ZF is a leading global technology group in driveline and chassis technology as well as active and passive safety technology. With around 146,000 employees and 230 locations in almost 40 countries, ZF is one of the world’s largest automotive suppliers.
The company spends more than six percent of its sales on research and development every year, primarily on efficient and electric drives and a world without accidents. With its extensive portfolio, ZF improves mobility and services not only for passenger cars, but also for commercial vehicles and industrial technology applications.
In addition to the many practical advantages of a virtual data room, such as the efficiency and transparency of processes, the outsourcing of sensitive company data must also withstand a sufficient security concept. In M&A processes, the highest level of transaction security is the most important thing, and that without exception. PMG was subjected to a comprehensive company analysis before the transaction data room was used. ZF Friedrichshafen’s in-house IT department put PMG through its paces to make sure that all safety requirements were met. With success – because no other provider on the market was able to serve the required level as extensively as PMG. <em>“It is precisely because the hosting and support of the software at PMG takes place exclusively in Germany that the cooperation is so attractive for us,”</em> says Barbara Blumenstock, responsible for M&A cooperation at ZF Friedrichshafen AG, <em>“because data protection and compliance are important to our transactions highest priority.”</em>
One of the central challenges of ZF Friedrichshafen AG before using the PMG data room was the Q&A processes in previous projects. Among other things, tenders with several buyers have to be dealt with. The PMG Q&A module provides audit-proof and transparent support for virtual question-and-answer processes in order to support efficient due diligence. With the Q&A module, all parties ask and answer public and private questions. With the bidder management function, ZF Friedrichshafen can define the respective rights of the individual involved via freely configurable groups and categories. The users can then be combined to form a group of bidders. This process is controlled with any number of release levels.
Communication between management boards and supervisory boards in sensitive transactions requires strict compliance regulations for the management of confidential documents. PMG offers ZF Friedrichshafen an HSM (Hardware Security Module); a storage location for cryptographic keys that are used, for example, to encrypt customer data. In the highest security level, the project masterkey is stored in an external HSM. In addition, it is encrypted with the passwords of the assigned users. General access by a system administrator is therefore excluded. The HSM uses extended technical measures to protect the keys from unauthorized access and data rooms can then only be maintained by administrators who are also assigned to the project. “Our requirement was that we could manage the encryption and decryption of customer data ourselves on our own systems or under our own control. PMG offered us an “on-premise” solution. This is very straightforward for us and ensures that we never have to give the keys out of our hands. An additional safety criterion that we get met by PMG,” explains Barbara Blumenstock from ZF Friedrichshafen.