Eze Castle Integration Eze Castle Integration

Hedge IT Blog

> Subscribe to Blog Entries about Videos and Infographics RSS

Six Questions to Ask About Your Investment Firm's Cybersecurity Risk

By Katelyn Orrok,
Tuesday, September 27th, 2016

During Part 2 of our Risk Outlook Webinar Series we spoke with Eze Castle Integration Director Dan Long about how investment firms should address evolving cybersecurity risks, third party service provider oversight and employee training and education. Many of the points Dan addressed highlight questions hedge funds and private equity firms should be asking themselves.

Read on or scroll to the bottom to watch the full, 30-minute replay.

What is our commitment to cybersecurity and what is our outlook on the future?

Regulators and investors continue to ask more questions about cybersecurity because they want to know that firms are effectively mitigating risk. To meet these growing expectations, firms must demonstrate that you take cybersecurity risk seriously and have implemented sound systems, policies and procedures to combat those risks. As the threat landscape and technology continue to evolve, investment management firms need to evolve accordingly and develop better ways to counteract threats. Firms don’t necessarily need to implement every available security technology, but they should be keenly aware of their options and have a plan to effectively mitigate as much risk as possible.

How are we addressing third party risk and oversight?

Investment management firms often rely on third party vendors to obtain functionality or capabilities that they need, want or can’t afford to produce on their own. But moving functions out of the firm's control can present challenges. With any outsourced function, the firm inherently takes on additional risks at the hands of the third party. But it's critical for investment managers to limit those risks through sufficient due diligence. To combat vendor risk, financial firms need to maintain strict oversight of all third party relationships and investigate security practices and protocols, particularly for those vendors who have access to the firm's confidential information. An outsourced vendor should be providing the same level of security (or better!) as your firm would if the function was under in-house control.

Categorized under: Security  Private Equity  Hedge Fund Due Diligence  Hedge Fund Operations  Hedge Fund Regulation  Outsourcing  Business Continuity Planning  Videos And Infographics 



The Hedge Fund COO’s Perspective on Risk

By Kaleigh Alessandro,
Tuesday, September 20th, 2016

Risk. Across the financial services industry, it’s a buzzword right now, and rightfully so. Perpetuated by mounting regulatory change, growing cybersecurity threats and a challenging market climate, the focus on risk is one that grows with each passing day.
 
As such, we are hosting a 6-week webinar series, Risk Outlook, wherein we’re interviewing industry experts on a host of risk-related topics. To kick off the series, last week we interviewed Mark Strachan, chief operating officer and compliance officer for BBL Commodities, a New York hedge fund. Read on for a recap of my conversation with Mark or scroll to the bottom to watch the webinar replay.
 
Question (Q): The last 5-10 years have been challenging for the investment management industry, looking back to the 2008 financial crisis as well as with increasing regulatory initiatives and changes across the investor due diligence process. How have your views on risk and the risk landscape evolved during this time? Or have they evolved?
 
Mark Strachan (MS): I think they’ve certainly evolved. The core features of non-investment risk – such as operational, counterparty, regulatory, security and business risk – have been constant, but they have evolved in terms of their complexity, our experiences with them, the tools available to help mitigate exposure and the focus by investors through their due diligence process.

Categorized under: Trends We're Seeing  Security  Hedge Fund Due Diligence  Hedge Fund Operations  Hedge Fund Regulation  Outsourcing  Videos And Infographics 



Setting Up Secure File Sharing at Your Hedge Fund: Varonis on Eze Cloud

By Mary Beth Hamilton,
Tuesday, September 6th, 2016

As we work with clients on completing due diligence questionnaires (DDQs), one increasingly common question is, “does your firm block access to data sharing sites such as DropBox or Google Drive?”

Generally the answer to this question should be ‘Yes,’ but that isn’t always the case because public file sharing services such as these are very convenient, and firms may overlook the security risk they pose. Additionally, employees accustomed to using Dropbox for personal use may be tempted to go for convenience over security when they need to share a large file or data set.

However, with security threats multiplying exponentially, hedge funds and alternative investment firms need to be proactive in protecting data and personally identifiable information (PII) from accidental and malicious insider risks. That’s why for secure file sharing Eze Castle Integration includes Varonis' DatAnywhere product as a standard feature within our Eze Managed Suite. Varonis' DatAnywhere offers users seamless and secure collaboration and file sharing across devices.

Beyond security, Varonis' DatAnywhere is easy to use. Users receive the same drag-n-drop experience as shared network drives or a cloud sync folder, which means no need for training on complex user interfaces and collaboration workflows. Additionally, data is automatically backed up and version controlled.

Categorized under: Infrastructure  Cloud Computing  Security  Trends We're Seeing  Videos And Infographics 



Cloud, Cyber Security and Managed Services: Putting Eze Castle Over the Top in Waters Rankings (Video)

By Katelyn Orrok,
Tuesday, August 2nd, 2016

We're thrilled to share that Eze Castle Integration has won the coveted awards for Best Cloud Infrastructure Provider and Best Cyber-Security Provider in the 2016 Waters Rankings. Vinod Paul, Managing Director of Eze Castle Integration, spoke with Dan DeFrancesco, Deputy Editor of Sell-Side Technology and Waters Technology about how Eze Castle Integration differentiates itself from other cloud and security providers. 

Watch Vinod's video interview below or scroll down for some quick takeaways.

 

 

Categorized under: Cloud Computing  Security  Outsourcing  Videos And Infographics  Eze Castle Milestones 



Cyber Security Plans & Enforcement Actions for Hedge Funds and Private Equity Firms (Video)

By Kaleigh Alessandro,
Tuesday, June 28th, 2016

There's a lot to be mindful of when it comes to cybersecurity. Experienced and savvy hackers. Insider threats. Regulatory guidance updates and subsequent enforcement actions. The list goes on. So how do today's hedge fund and private equity firm managers navigate the changing landscape and stay above the fray? It all starts with planning. 

If you missed it, our recent webinar with law firm Sadis & Goldberg explores the regulatory climate for investment firms, recaps recent SEC enforcement actions and the variance in how compliance is evaluted, and provides practical and actionable advice for fund managers looking to address insider threats, education awareness and policy gaps around information security. 

If you have a free hour, this one's worth your time.

Watch below or read our joint whitepaper, A Fund Manager's Cyber Security Action Plan

 

Categorized under: Security  Private Equity  Hedge Fund Due Diligence  Hedge Fund Operations  Hedge Fund Regulation  Videos And Infographics 



You've Been Thinking About Hosted Voice All Wrong [Tech Tip Video]

By Kaleigh Alessandro,
Thursday, June 2nd, 2016

In today's Eze Castle Tech Tip: we're discussing myths about Voice over IP -- or hosted voice -- services. 

 

 

Categorized under: Videos And Infographics  Cloud Computing  Security  Disaster Recovery  Infrastructure  Communications 



Five Security Practices Your Firm Had Better Get Right (Tech Tips Video)

By Kaleigh Alessandro,
Tuesday, May 24th, 2016

It's time for another Tech Tip video! Today, we have five security practices your investment firm should not overlook. Watch and learn! 

 

 

Categorized under: Security  Hedge Fund Operations  Infrastructure  Communications  Trends We're Seeing  Videos And Infographics 



7 Tips to Keep and Create Safe Passwords (Tech Tips Video)

By Kaleigh Alessandro,
Tuesday, May 10th, 2016

We're back with another Tech Tip video! 

This time, we're tackling the subject of password security. Think your passwords are strong? Watch the video below and see if they meet these seven criteria. 

 

 

Categorized under: Videos And Infographics  Security 



HR for Hedge: Setting Up Your New Fund's Human Resources Infrastructure

By Jordan DeSantis,
Thursday, March 24th, 2016

For any new investment startup, the task list is lengthy. Beyond investment priorities and strategy decisions, new managers are also grappling with securing office space, ordering technology, engaging with service providers, and much more. One aspect often overlooked is human resources. To kick off our Hedge Fund Launch Webinar Series, we invited Maya Cohen, Senior Vice President at TriNet, to share HR priorities for startup hedge fund managers.

Employee Benefits

Human Resources Challenges for Investment Startups

HR can pose a challenge to any new business owner. If you’re venturing out from a larger institution, you’re used to relying on a large HR department to meet your needs and answer your questions. Now, as the employer for the first time, you’re expected to fill that role seamlessly. You’ll soon be faced with situations unfamiliar to you: creating initial offer letters, negotiating healthcare costs, and dealing with employee terminations. You’ll need to think about the type of work environment you want to foster. Will it be casual or formal? Will you offer rich benefits to employees? How will you handle payroll questions? These are just a sample of the decisions you’ll need to make as you start your hedge fund.

Categorized under: Launching A Hedge Fund  Hedge Fund Operations  Trends We're Seeing  Videos And Infographics 



What is Active Threat Protection? Stopping Advanced Persistent Threats

By Mary Beth Hamilton,
Tuesday, March 8th, 2016

According to TechTarget’s SearchSecurity, “an advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time.” As with most sophisticated cybersecurity attacks, the goal of the intruder is to capture valuable information and steal data. APT intrusions are often focused on high-value information and sectors such as the financial industry.

The cybersecurity landscape is constantly changing and today the cyber threat actors range from organized crime to state sponsors.

How do hackers gain access?

When it comes to advanced persistent threats, the cyber criminals often use targeted social engineering tactics including spear phishing. In a spear phishing incident, criminals target specific companies or individuals and conduct background research to compile employee names, titles and contact information. Social networks are common resources crawled for this information. Obtaining such details and observing communications provides criminals with the tools to mirror email addresses, website URLs and dialect. The end result is the criminal’s identity masqueraded as a legitimate, trustworthy source.

How can you defend against Advanced Persistent Threats?

Categorized under: Security  Launching A Hedge Fund  Cloud Computing  Trends We're Seeing  Videos And Infographics 



View earlier posts in the archive

Recent Posts / All Posts