As summer officially approaches its halfway point, we at Eze Castle Integration hope that everyone is enjoying the beautiful weather. We also want to take this opportunity to remind folks to be mindful that your firm can still be vulnerable, even when the weather is warm and sunny. With heat and humidity rising, power usage is increased to keep offices cool, leaving firms susceptible to power outages. Additionally, with employee vacations prevalent during the summer and offices less crowded, there are fewer gatekeepers protecting your firm from social engineering threats and hackers. Let’s examine some of these factors a little more closely and offer some business continuity and security tips to keep your firm running at full speed in the summer heat.
Impact of the Heat: Power Outages
You are sitting at your desk and recording sensitive information for one of your clients, when all of a sudden your screen goes black, and the office is completely dark. Your firm has experienced a power outage caused by increased usage during the summer months, and you are not sure if your information and technology is protected.
The months of July, August and September are considered the “blackout season” as major cities use the most power during these months, leaving them susceptible to power outages. According to the Energy Information Administration, electrical power outages, surges and spikes in usage bring about more than $150 billion in annual damages to the U.S. economy.1
Did you know that the average cost of a data breach is $3.8 million? Or, that the consolidated average cost incurred for each record of lost or stolen sensitive and confidential information has increased six percent (6%) since 2013 from $145 to $154? A recent study of 350 companies spanning 11 countries reported the aforementioned statistics, representing a twenty-three percent (23%) increase in data breach consolidated costs.
If communicating to your employees, investors, vendors, and partners is important on a daily basis, then ensuring effective communication during a disaster or disruption should be a priority, too. There are many reasons why it may be advantageous for a firm to consider utilizing an Emergency Notification System (ENS) in order to ensure that internal and external parties are kept informed and updated. Traditional calling trees are cumbersome and time consuming, and emails -- especially outside of business hours -- can often be overlooked. Today, notifications systems can quickly and effectively send messages using a variety of delivery methods. It’s no wonder many companies large and small are moving to these kinds of systems. However, finding the right system requires some thought and planning. This article will cover some items firms may want to consider when shopping for a notification system.
Does the system require on site hardware or is it hosted online or a hybrid of the two?
On Site: This option is rarely utilized, and it means that hardware/software will have to be added locally to the firm’s infrastructure to sync up with the system. Depending on the current IT set up, firms may want to discuss this option with their IT administrator or provider to ensure it is feasible. This option can be vulnerable if there are local issues affecting the firm’s office because it will most likely also affect the notification system.
In Part 1 of the SEC's recent cybersecurity guidance update, the regulatory body highlighted the need for cyber risk assessments across multiple areas of a registered firm's organization. Continuing to address how firms should prepare for security incidents before they occur, Part 2 of the SEC's guidance update focuses on how hedge funds and registered investment advisers should prevent, detect and respond to security incidents.
Take a look at the latest installment of our video series or scroll down to read a brief recap.
Categorized under: Security Launching A Hedge Fund Cloud Computing Disaster Recovery Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Business Continuity Planning Trends We're Seeing Videos And Infographics
If you missed our 'Starting a Hedge Fund' webinar last week, you missed a lot. Luckily, our webinar replay is available here, and we're now onto Part Two of our recap. If you missed Part One - which focused on the structural and formation basics of starting a new hedge fund - click here. In Part Two, we're recapping what our very own Managing Director Vinod Paul covered, specifically around IT infrastructure decision-making, cybersecurity protections and common technology mistakes.
2015 Technology Priorities
Before looking at the specific technology infrastructure components emerging managers should consider before and during the launch phase, let's first cover some large-scale IT priorities for startups in 2015. We've identified three major priorities:
Selecting the right service providers. Whether it's outsourcing IT, administration or another critical function, it's imperative for startups (and successful hedge funds in general) to conduct proper due diligence and forge partnerships with providers that offer flexibility and accountability.
Understanding your firm's vulnerabilities and exposures. Security, security, security. It's the most critical area of focus for hedge funds in 2015. Firms should understand what risks could affect their businesses and the safeguards in place to mitigate those risks.
Employing an infrastructure your firm can grow with. You're a startup, yes. But you can't afford to act like a startup, at least when it comes to your technology. Selecting an infrastructure platform and provider that can grow with your firm and support you 2, 5, 10 years down the road is critical to your success, and will save you money and headaches in the long run.
Categorized under: Launching A Hedge Fund Cloud Computing Disaster Recovery Security Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Business Continuity Planning Trends We're Seeing Videos And Infographics
Yesterday, we hosted a hedge fund launch webinar called “A Checklist for Starting a Hedge Fund in 2015,” which focused on structure and strategy considerations for hedge fund startups as well as focus areas for your technology infrastructure and cybersecurity systems. Marni Pankin, partner at Marcum LLP, and Vinod Paul, managing director at Eze Castle Integration, shared their expert knowledge on what they consider to be the top priorities for hedge fund startups in 2015.
Pankin started with a checklist of her own, including what an emerging manager should look for when launching a new hedge fund. Below is a brief summary of her checklist and be sure to read our second article, "Starting a Hedge Fund: Your IT and Cybersecurity Checklist" here.
Categorized under: Launching A Hedge Fund Cloud Computing Disaster Recovery Security Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Business Continuity Planning Trends We're Seeing
Recently, the North American Securities Administrators Association (NASAA) has implemented new requirements on state registered advisors regarding firm’s business preparedness plans. Specifically, the rule requires firms to establish, implement, and maintain both a Business Continuity and Succession Plan.
Whether firms have existing plans already in place or are developing plans for the first time, they must ensure plans are in line with the NASAA’s new Model Rule regulations and guidance. Below are the specific areas identified as part of the new rule:
The protection, backup, and recovery of books and records.
Alternate means of communications with customers, key personnel, employees, vendors, service providers (including third-party custodians),and regulators, including, but not limited to, providing notice of a significant business interruption or the death or unavailability of key personnel or other disruptions or cessation of business activities.
Categorized under: Business Continuity Planning
What happens when it’s not a drill? What will employees in the office do after hearing an announcement or alarm due to an incident? Quickly make their way to the stairs or ignore it and continue working?
In critical situations, time matters. If everyone delays evacuating to make sure it’s the “real thing” or just completely ignores the warning, they can potentially put themselves in serious jeopardy. At home or at work, fire alarms go off from time to time. Unfortunately, responses to such alarms can range from grabbing a fire extinguisher to fuse the situation to putting on ear plugs and continuing with your workday. Inadequate responses to a fire alarm, for example, can put yourself, coworkers, and even first responders at risk. Fines can also be assessed to a firm by agencies such as OSHA or the local fire municipality if employees fail to evacuate in a timely manner.
A recent report from the National Fire and Protection Agency (NFPA) estimated that in 2013 alone there were 487,500 structure fires, causing 2,855 civilian deaths and 14,075 injuries. Below are four areas of importance that firms should focus on during these types of scenarios to ensure their employees and businesses are not negatively impacted.
In the last 30 years, how many weather events can you remember? Maybe some recent “super storms” come to mind – Hurricane Sandy (2012), and Winter Storm Juno (2015) are probably at the top of your list. How prepared for these storms was your firm?
A 2007 study by the National Association of Insurance Commissioners (NIAC) found that more than 90% of small businesses interviewed had property/liability coverage while less than half (48%) of firms with annual revenues of more than $1 million have business interruption insurance.
It may not come as a surprise then that, following disasters such as these, many small business (20-40%) are forced to shut down, according to an Institute for Business & Home Safety (IBHS) report. It is important to understand the losses that can affect businesses and prepare accordingly. These losses can include: disruption of critical supplies and inability to move product, utility outages and power failures, employee transportation issues or remote access problems, and connectivity issues, just to name a few.
Winter Weather Preparedness: Considerations for Keeping Your Firm and Employees Operational This Winter
Anyone who lives in a region that regularly receives snow knows (and expects) that every winter brings the potential for experiencing disruption, delays, cancelations and closures to roads, buses, trains, boats and subways that transport people to and from work. (If you’re in the Boston area, you’re experiencing this today with the MBTA shutting down all rail service to clean up from more than 70 inches of snow in the last three weeks.) Snow storms don’t just affect transportation though; weather events can cause power outages, force evacuations, impact deliveries, and as we saw recently with Winter Storm Juno, can cause entire states to ban travel.
Impacts of heavy snow if traveling to work
Let’s consider some of the issues firms can face even if a travel ban isn’t in place and employees must attempt to make their way to the office.
Most people who commute to work know that adverse weather can have a major impact on their travel to and from the office. Regardless of the manner of transportation (car, rail, subway, boat, bus, etc.), all will most likely experience delays and present challenges for commuters during a snow storm. Delays, breakdowns, cancellations, and longer commuting times are very common throughout a storm and can still impact travel days after a storm concludes, leaving employees largely unable to work effectively if at all.