When it comes to mergers and acquisitions, companies have to review a number of things including insurance, finances and future employee needs. However, cyber liability concerns are often overlooked at this time, despite this being when company data is at its most vulnerable.

One of the largest risks comes from data transfers; even small complications can risk the company’s reputation, or even losing customers and damaging future sales. Additionally companies must meet their legal responsibilities throughout and before the data transfer process.

Top tips for a smooth data transfer process:

• Start by identifying all data assets that need to be transferred.
• Ensure you have all data standards, policies and processes from employees at both companies.
• Look for potential risks that could occur during the transfer.
• Make sure all data is backed up before you start the transfer.
• Conduct background checks on any employee involved in the data transfer process.
• Craft a business continuity plan to prepare for potential data loss or outages during the period when the transfer will be occurring.
• Assign a high-level person the job of overseeing all data transfers. He or she will have the task of assigning one person to each data asset that needs to be transferred.
• Update the risk profiles for newly acquired assets.
• Legally transfer ownership of data assets as quickly and completely as reasonably possible.
• Provide training sessions on new data standards, policies and processes.
• Ensure disaster recovery plans are up to date, and that business continuity plans and emergency plans include newly acquired data assets.

Preparing for Data Transfer

As early in the merger or acquisition process as possible you should begin to plan. It is recommended that you assign one person the task of overseeing all data transfers, leaving little room for miscommunication or error.

Bear in mind that if the acquired company has already completed portions of the data transfer or consolidation tasks, you should review the work to ensure accuracy.

Consider relocating IT employees from the acquired company early so that they can help with the data transfer and risk identification process, as they will be more familiar with their data and systems. Be sure to set aside sufficient time to convert any older data for use in newer software.

Finally, ensure that your system configuration records are up to date prior to any data transfers or consolidations. This will help isolate any issues that might occur and allow for an effective fix.
Data transfer is not just about preventing and managing a compromise or interruption to services—you also need to keep your customers’ and stakeholders’ needs in mind, and take their concerns into consideration. Most importantly, ensure your new and existing clients know that you are keeping their data safe.

Source: Zywave

Print PDF