Contact Us

Math Captcha   42 − 32 =

* Required Fields

Contact Us

Due Diligence Must Be Cyber Safe

Due Diligence Must Be Cyber Safe

JULY 16, 2015

Due diligence is all about making good business decisions. Is this a person I really want to hire? Is that a business I want to invest in or do business with? Is Cuba the next best market for my company’s services? The art of good due diligence lies in gathering all the relevant information you can and making sense of it. Of course, that means going where the information is, and that means going online. But as with any other internet-based activity, online research carries risk. As in all matters, forewarned is forearmed.

Professional researchers operate in many roles, among them private investigator, business analyst and law enforcement. Some of their most common sources are the various proprietary databases that gather information about people from many different sources and charge a fee for access. At first blush, these may seem like safe havens for research. But some of the best known proprietary databases have been data breach victims. This puts the researcher’s identifying information needed to maintain an account, such as name, address, email address and credit card information, at risk. Although the integrity of the data they sell never came into question in these incidents, their subscribers’ privacy was compromised.

Using standard search engines can also reveal a great deal of information about a subject; but some of the websites to which a search may bring you can be quite dangerous. Websites might contain malicious software designed to infect the computer browsing them or to capture information about users, and no user can prevent that from happening.

But as in all matters concerning cyber security, there are steps researchers can take that can help minimize risk and protect themselves and their clients, such as:

  • Install good anti-malware on your computer and keep it updated. This software might be able to detect some online dangers and warn you before you expose yourself to unnecessary risk.
  • Choose to use anonymizing software or an anonymous browser to conceal your identity from the websites being visited. Sometimes it is very important to keep a subject from knowing he or she is the focus of a due diligence investigation. By routing communication through multiple locations on the internet, a researcher’s identity can be concealed from all but the most determined (as in a national security sophisticated law enforcement agency). They do not, however, necessarily protect you from malicious software traveling back to you along with the information you are trying to obtain.
  • Mobile devices increase convenience, but also increase risk. A researcher should ensure that every device he or she might use for any purpose, whether researching or communicating with a client, is equipped with good anti-malware. If a particular investigation justifies the extra steps encrypted communications with the client should be considered.

In short, conducting due diligence online safely is not any different than any other use of the internet. Be aware of the risks. Keep your anti-malware up to date. Consider masking your identity and communications.


About the author


Kenneth C. Citarella is senior managing director for the Investigations and Cyber Forensics practice at Guidepost Solutions LLC.  He has more than 30 years of experience investigating and prosecuting white collar crime and computer crime. Kenneth can be reached at


Please enter your email to subscribe. By doing so, you are opting-in to receive news from Guidepost Solutions LLC.

Math Captcha   8 + 1 =