Eze Castle Integration Eze Castle Integration

Hedge IT Blog

A Look at the FCA's IT Outsourcing Guidance for Financial Services Firms

By Zorela Georgescu,
Thursday, May 26th, 2016

Financial services firms are increasingly interested relying on third-party service providers to increase efficiencies and benefit from industry expertise. While outsourcing has grown, however, regulatory bodies such as the Securities & Exchange Commission (US) and Financial Conduct Authority (UK) have begun to evaluate outsourced relationship and provide guidance around how investment management firms should engage and manage these partnerships. In 2015, the FCA drafted a “guidance for firms outsourcing to the ‘cloud’ and other third party services.”

The document aims to ensure that risks associated with outsourcing are appropriately identified and managed.  Thirteen key areas of consideration are highlighted below.

  1. Legal and Regulatory Considerations. In undertaking the due diligence process, an investment firm should consider and compare operational risks associated with outsourcing to various providers (e.g. public vs private cloud) as well as any specific legal or regulatory obligations. Firms should identify and record contracts with all service providers, ensuring that compliance with any relevant requirements lives throughout the supply chain.

Categorized under: Launching A Hedge Fund  Cloud Computing  Hedge Fund Regulation 



Five Security Practices Your Firm Had Better Get Right (Tech Tips Video)

By Kaleigh Alessandro,
Tuesday, May 24th, 2016

It's time for another Tech Tip video! Today, we have five security practices your investment firm should not overlook. Watch and learn! 

 

 

Categorized under: Security  Hedge Fund Operations  Infrastructure  Communications  Trends We're Seeing  Videos And Infographics 



Grading your cloud provider: four critical criteria

By Kaleigh Alessandro,
Thursday, May 19th, 2016

This article was written by Bob Guilbert, Managing Director, and first appeared in Hedgeweek's 2016 Guide to Setting Up an Alternative Investment Fund in the USA. Bob Guilbert, Eze Castle Integration

You're a new fund manager, and somewhere on your task list the letters "IT" are probably followed by a question mark. Odds are, you don't have a technology background, so as your firm's Chief Operating/Financial/Compliance Officer (or in some cases, Portfolio Manager), the sudden responsibility you've undertaken as your firm's de facto IT Manager is intimidating at best. 

The good news is, as a startup, your IT options are pretty clear. In 2016, there's no better technology decision a new firm can make than selecting a cloud platform – an infrastructure that has proven benefits including scalability, flexibility and robust security, among others. And while the thought of hosting IT offsite was once a worry for allocators, today's investors find comfort in knowing hedge fund and alternative investment firms are focusing on their investment priorities and leaving the technology decisions to the experts. 

From our perspective, the cloud is now a tried and tested infrastructure environment that is acceptable to the institutional investor community. They have become very thorough in their operational due diligence process, understanding exactly what cloud providers provide from an operational, management and security perspective. This has allowed managers to become much more comfortable at appointing a cloud provider to deliver an infrastructure that will perform well in any type of trading environment. 

Where managers need to spend their time is deciding on the best cloud provider to work with, as opposed to thinking about whether or not they should use a cloud provider in the first place.

And how exactly do emerging fund managers embark on that decision-making process? 

Categorized under: Launching A Hedge Fund  Cloud Computing  Security  Hedge Fund Due Diligence  Hedge Fund Operations  Infrastructure  Communications  Outsourcing  Trends We're Seeing 



Hedge Fund Hotels: Advantages for Startups and Established Firms

By Eze Castle Integration,
Tuesday, May 17th, 2016

eze castle managed suitesWhether you are preparing to launch a new hedge fund, considering expanding your established firm to another geographical location, or simply interested in relocating to a new space, there are a few important real estate options to consider, including commercial space, subleases, and hedge fund hotels. Today, we will delve deeper into one of these primary options, hedge fund hotels (also known as “managed suites” or “executive suites”) to analyze the benefits of this type of real estate.

Categorized under: Real Estate  Hedge Fund Operations 



Email Security: Is Your Out-of-Office Bringing Criminals In?

By Katie Sloane,
Thursday, May 12th, 2016

You’re about to embark on a business trip or drift away with the waves and a margarita or two on an overdue vacation. To let your clients, partners, colleagues, and the like know that you won’t be able to respond to their emails, you create an out-of-office message.

The typical auto-reply includes a brief explanation of why the recipient is out of the office, an approximate date of return and who the sender can alternatively contact. You may also list your chain of command and if you manage multiple departments, perhaps include the names and contact information for each division. Although this may appear innocuous to the untrained eye, those who are well-versed in information security, or simply read the latest cybersecurity headlines, would immediately cringe at the various red flags.

Let’s examine the probable scenarios that could transpire upon the auto-reply’s launch.Out-of-office Email Security Risks

Physical Security Threat

Auto-replies that disclose travel details pose a physical threat as they provide criminals or intruders with the recipient’s whereabouts. Regardless of whether location is provided, one can link travel dates to a popular industry trade show. Criminals may gather this information from other resources, such as a company’s posts and images shared across social networks (e.g. Twitter, Facebook).

Categorized under: Security  Hedge Fund Due Diligence  Hedge Fund Operations  Communications 



7 Tips to Keep and Create Safe Passwords (Tech Tips Video)

By Kaleigh Alessandro,
Tuesday, May 10th, 2016

We're back with another Tech Tip video! 

This time, we're tackling the subject of password security. Think your passwords are strong? Watch the video below and see if they meet these seven criteria. 

 

 

Categorized under: Videos And Infographics  Security 



Phishing and Wire Transfer Scams Abound, Educate Employees Now

By Mary Beth Hamilton,
Thursday, May 5th, 2016

The importance of employee security awareness cannot be understated. We hear and read stories too often about employees being victims of social engineering schemes. From downloading a malicious virus to falling for a wire transfer scam, these occurrences not only have financial implications to an investment firm but can also impact an employee personally and directly.

Most employees who fall prey to social engineering tactics never intend to hurt a company. In cases of wire transfer scams, for example, often an employee doesn’t follow the appropriate checks and balances at the firm or is being too "responsive" in order to impress a colleague or boss.

Just last week we learned of yet another inbound ransomware email (subject line: debt fax from <your domain here>) that had the ability to impact hedge funds if opened by an employee.

Pop Quiz: Phishing Email Example

Following is an example of the type of phishing or imposter emails that enter employees’ inboxes. Would your employees catch at least one of the items that make this email suspicious? Note the sender email address, which includes Eze Castle Integration’s domain, the balance due amount and the type of company (medical) sending the invoice. You may (and hopefully do) have advanced email security mechanisms in place, but you still have to train your employees because scams are only going to get more sophisticated.

Phishing Email Example Targeting Hedge Funds

Security Awareness Tips for Your Hedge Fund Employees

Phishing attempts can occur via email, phone, instant message, SMS or social media. Here’s what to look out for:

  • Check the sender email address as well as “to” and “cc” fields

  • Is it personalized? Be wary of generic greetings

  • Improper spelling and grammar can be giveaways as well

Categorized under: Security  Trends We're Seeing 



Five Qualities to Look for in a 24x7 Help Desk

By Eze Castle Integration,
Tuesday, May 3rd, 2016

When evaluating technology providers, there are a number of factors to consider when determining which is the best fit for your firm. One important, and often overlooked, criterion is the quality of the Help Desk. Alternative investment firms rely heavily on technology, but no technology is completely infallible. In the event of an unexpected issue, having a knowledgeable, experienced Help Desk at your fingertips is essential.

Help Desk - Customer Support

So, what makes an exceptional Help Desk?

In this article, we will take a look at some critical considerations and provide guidelines for what to look for when selecting a Help Desk provider for your firm. 

Categorized under: Help Desk  Trends We're Seeing 



Tech for Hedge Fund Startups: Mistakes to Avoid and Guidance for Success

By Zorela Georgescu ,
Thursday, April 28th, 2016

The financial services industry is currently under tremendous pressure to meet both investor and due diligence requirements. Thus, it is increasingly important to maximize technology to meet these pressures. To conclude our six-part hedge fund launch webinar series, we spoke with Eze Castle Integration’s own managing director Vinod Paul, who shared insights about current IT challenges and demands and how today’s hedge funds can employ best practices for operational excellence.

Key Priorities for New Managers

Paul defined cybersecurity and scalability as two primary technology considerations for new managers. You must first understand your firm’s specific vulnerabilities and exposures. One of the most common mistakes new launches make, according to Paul, is assuming that they only require the basic bare minimum in terms of technology. He urges new managers to pick an IT solution with operational growth in mind -- considering the business not at the onset, but in three to five years.

Service Provider Selection Criteria

Paul continued to place emphasis on customized IT, stating that when it comes to outsourcing, it is imperative that a firm carries out proper due diligence in choosing a provider to meet the firm’s unique needs. “You want enter into a true partnership that offers open lines of communication, flexibility, and ultimately, trust and accountability,” he said. Brand and reputation, long lasting relationships with clients, and industry experience are some of criteria Paul feels are most important when selecting a service provider. “Don’t step in to it with the attitude that a current provider is good enough, for right now,” he cautioned. The service provider should not only address day-to-day operations but also anticipate potential problems down the road.

Categorized under: Launching A Hedge Fund  Cloud Computing  Security  Hedge Fund Operations  Infrastructure  Outsourcing  Trends We're Seeing 



Spring Cleaning Tips for Securing Your Digital Footprint

By Zorela Georgescu,
Tuesday, April 26th, 2016

Freshness, simplicity, clarity. Words we may use to describe the Spring season. While we wait for warmer winds to come sweep away the chaos of winter, it may also be time to freshen up our digital ecosystems.  Below are some tips to help with your spring cleaning process, whether you are looking to tighten up your personal security situation or aiming to stay on top of enterprise-wide security concerns for the sake of your business.

security spring cleaning
  • Get rid of “junk”. Old photos, videos, and archives take up disc space and slow performance.

  • Check up on unused software. First, see what it’s actual purpose is. If it’s not something you use or need, uninstall. This will reduce potential malware-targeted software.

  • Install program updates. Updates include critical security patches that combat ever-morphing computer viruses.

  • Refresh passwords. Make sure your passwords vary across different platforms. Use a combination of numbers, special characters, and upper and lowercase letters. If you are an administrator, flag accounts that have not undergone a password change in three months.

Categorized under: Trends We're Seeing 



Recent Posts / All Posts / Next Page