Our Eze Voice (think financial services grade VoIP) is now available to firms across the United States and United Kingdom. In honor of this global availability, we want to debunk some common myths associated with VoIP for financial services forms.
Voice over IP has come a long way especially in the business world, but many financial services firms still have hesitations about making the switch. Check out these five common myths about Voice over IP.
MYTH 1: Poor Call Quality – Everyone will know I’m on VoIP
Call quality is a key concern and can be impacted by a number of items including the network, available bandwidth and even the type of phones being used. However, a well-designed business-caliber VoIP system can deliver quality of service comparable to an in-house phone system. In business settings, where calls are made over private IP connections, Quality of Service (QoS) can be monitored and guaranteed because the entire IP connection is controlled by the party making the call.
When evaluating VoIP services, it is important to inquire about the underlying network and how voice traffic is prioritized and routed. You want a provider that has full control over network traffic and can ensure high quality of service. For added confidence, ask to speak with existing VoIP customers (over the phone!) to hear about their experiences first-hand.
MYTH 2: VoIP is Unreliable – I’ll Experience Downtime
A natural extension of the call quality concern is the reliability concern. While consumer-grade VoIP services work over the Internet to deliver low cost services, Business-grade VoIP services often use the Internet as a backup and have private IP point-to-point lines for primary connections. If Internet is the primary transit, be sure you are working with a VoIP provider who manages the entire network and has control over traffic prioritization. In most cases you want to ensure voice traffic takes precedent over data or travels on a different network.
In the fast-paced, volatile world of financial services, constantly maintaining normal business operations is crucial – even in the event of an unexpected disaster. Even just a few moments of downtime could be extremely costly, so it is essential that firms implement sound business continuity procedures.
Since we frequently work with our hedge fund and alternative investment clients on developing comprehensive business continuity plans (BCPs), we feel it is important to review and test our own BCP procedures on a regular basis to ensure they will meet our most current business needs in the event of a disaster. To this end, Lisa Smith - one of our certified business continuity professionals - and her team recently conducted a BCP table top exercise with our management team here at Eze Castle. After this successful meeting, we thought it would be valuable to share some insights on the BCP table top exercise process with our readers to spotlight the importance of this activity.
Today's investment firms are extremely focused on cyber security preparedness, as they should be. With regulators and investors demanding more transparency than ever, it's critical for hedge funds to spend time making their own employees aware of cybersecurity threats and how to mitigate risk. With that, let's discuss a topic that we’re passionate about – education and security awareness.
We’ve told you about the types of threats that can harm a business, the steps you should take in the event of a security incident, and the policies you should create to keep your organization safe. But now it’s time to talk about training your employees to understand each of these.
A firm’s security strategy will only work if employees are properly trained on it. Therefore, the importance of providing information security awareness training cannot be understated. The goal of an awareness program is not merely to educate employees on potential security threats and what they can do to prevent them. A larger goal should be to change the culture of your organization to focus on the importance of security and get buy-in from end users to serve as an added layer of defense against security threats.
Once you have buy-in from employees, your focus can turn to ensuring they get the necessary information they need to secure your business.
An effective disaster recovery strategy cannot be acheived by checking a box. As you evaluate DR service providers, it is critical to ensure they have taken a variety of possible disaster scenarios into account and are utilizing best-of-breed infrastructure to power DR operations. Below is a quick DR infrastructure checklist to help you along in your planning (or click here to read our complete Essential Tech Guide for Hedge Funds).
Ensure your DR provider has redundant network equipment
Consider using multiple network providers; Some colocation facilities have over 30 network providers for maximum redundancy
There should be multiple sources, ideally sourced from different power grids
Are there backup power generators?
Is there onsite fuel to run those generators? You’ll want onsite fuel that can last a few weeks.
Many building tenants have a daily interaction with their building’s management. The interaction may be a friendly “good morning” or “goodnight”. Perhaps you’re on a first name basis with some of the front desk employees. Typically, that is where the relationship ends, and if so, that can potentially lead to some issues in the future.
Being able to quickly communicate and respond in the case of an emergency or interruption can make a big difference to building management and tenants alike. Additionally, having each other’s contact information can be extremely helpful during regular business hours, as well as, off-hours or holidays and weekends.
During regular business hours, building management has several options to notify tenants. Depending on the type and severity of an emergency, facility management may choose to utilize passive notification, such as email, or they may use more aggressive notification like public announcement (PA) systems or alarms. While alarms and PAs might help grab the attention of tenants, they aren’t the most effective tools to communicate long or detailed messages. Even planned drills, such as fire drills during regular business hours, are not fool-proof. During this commotion, it may be difficult to locate members of building management and even harder to efficiently communicate.
We’re in Hurricane Season so let’s look at some best practices to ensure you and your employees are prepared for the unexpected. Remember, these four Eze Tech Tips are great for the next Snowmageddon too.
Want more Disaster Recovery Tech Tips?
Here are your options:
Business continuity planning. Disaster recovery. BCP. DR. You know the terms. You know investors are looking for them. But do you know what the real differences are between them?
Business Continuity Planning and Disaster Recovery have the same goal: to implement procedures that will enable a business to recover in the event of a disaster or disruption. But each has its own focus. Business Continuity Planning revolves around people. A hedge fund business continuity plan should identify the steps necessary to get operations up and running as it relates to business functions and personnel. BCP plans usually identify mission-critical services, communication strategies, employee recovery procedures and training methods.
Disaster Recovery Planning is directly related to the technology and infrastructure that supports business operations. In developing a disaster recovery strategy, hedge funds typically examine what applications and services they have in production and which ones are mission-critical. File shares, email, accounting and trading applications and voice capabilities are often the first that come to mind, but firms should evaluate which are most essential to them. The two most important factors associated with disaster recovery planning are the recovery point objective (RPO) and the recovery time objective (RTO).
People take vacations. Companies don’t.
Hedge funds, just like most financial firms, need staff to run their technology, handle special projects, build (and manage) complex applications and of course execute core business activities. But in many cases it is not realistic or cost-effective to keep everything in-house. Enter outsourced staffing.
Outsourced staffing options for hedge funds abound. So let’s take a look at five common outsourcing practices. If you want to learn about other areas to outsource your hedge fund's technology, read our Manager's Guide to Outsourcing here.
The security threat landscape continues to evolve, and security through obscurity is no longer (and probably never was) an ideal approach to protecting the sensitive data of the hedge fund industry. A 2015 Cyber Security Intelligence Index study by IBM found that over 62 percent of cyber incidents targeted three industries -- Finance, Insurance, and Information and Communications -- highlighting the serious risk cyber intrusions present to financial firms.
The report found that in 55 percent of all cyber attacks in 2014 were carried out by either malicious insiders or inadvertent actors and that unauthorized access triggered nearly twice as many incidents in 2014 compared with 2013. According to the report, “certain types of unauthorized access incidents rocketed to the top, accounting for 37 percent of the total—nearly doubling from 19 percent in 2013. ShellShock and Heartbleed were the game changers here.”
Another example cited was that malicious code and sustained probes together accounted for 40 percent of all the incidents observed. According to IBM, with an ever expanding array of malware from which attackers may choose— including viruses, worms, Trojans, bots, backdoors, spyware and adware—it seems fairly certain that malicious code incidents will continue to wreak havoc for the foreseeable future.”
These examples demonstrate that the risks facing large organizations and smaller firms (read: hedge funds) are just as real. To that end, we regularly team with eSentire to speak with hedge fund CTOs about the security landscape and their managed security technology. Additionally, Eze Castle Integration utilizes eSentire intrusion detection technology within our Eze Private Cloud and to power our Eze Active Threat Protection services.
Feedback on eSentire’s offering and approach is always received positively and the spark for this tech spotlight article.
This article first appeared in HFMWeek's Special Report: How to Start a Hedge Fund in the EU 2015.
HFMWeek catches up with Eze Castle Integration’s executive director, Dean Hill, to discuss the importance of selecting the right business service providers and the key technology factors new funds must consider when starting out in the EU.
HFMWeek (HFM): Are you seeing a healthy market for new hedge fund launches in the EU?
Dean Hill (DH): Yes. I think going into 2016 we will see an increase in terms of the amount of new hedge fund launches across the UK and European markets. Not only are these launches coming more frequently, but their size, structure and launch AuM is greater than anything we have seen in the last two-to-three years. It is certainly on the uptake.