RightData’s eRooms redefine secure document sharing and management by combining industry-focused functionality with enhanced security.
One-time password (OTP) authentication has become a cornerstone of modern cybersecurity, evolving from the early banking systems of the 1990s that replaced static PINs. Right2Data’s virtual data room, or eDataroom, integrates OTP as a data room layer of security, generating time-sensitive one-time use codes delivered via email or SMS authenticator. Unlike static passwords, OTPs expire within 30 minutes, minimizing the window for exploitation. This method gained prominence in the security industry after high-profile data breaches exposed vulnerabilities in traditional credentials, pushing industries like legal, finance, healthcare, and fundraising services to adopt OTPs for sensitive data transactions such as mergers and acquisitions (M&A), Fundraising, IPO offerings, etc.
The OTP systems rely on algorithms like HMAC-based or Time-based OTPs to generate unique codes each time the login process is conducted. Right2Data uses TOTP (time-based OTP), synchronizing with atomic clocks to ensure precision. Even if a hacker intercepts a code, it becomes useless after 30-60 seconds. For added security or redundancy, codes are sent to the user via email or SMS, reducing delivery failures.
Benefits of OTP-Based Authentication:
Audit trails are immutable logs that record every user action within the virtual data room, from document views to permission changes, and activity logs are visible in detail. Originating from paper-based accounting audits, digital audit trails became critical after the Sarbanes-Oxley Act (SOX) of 2002 mandated rigorous financial reporting. Right2Data’s eDataroom system captures granular metadata, including timestamps, user identifications, the IP addresses of the users who have accessed the data, and the action types like View, download, and print, creating a forensic-ready environment. The audit trail keeps a record of data being accessed for how long, which particular user, with their IP addresses, and the actions taken on every document are provided to the administrator. This helps the owner of the data room to know the detailed insights of the data room and its users. This helps in faster due diligence and enhanced efficiency.
Features and Litigation Value:
A well-known bank used this special feature to pass a FINRA examination using our Virtual Data Room, proving that only authorized personnel accessed customer portfolios. The logs revealed zero unauthorized access over 18 months, avoiding a heavy potential fine of 2 million. Our technical team is exploring the feasibility of AI-driven anomaly detection that will flag suspicious patterns, such as bulk downloads at unusual hours, which will make it even more secure, the most trusted, and most affordable Virtual Data Room service provider in India.
An activity tracker provides a real-time dashboard of user data interactions, building on network monitoring tools like SolarWinds. Unlike static audit logs, this feature also offers live insights, such as active sessions, mouse movements, and scroll behavior. Private equity firms use this to gauge investor interest during auctions. This feature gives the exact time an interested client spent their time on a particular document and what they are interested in, or they might have difficulty understanding the files, which can be guessed through this activity tracker. This also helps identify the interested client by examining the time spent on the documents.
Technical framework and security Use:
View-only mode restricts users to reading the documents that have been shared without editing, downloading, or printing privileges. This mirrors the “kiosk mode” in libraries and evolved into digital rights management (DRM) for industries like film production. Right2Data’s VDR system makes use of AES-256 encryption implementation and dynamic rendering implementation to prevent screenshots or copy-paste of the documents that are stored in the data room.
Technical Implementations and Advantages:
View-print-download controls allow the administrator to define granular permissions for document interactions with the users of the data room, balancing collaboration with security. The controls can be given by creating a separate group or at the individual level by uploading the viewer list or manually typing the viewer's email addresses/phone numbers, in which they can receive OTP with their names. This concept evolved from the early cloud storage platforms like Dropbox, which introduced basic “view-only” links in the 2010s. Right2Data’s VDR implementation takes this further by allowing per-user permissions or per-document rules, such as allowing a particular user or a group of users to only view the documents and restricting print and download permissions. Likewise, a user can be given access to print and view, but download is restricted. If the Permission to download is granted to the user, they are automatically permitted to view and print, with download being the highest level of permission.
Technical architecture and security:
This feature empowers the administrators to streamline access control by organizing data room viewers into predefined groups like legal, financial, human resources, etc, making it easier to share information according to group directly rather than selecting every individual viewer and granting them granular access. The group creation features of our platform enable role-based access by organizing the data viewers into teams with unified permissions, mirroring Microsoft’s Active Directory (1999). The viewers can be added or removed from groups, and the administrators can select the Viewers from the list and move them to a particular group after group creation and removal. By directly clicking a specific group, like the legal group or the financial group, and selecting it, it becomes easier for the administrators to assign permissions to the document. This centralized approach not only simplifies administrative workflows but also ensures consistency in access rights, reduces human error, and accelerates secure collaboration across large teams.
The Bulk upload feature in the document upload allows the administrator to ingest a massive number of files/folders while preserving structure and permissions, which is a critical need for industries like real estate, where a single deal may involve 10,000 plus documents. The bulk upload feature of Right2Data’s VDR supports bulk uploads of documents in ZIP format and is automatically unzipped once the upload completes in the same order as the files were before compression. It becomes very handy while dealing with a gigantic data file that needs to be uploaded and shared with prospective clients. Before tools like Box introduced bulk uploads in 2012, firms wasted weeks manually uploading data files/folders. Right2Data’s VDR service system accelerates this with drag-and-drop simplicity and automated security.
Technical Features:
Geo-tagging records the geographic coordinates (latitudes and longitudes) of users during logins or document interactions. Development from IP tracking tools, RightDatas virtual data room system integrates GPS data from the mobile devices and wi-fi triangulation for desktop users. The GPS tagging facility of RightDatas VDR helps to track the location of the users activity and provides a detailed audit of the data being accessed for security purposes.
Features and alerts:
This feature in Right2Data’s eDataroom is designed to address specific pain points in data security and collaboration. Combining cutting-edge technology with regulatory compliance like ISO 27001, the Digital Personal Data Protection (DPDP) Act, and data security and regulatory compliance. Our virtual data platform offers a robust solution for industries and businesses ranging from small-scale start-ups to large enterprises dealing in healthcare, M&A, finance, real estate, etc.
Geo-fencing restricts data access to predefined geographic boundaries, such as countries, cities, or corporate office boundaries, that are specified by the administrator of the data room. This concept started from the enterprise mobility management (EMM) solutions in the early 2010s, where companies like MobileIron used geolocation to circumvent device usage. Right2Data’s geo-fencing feature applies this principle to our Virtual Data Room (VDR) or eDatarooms, enabling organizations to comply with data protection laws and regulations. Our data rooms, equipped with this special feature, help to mitigate cross-border cyber threats. For example, an Asia-based pharmaceutical company can block access to clinical trial data from regions with weak IP protections. It can also allow only specific office locations to access the data and prohibit others from accessing it. The feature uses a combination of GPS (for mobile devices), IP geolocation databases for desktops, and Wi-Fi triangulation to block and specify the correct location. Administrators can draw fences on a map interface, such as limiting access to the European Union (EU) or excluding high-risk countries like North Korea. Right2Data’s VDR integrates with MaxMind’s GeoIP2 database, which offers 99.8% accuracy in country-level identification. For handheld device users like mobile phones and tablets, the system enforces GPS checks every 15 minutes to detect location changes.
Security Applications and flexibility:
To make it more secure and security-enhanced, right2Data is working on including 5G triangulation for millimeter-accurate fencing and IoT device tracking to secure data access in industrial environments.
A reader or viewer selfie captures a real-time facial image of the person accessing the session. This viewer selfie is mandated during the time of accessing the document via the provided link. Our VDR service platform displays a selfie screen, which prompts the user to access the data only after a selfie is captured. This feature has been enabled for an extra layer of security. Our VDR service prompts this screen if someone tries to log in from multiple browsers or unregistered devices during the session. This selfie feature stops the user from sharing credentials with anyone, thus ensuring sharing. It keeps the users selfies hashed and stored in the viewers login file as a reference and automatically deletes the images once the data room expires.
Security and Advantages
Double-factor or two-factor authentication is often a part of multi-factor authentication and requires the users to verify identity through two distinct methods. Originating in early military systems, double-factor authentication became an important verification method after the 2013 Yahoo breach, which compromised almost 3 billion accounts. Right2Data’s Two-factor authentication (2fa) combines Knowledge factor authentication (Password), possession factors (mobile devices and desktops), and inherence factors (biometrics or Aadhar card number), to access the OTP generated via email or SMS to create a virtually impenetrable barrier.
Technical implementations and security advantages:
A Mumbai-based biotech firm used our Virtual Data Room’s Double authentication during their patent licensing deal. The engineers accessed research development documents only after scanning Aadhar and entering a hardware token code. Zero breaches were reported during their 6-month negotiations. The security feature meets SP 800-63B guidelines for digital identity, fulfilling NIST compliance. The users reported that it had seamless integration and worked with Active Directory and SSO platforms.
The Questions and Answers (Q&A) module centralises secure communication within the VDR, replacing fragmented email chains and spreadsheets that have to be shared to discuss doubts regarding the document shared. Inspired by platforms like Slack, our VDR system has adapted threaded discussions for high-stakes scenarios like mergers and acquisitions due diligence. Fundraising, Intellectual property. The Viewers of the data rooms can post their questions related to the documents they have access to, get a professional reply from the administrators of the same documents, and carry on the chat process until their doubts are resolved. The questions posed in the dataroom are notified to the admin in the dataroom dashboard, where the admin can view the document where the questions are raised and reply to the questions with answers and post the answers or related documents. A complete, secure, and end-to-end encrypted communication can take place within the data room, keeping the questions anonymous from other users of the data room.
Technical Features and Security:
The customizable watermarking adds extra functionality to the documents of the data room by giving the feature the ability to customize their watermarks to personalize the document. The watermarking overlays user-specific identifiers (names of the company and firms, name of the owner of the document, email address, IP) on the documents to deter leaks and trace violations. Adapted from the medieval paper watermarks used to authenticate currency, digital watermarking gained popularity in the 2000s with media giant companies like Disney embedding them in pre-release films. This specific rise in the trend was accepted worldwide to personalize the content's ownership. Right2Data provides customizable watermarking facilities to the administrator; the email address of the administrator automatically becomes the default watermark.