restrict-external-due-diligence-access-target-groups
Skip to content
English
  • There are no suggestions because the search field is empty.

How to Restrict External Due Diligence Access Using Target Groups

Learn how to use Target Groups to control which Due Diligence request items and documents external participants can access, and understand when Target Portal invitation emails are sent.

Overview

External participants access the secure Target Portal, not the internal Devensoft application. Target Groups control which external contacts receive and can access specific Due Diligence request items.

Target Groups can be used to:

  • Restrict confidential functional areas, such as Human Resources
  • Give different buyer teams access to different request items
  • Control which documents are visible to each external group
  • Manage when new participants receive their portal invitations

Access is controlled through the request item assigned to the Target Group. Documents attached to a request item automatically follow the access assigned to that item.


Understanding Target Groups

A Target Group contains:

  1. The external contacts who belong to the group
  2. The Due Diligence request items that the group may access

External users only see request items assigned to their Target Group after those items have been shared using Send to Target.

Important access rules

  • Each request item can be assigned to one Target Group at a time.
  • A contact added to multiple Target Groups receives the combined access from all those groups.
  • The default External Admin group can access all Due Diligence request items.
  • Anyone who should have restricted access must not be added to External Admin.

For example, a participant who belongs to both Buyer Non-HR and HR Reviewers will be able to see the request items assigned to both groups.


How Portal Invitation Emails Work

Invitation emails are triggered when content becomes available to an external participant.

New Target Group with no shared content

When a new Target Group is created:

  1. Add the external contacts to the group.
  2. Assign the appropriate Due Diligence request items.
  3. The contacts will not receive an invitation merely because they were added to an empty group.
  4. Select the relevant request items and click Send to Target.
  5. The contacts will receive their Target Portal invitation.

First-time recipients are prompted to create their account and password. Existing portal users receive a notification that new content is available.

Target Group that already has shared content

When request items have already been shared with a Target Group:

  1. Add the new external contact to the existing group.
  2. The invitation is triggered automatically.
  3. Another Send to Target action is not required solely to invite the new contact.

This occurs because the group already has content available for the new participant to review.


How to Restrict Access to a Functional Area

The following example explains how to give one group access to everything except Human Resources.

Step 1: Create the restricted Target Group

Create a new Target Group with a clear name, such as:

  • Buyer Non-HR
  • Buyer Restricted Access
  • Non-HR Reviewers

Avoid using the default External Admin group because its members can see all Due Diligence request items.

Screenshot placeholder:
Screenshot 2026-07-17 at 11.46.12 AM

Step 2: Create or identify the HR group

Create a separate group for participants who are authorized to review HR information, such as:

  • HR Reviewers
  • Buyer HR Access

Step 3: Assign the request items

Assign the request items based on the required access:

Request type Target Group
Financials Buyer Non-HR
Legal Buyer Non-HR
Operations Buyer Non-HR
Technology Buyer Non-HR
Human Resources HR Reviewers

The restricted group should receive all applicable request items except HR.

Screenshot 2026-07-17 at 11.46.42 AM

Step 4: Add the external contacts

Add the restricted participants only to Buyer Non-HR.

Add HR-authorized participants to HR Reviewers.

A participant who requires full access may be added to both groups. The system combines the request items available through each group.

Step 5: Verify External Admin membership

Confirm that the restricted participants are not also members of External Admin.

Membership in External Admin overrides the intended restriction because that group can access all request items in the deal.

Step 6: Share the request items

Select the request items that are ready and click Send to Target.

The Send to Target action notifies the external team and makes the selected request items and submitted files available through the Target Portal.

Items that have not been sent remain unavailable to external participants.

Step 7: Test the external access

Before sharing confidential content, test the setup using external test accounts:

  1. Log in as a participant from the restricted group.
  2. Confirm that the user can see the non-HR request items.
  3. Confirm that the user cannot see the HR request items.
  4. Log in as an HR-authorized participant.
  5. Confirm that the HR request items and documents are available.
  6. Verify that each participant can only see the content assigned through their Target Group membership.

How Document Access Works

Documents inherit the access of the request item to which they are attached.

For example:

  • A document attached to an HR request assigned to HR Reviewers is visible only to participants with access to that group.
  • A participant in Buyer Non-HR cannot see the HR request item or its attached documents.
  • Documents do not need to be restricted individually when the request items are assigned correctly.

Important document warning

After a request item has been sent, newly added documents may become immediately visible to the external users who have access to that request item. Confirm the Target Group assignment before uploading additional documents to an already-shared request.


Example Configuration

A deal requires two external review teams:

Buyer Non-HR

Contacts:

  • General buyer team
  • Legal reviewers
  • Financial reviewers

Assigned request items:

  • Financials
  • Operations
  • Insurance
  • Technology
  • Legal
  • Environmental
  • Benefits

HR Reviewers

Contacts:

  • Authorized HR buyer representatives

Assigned request items:

  • Human Resources

Participants in Buyer Non-HR cannot see the HR request items or HR documents. Participants who need access to everything may be added to both groups.


Common Questions

Why did a new contact receive an invitation immediately?

The Target Group already had shared content. When the contact was added, the system detected that request items were available and automatically sent the portal invitation.

Why did contacts added to a new group not receive an invitation?

The group did not yet have any shared request items. The invitation will be sent when the appropriate request items are first shared using Send to Target.

Can a document be restricted separately from its request item?

Document access follows the request item. Assign the request item to the appropriate Target Group, and the attached documents will follow that access.

Can someone belong to more than one Target Group?

Yes. Their access will include all request items assigned to every group they belong to.

Why can a restricted participant still see HR?

Check whether the participant:

  • Is also a member of the HR group
  • Belongs to another group containing HR request items
  • Was added to External Admin

Remove the user from any group that provides unintended HR access.

Do external users access the internal Devensoft application?

No. External participants access the secure Target Portal and participate without entering the internal Devensoft tenant.


Best Practices
  • Configure Target Groups before sharing confidential request items.
  • Use descriptive names such as Buyer Non-HR or HR Reviewers.
  • Keep restricted participants out of External Admin (unless they need access to all request items).
  • Review contacts who belong to multiple groups.
  • Confirm the Target Group assignment before attaching confidential documents.
  • Test the portal using representative external accounts before launching the data room.
  • Remember that adding a new contact to a group with existing shared content may immediately trigger the invitation and provide access to that group’s available items.

Related Resources