To quote our latest Tech Tips video, "when things are good, they’re good. But when things turn bad, it could be downright scary," so here is our latest video that covers four signs you may be outgrowing your IT service provider.
An often overlooked, but critical component of disaster recovery (DR) solutions is testing. In an interview with HFMWeek, Bob Guilbert touched upon the topic of DR testing. In the discussion, Bob noted that “the best approach that funds can take to ensure an effective disaster recovery system is to test them periodically.” Lisa Smith, a Certified Business Continuity Planner here at Eze Castle, also echoes this advice in her conversations regarding inclement weather business continuity planning.
If regular testing is a critical component of an effective DR solution, why do many firms fail to do so? In working on the Eze Disaster Recovery team for several years, I have heard a variety of reasons from clients as to why this is the case. The most common reasons include:
a lack of time to commit to DR testing;
a lack of understanding as to how to go about testing their solutions;
and a belief that testing could hinder normal business operations, and is therefore too risky for the firm.
Our Eze Voice (think financial services grade VoIP) is now available to firms across the United States and United Kingdom. In honor of this global availability, we want to debunk some common myths associated with VoIP for financial services forms.
Voice over IP has come a long way especially in the business world, but many financial services firms still have hesitations about making the switch. Check out these five common myths about Voice over IP.
MYTH 1: Poor Call Quality – Everyone will know I’m on VoIP
Call quality is a key concern and can be impacted by a number of items including the network, available bandwidth and even the type of phones being used. However, a well-designed business-caliber VoIP system can deliver quality of service comparable to an in-house phone system. In business settings, where calls are made over private IP connections, Quality of Service (QoS) can be monitored and guaranteed because the entire IP connection is controlled by the party making the call.
When evaluating VoIP services, it is important to inquire about the underlying network and how voice traffic is prioritized and routed. You want a provider that has full control over network traffic and can ensure high quality of service. For added confidence, ask to speak with existing VoIP customers (over the phone!) to hear about their experiences first-hand.
MYTH 2: VoIP is Unreliable – I’ll Experience Downtime
A natural extension of the call quality concern is the reliability concern. While consumer-grade VoIP services work over the Internet to deliver low cost services, Business-grade VoIP services often use the Internet as a backup and have private IP point-to-point lines for primary connections. If Internet is the primary transit, be sure you are working with a VoIP provider who manages the entire network and has control over traffic prioritization. In most cases you want to ensure voice traffic takes precedent over data or travels on a different network.
In the fast-paced, volatile world of financial services, constantly maintaining normal business operations is crucial – even in the event of an unexpected disaster. Even just a few moments of downtime could be extremely costly, so it is essential that firms implement sound business continuity procedures.
Since we frequently work with our hedge fund and alternative investment clients on developing comprehensive business continuity plans (BCPs), we feel it is important to review and test our own BCP procedures on a regular basis to ensure they will meet our most current business needs in the event of a disaster. To this end, Lisa Smith - one of our certified business continuity professionals - and her team recently conducted a BCP table top exercise with our management team here at Eze Castle. After this successful meeting, we thought it would be valuable to share some insights on the BCP table top exercise process with our readers to spotlight the importance of this activity.
Today's investment firms are extremely focused on cyber security preparedness, as they should be. With regulators and investors demanding more transparency than ever, it's critical for hedge funds to spend time making their own employees aware of cybersecurity threats and how to mitigate risk. With that, let's discuss a topic that we’re passionate about – education and security awareness.
We’ve told you about the types of threats that can harm a business, the steps you should take in the event of a security incident, and the policies you should create to keep your organization safe. But now it’s time to talk about training your employees to understand each of these.
A firm’s security strategy will only work if employees are properly trained on it. Therefore, the importance of providing information security awareness training cannot be understated. The goal of an awareness program is not merely to educate employees on potential security threats and what they can do to prevent them. A larger goal should be to change the culture of your organization to focus on the importance of security and get buy-in from end users to serve as an added layer of defense against security threats.
Once you have buy-in from employees, your focus can turn to ensuring they get the necessary information they need to secure your business.
An effective disaster recovery strategy cannot be acheived by checking a box. As you evaluate DR service providers, it is critical to ensure they have taken a variety of possible disaster scenarios into account and are utilizing best-of-breed infrastructure to power DR operations. Below is a quick DR infrastructure checklist to help you along in your planning (or click here to read our complete Essential Tech Guide for Hedge Funds).
Ensure your DR provider has redundant network equipment
Consider using multiple network providers; Some colocation facilities have over 30 network providers for maximum redundancy
There should be multiple sources, ideally sourced from different power grids
Are there backup power generators?
Is there onsite fuel to run those generators? You’ll want onsite fuel that can last a few weeks.
Many building tenants have a daily interaction with their building’s management. The interaction may be a friendly “good morning” or “goodnight”. Perhaps you’re on a first name basis with some of the front desk employees. Typically, that is where the relationship ends, and if so, that can potentially lead to some issues in the future.
Being able to quickly communicate and respond in the case of an emergency or interruption can make a big difference to building management and tenants alike. Additionally, having each other’s contact information can be extremely helpful during regular business hours, as well as, off-hours or holidays and weekends.
During regular business hours, building management has several options to notify tenants. Depending on the type and severity of an emergency, facility management may choose to utilize passive notification, such as email, or they may use more aggressive notification like public announcement (PA) systems or alarms. While alarms and PAs might help grab the attention of tenants, they aren’t the most effective tools to communicate long or detailed messages. Even planned drills, such as fire drills during regular business hours, are not fool-proof. During this commotion, it may be difficult to locate members of building management and even harder to efficiently communicate.
We’re in Hurricane Season so let’s look at some best practices to ensure you and your employees are prepared for the unexpected. Remember, these four Eze Tech Tips are great for the next Snowmageddon too.
Want more Disaster Recovery Tech Tips?
Here are your options:
Business continuity planning. Disaster recovery. BCP. DR. You know the terms. You know investors are looking for them. But do you know what the real differences are between them?
Business Continuity Planning and Disaster Recovery have the same goal: to implement procedures that will enable a business to recover in the event of a disaster or disruption. But each has its own focus. Business Continuity Planning revolves around people. A hedge fund business continuity plan should identify the steps necessary to get operations up and running as it relates to business functions and personnel. BCP plans usually identify mission-critical services, communication strategies, employee recovery procedures and training methods.
Disaster Recovery Planning is directly related to the technology and infrastructure that supports business operations. In developing a disaster recovery strategy, hedge funds typically examine what applications and services they have in production and which ones are mission-critical. File shares, email, accounting and trading applications and voice capabilities are often the first that come to mind, but firms should evaluate which are most essential to them. The two most important factors associated with disaster recovery planning are the recovery point objective (RPO) and the recovery time objective (RTO).
People take vacations. Companies don’t.
Hedge funds, just like most financial firms, need staff to run their technology, handle special projects, build (and manage) complex applications and of course execute core business activities. But in many cases it is not realistic or cost-effective to keep everything in-house. Enter outsourced staffing.
Outsourced staffing options for hedge funds abound. So let’s take a look at five common outsourcing practices. If you want to learn about other areas to outsource your hedge fund's technology, read our Manager's Guide to Outsourcing here.