Eze Castle Integration

Hedge IT Blog

Securing the Cloud for Hedge Funds and Investment Firms

By Kaleigh Brousseau,
Tuesday, August 30th, 2011

Last week, we examined some potential security threats within a cloud environment, including shared technology, data loss and unknown risk profiles. But these threats do not have to become realities for your firm’s environment. By doing your due diligence and selecting the right service provider, you can minimize the risk of a security threat in the cloud.

Proper security in a cloud environment requires specialized practices and processes at both the physical and virtualization level. Following are some key features to look for when evaluating a cloud services provider:

Physical Security at Data CentersSecuring the Cloud

  • 24x7x365 manned lobby with visual verification of identity

  • Two-phase authentication of visitors (card and biometric)

  • Secured access doors and elevator banks

  • Monitored security cameras

  • Additional door, motion and camera sensors

  • Visitor logs for cages

  • Key-locked cages and cabinets

Virtualization Security

In what is sometimes known as a multi-tenant environment, cloud subscribers share the same underlying infrastructure, databases or applications. In public cloud environments, multi-tenancy can pose a security risk if proper isolation measures are not put into place to securely separate data and resources. If you’re looking for more security through a private cloud, be sure to look for these requirements:

  • Availability: Redundancy should be built into every layer of the technology infrastructure to minimize the risk of unplanned downtime.

  • Secure Separation: Ensure that your cloud provider will use secure separation to isolate your silo and resources from other cloud customers.

  • Service Assurance: Computing, networking and storage resources should be readily available to you as needed to deliver top performance and accommodate fluctuations in user demands.

  • Management and monitoring: Work closely with your cloud services provider to ensure they will have comprehensive control and extensive visibility over your cloud infrastructure at all times. You need to ensure it is highly secure, your environment is separated and you receive the highest level of service.

Additionally, plan to vet your service provider around the policies and procedures they have in place for access control to your cloud environment, as well as specifics around other technology areas such as encryption and resiliency.

For more information on cloud computing for hedge funds and investment firms, visit our Knowledge Center today.

Contact an Eze Castle Representative

Photo Credit: Silicon Angle

Categorized under: Cloud Computing  Hedge Fund Due Diligence  Infrastructure  Security 



Recent Posts / All Posts

 

Subscribe to Hedge IT

Follow Us

    Follow us on Twitter Follow us on FaceBook Follow us on LinkedIn Follow us on Google RSS Feed

Recent Articles

Categories

Archives