Traveling with electronic devices puts personal and critical business information at risk. As we embark on the busy holiday travel season, we decided to share some useful tips to help prevent your data and devices from falling into the wrong hands. Here are our top 10:
Back up Your Data Before You Leave: Prior to traveling, back up data that is stored on your device(s) onto media that will not be taken with you on your travels. For example, on a storage card, cloud, or computer, if you are not bringing the latter device on your trip. Furthermore, ensure you do not have social security numbers, passwords, credit card information and other sensitive data stored on your devices. If you do, save this information in a more secure place and remove it from your portable devices.
Travel Light: If you do not need it, do not bring it on your trip. Only devices that are necessary should accompany you while traveling.
Here at Eze Castle Integration we have a pantry full of thoughtful policies that help ensure we keep everything in tip-top shape. In past Hedge IT articles, we’ve shared our recipes for creating security incident policies, BYOD policies and social media policies.
Today, we are going to share our recipe for creating an Acceptable Use Policy, which governs how a company and its employees use computing resources. The SANS Institute, which has policy templates galore, also has an Acceptable Use Policy template that you can find HERE and is the foundation for our award-winning recipe.
First, define the purpose and scope of your policy by answering questions including:
Why are the rules in place (i.e. protect firm from virus attacks, compromising of the computing network, etc.)?
Who does the policy apply to (i.e. employees, consultants, contractors, etc.)?
Public cloud tools and free file sharing services are wholly owned and managed by third-party providers. Because infrastructure costs are spread across all users who are employing the service, each individual client is able to operate at a low cost. Public cloud tools are typically larger in scale than private enterprise clouds, which provide users with seamless, on-demand scalability.
These factors may seem to support the belief that public clouds and free file sharing services would suffice for a business’s basic infrastructure and file sharing needs. However, upon closer examination, it is clear that there are a number of areas in which these tools fall drastically short of meeting the crucial business needs of investment management firms.
Is your password “123456” or just plain old “password”? If so, you’re not alone. When media company-Gawker Media’s million plus user database was compromised by hackers, the passwords of nearly 200,000 users were decoded and made public. Of those exposed, over 3,000 people used the password “123456” and nearly 2,000 were using “password” as their password.
Think your name is an original password? Apparently lots of Michelle’s and Jennifer’s did because those made the most common password list as well. Check out the complete list to see if you have a popular password.
This past weekend on the dark web hackers were offering to sell 590,000 Comcast email addresses and associated passwords. Of those, Comcast verified that 200,000 accounts were still active and had the account owners reset their passwords. According to Cnet, hackers didn't breach Comcast's computers to steal the information. Instead, they created their list of passwords with information stolen from [people across the web]." Hackers are skilled at tricking individuals into sharing their passwords. Then, since people often use the same password for multiple sites, the hackers have gold.
Gawker and Comcast being hacked are yet more reminders of the importance of having strong passwords and updating them regularly, especially in the hedge fund and investment management industry. Here are some tips to create safe passwords and keep them safe:
First off, passwords are essential but simply having one isn’t enough. Remind users not to leave passwords on sticky notes or under their keyboards. One way to remember a new password is to use it immediately and often.
This post was contributed by Frank Serebrin, president and founder of InCapital Marketing.
If you don’t have a website, you don’t exist.
That’s the takeaway from…well, I can’t cite a study, but it’s my opinion.
Less than a generation ago, few businesses would consider not having their phone number published in the yellow pages. (Remember them?) Today, search engines have replaced phone books as the place most go for research and information. How can your potential new clients search you if you don’t have a website or social media presence?
Yet fifty-five percent of small businesses don't have a website, according to a 2013 survey of more than 3,800 small businesses conducted by Google. That's a slight improvement from the year before, when 58 percent said they didn't have a website.
You may think of yourself as a start-up hedge fund manager, or a Registered Investment Advisor, or a real estate private equity manager. And you’re still also a small business, too, at least as defined by the SBA.
Here are ten reasons why you may not have a site yet, and what you may do to correct the oversight:
1. I Don't Have the Time
Is this you? "I'm too busy trading…I’m on the road making sales calls…my partners and I have full time corporate jobs, too.” With all the demands on your time, a website can help sell your story while you build relationships and multi-task.
2. There’s No Money in the Budget
Is it that you don't have the money, or you haven’t figured out what your marketing budget should be? As a start up, your focus might understandably be on the legal costs of a private placement memorandum, and administrative, accounting, technology, trading, office space, and sales expenses.
How much capital are you looking to raise, and it what period of time? Is it $25 million? $50 million? $250 million or more? And you want to raise that from professional and sophisticated investors without the credibility of a website?
This article is contributed by Richard Wilson of Hedge Fund Blogger and provides unique hedge fund marketing tactics that managers should investigate further while attempting to raise capital for their funds. The topics covered include public relations management and educational marketing.
Public relations has to be one of the most ignored marketing tools of hedge fund managers today. I have worked with over three dozen hedge funds on their marketing plans and capital raising efforts. So far, the most intense public relations effort I have seen set forth was a single press release over a four-year period. This is not to say that any hedge fund that is not publishing at least four press releases per year is doing something wrong. However, many could benefit by simply making themselves more available to the press.
The media is hungry for real time opinions of hedge fund managers, traders and marketers. They need comments on current market conditions, trends in hiring and firing of traders and portfolio managers and what prospects lay ahead for the industry as a whole. Many hedge fund managers shy away from contributing to stories in the press. I would strongly encourage you to speak with your legal counsel and see if they would approve of your discussions with the media if you stick to industry trends, general market trends and long-term movements you are seeing within the industry.
Effective hedge fund marketing strategies and materials allow firms to capitalize on new opportunities and stand-out from the crowd. However, crafting a unique story that reaches and motivates investors is challenging.
Today I moderated a webinar with speakers from Ovis Creative and Ledgex Systems looking at the current marketing landscape, marketing pitchbook best practices and the role of a hedge fund CRM platform.
Below you can watch the whole webinar or download the slides HERE.
To pique your interest, here is expert advice from Ovis Creative’s Creative Director, Lauren Colonna, about hedge fund pitch book best practices:
Don’t go overboard on the content. Create a cohesive but succinct story (total of 20 to 30 pages)
Focus on key pages with greatest opportunity for impact
Avoid overused terms; remember if a concept or phrase sounds generic to you... they are even more so to an investor who has heard the same theme over 1000 times
Maintain a consistent style, voice and tone (reflective of your pitch); Employ perfect grammar, succinctness, clarity and a consistent message
Use bulleted form rather than full text paragraphs; Consider a call out/side bar to enforce a key takeawayShe also covers what’s in a pitchbook, the role of a website and much more.
Understanding the lingo of disaster recovery and business continuity planning is essential to ensuring a firm is fully knowledgeable during the planning process and prepared should an incident occur. Here at Eze Castle Integration we are regularly defining key DR terms for our hedge fund clients. Since we fancy ourselves experts on all things hedge fund DR related, we have have developed this handy list of common DR definitions.
A component of Disaster Recovery that deals with the restoration of business system software and data, after the operating system environment has been restored or replaced.
A system of planning for, recovering and maintaining both the IT and business environments within an organization regardless of the type of interruption. In addition to the IT infrastructure, it covers people, facilities, workplaces, equipment, business processes, and more.
To quote our latest Tech Tips video, "when things are good, they’re good. But when things turn bad, it could be downright scary," so here is our latest video that covers four signs you may be outgrowing your IT service provider.
An often overlooked, but critical component of disaster recovery (DR) solutions is testing. In an interview with HFMWeek, Bob Guilbert touched upon the topic of DR testing. In the discussion, Bob noted that “the best approach that funds can take to ensure an effective disaster recovery system is to test them periodically.” Lisa Smith, a Certified Business Continuity Planner here at Eze Castle, also echoes this advice in her conversations regarding inclement weather business continuity planning.
If regular testing is a critical component of an effective DR solution, why do many firms fail to do so? In working on the Eze Disaster Recovery team for several years, I have heard a variety of reasons from clients as to why this is the case. The most common reasons include:
a lack of time to commit to DR testing;
a lack of understanding as to how to go about testing their solutions;
and a belief that testing could hinder normal business operations, and is therefore too risky for the firm.