Eze Castle Integration

Global Infrastructure, Local Presence




 

At Eze Castle Integration, we understand the important role technology plays within an investment firm's operations. That's why we tell our clients to let us handle their IT -- and leave the financial trading tasks to them. Eze Castle's global infrastructure reflects the company's desire to fulfill the changing needs of today's financial services firms and provide our clients with a robust and reliant infrastructure to support their operations.

We have 10 data centers across 3 continents to offer hedge funds and investment firms premier technology services, including Eze Private Cloud, and support on a global scale.  

Eze Castle Global Infrastructure

Global Infrastructure Highlights

Redundant Facilities & Network

  • Tier II and III data center facilities provide 99.982% availability
  • N+1 infrastructure redundancy to ensure maximum uptime  
  • MPLS and VPLS service capabilities within Eze Castle's global private network

Advanced Physical Security

  • Multi-factor authentication
  • Secured access doors and elevator banks
  • 24x7 manned security, cameras and digital monitoring of all facilities
  • Visitor logs periodically reviewed by Eze Castle Integration engineers

Premier Technology Foundation

  • Redundant networking (switches, routers and firewalls) via Cisco
  • Storage virtualization technology via NetApp
  • Platform virtualization technology via VMware
  • Threat management and intrusion detection via eSentire

Power/Cooling Requirements

  • Fully redundant HVAC and fire suppression systems to maintain adequate temperate control
  • Multiple power grids for redundant power
  • Multiple on-site generators and up to 24 days' worth of fuel supply

Proactive Cloud Monitoring

  • Continuous 24x7 monitoring of network and device availability
  • Immediate alert notification when issues arise for rapid resolution
  • Alerts and pre-failure indicators for proactive problem prevention
  • Active scanning to detect and quickly resolve security holes and prevent breaches

Performance Certifications & Uptime Standards

  • Data center facilities meet industry-standard SAS 70 Type II and SSAE-16 (US) and ISO (UK & Asia) audit levels

Our Corporate Disaster Recovery & Business Continuity Plans

Eze Castle Integration has extensive physical security, disaster recovery and backup plans and procedures to protect our global infrastructure. Eze Castle's Business Continuity Plan provides procedures for successfully recovering people, business functions and systems in the event of an emergency. The BCP provides guidelines for effectively implementing procedures for operational recovery strategies, emergency response and crisis communication.

Eze Castle has implemented recovery strategies to ensure a successful restoration of business after a disaster and from any location. These recovery strategies include, but are not limited to,

  1. Geographically dispersed data centers,
  2. Geographically dispersed offices,
  3. Remote access to critical applications,
  4. Quarterly employee training and testing, and
  5. Semi-annual disaster recovery testing.

Alternative systems and procedures have been identified to enable continuous business operations during an outage. All business units within Eze Castle are required to maintain a viable recovery plan, which contains business unit-specific information and can be used during an interruption or disaster. The business requirements will continually be reviewed and technical solutions generated to address any potential recovery gaps and exposures.

Our Corporate Security Policies & Procedures

Eze Castle Integration's global infrastructure is supported by the company's vast policies and procedures designed to protect the firm, its employees and its clients. Eze Castle employs the following general security measures with regards to system security and access:

Priciple of Defense in DepthPrinciple of Defense in Depth

  • Multiple layers of security are employed to protect all systems and data as appropriate. These include, but are not limited to, anti-virus software, host-based and network intrusion detection systems, hardware and software firewalls, encryption and application filters.
  • All Windows hosts must be protected by anti-virus software with up-to-date virus definitions. 
  • All Internet and DMZ facing hosts will be protected by an intrusion detection system.

 

Principle of Least Privilege

Principle of Least Privilege

  • Eze Castle employs the principle of least privilege to all systems and data, ensuring access will be limited to only those who need it. Planned or implemented restrictions include:
  • Access control lists on all applications and data
  • Inbound/Outbound Internet Access Control lists at all Eze Castle offices
  • Use of audited OTPs (one-time-passwords) and minimum-privilege shared accounts for access to client networks

 

Secure User Protocols

Secure User Authentication Protocols

  • Eze Castle utilizes secure user authentication protocols including:
  • Enforcement of strong domain password policies
  • Control of data security passwords to ensure that such passwords are kept in a location and/or format that does not compromise the security of the data they protect
  • Restriction of access to active users and active user accounts only

 

Audit and Logging SystemsAudit and Logging Systems

  • Eze Castle employs a central logging system that records all login/logout events, as well as inbound/outbound connections through Internet-facing firewalls.