ensures that any legacy cybersecurity technology, ageing in-house communications systems and other technological cracks don’t pollute your system once the deal is signed – something 40 per cent of companies fail to do. A thorough audit of a prospect’s digital infrastructure can help mitigate the risk of dealing with expensive interventions further down the line.
Prior to plugging in to any newly acquired merger or acquisition, be sure to identify any existing vulnerabilities. Update your legacy message encryption system.
Moving non-critical systems to the cloud is a simple solution to uncluttering, sanitizing and updating an incompatible legacy system. With Echoworx OneWorld, for example, migrating legacy resource-intensive message encryption service to the cloud is simple. The resulting light, configurable and flexible secure message environment, managed in the cloud, helps organizations consolidate cybersecurity efforts and streamlines the merger and acquisition process.
By Christian Peel, VP Customer Engineering, Echoworx