ECI Blog Thu, 21 Aug 2014 06:08:48 -0400 en-US <![CDATA[Philanthropy Plunge: Eze Castle Takes the ALS Ice Bucket Challenge (Video)]]>http://www.eci.com/blog/15699-philanthropy-plunge-eze-castle-takes-the-als-ice-bucket-challenge-video.htmlTue, 19 Aug 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15699 Unless you've been living under a rock for the last few weeks, you've probably seen a slew of videos on your Facebook or Instagram news feeds featuring your friends and family members dumping buckets of ice over their heads. To what end?

The Ice Bucket Challenge is sweeping the nation and simultaneously raising awareness and money for amyotrophic lateral sclerosis (ALS) – also known as Lou Gehrig’s disease. Pete Frates, a 29-year-old Boston-area man and former baseball captain at Boston College, is credited with leading the charge and challenging his friends to pour ice over their heads. The challenge took off in the Boston area and quickly went viral across the country and even globally. Celebrities are now accepting the challenge as well – and everyone from Justin Timberlake to Taylor Swift to Mark Zuckerberg have participated.

But beyond filling your news feeds with entertaining videos, the ALS Ice Bucket Challenge is also succeeding at spurring significant donations. As of this week, the ALS Association said it has received $15.6 million in donations since July 29 – compared with just $1.8 million during the same time period last year. We noticed many of our employees here at Eze Castle Integration were brave enough to accept the challenge, and we applaud them for raising awareness for such a worthy cause. We’ve created a short compilation below to highlight some of our amazing employees as they take the ALS Ice Bucket Challenge.

If you would like to join the cause, you can support ALS research and make a donation at www.alsa.org or www.petefrates.com. You can also read more below about how Eze Castle Integration and its employees make philanthropy a priority:

]]>
<![CDATA[Putting the Smart in Smartphone Security: Six Consumer Tips]]>http://www.eci.com/blog/15698-putting-the-smart-in-smartphone-security-six-consumer-tips.htmlThu, 14 Aug 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15698 Mobile devices have transformed the way we manage our everyday lives: from how we track our bank accounts, to interacting with friends and family to booking travel, and so on. Everything you need is at your fingertips, but are you taking the proper security measurements to protect your device? Below are a few tips to help keep your smartphone’s data safe.

  1. Set a Password: When you do not set a password to lock your phone, anyone who obtains possession of the device has instant access to all of your apps that automatically log-in upon launching. This is a simple security measure to take and yet, according to Consumer Reports' annual State of the Net Survey, only 36 percent of smartphone owners have a passcode. From a business use perspective, any device that accesses corporate email or networks should have a complex password and be managed by mobile device management tools such as AirWatch or Good Technology.

  2. Mobile Security Apps: Looking to the future, we expect the adoption of mobile device security apps that provide anti-virus, privacy and anti-malware protection to increase. And for good reason. According to the June 2014 McAfee Labs Threat Report, mobile malware has increased by 167 percent in the past year alone. Companies such as AirWatch aim to ensure your enterprise mobility deployment is secure and corporate information is protected with end-to-end security.

  3. Physical Security: Consumer Reports projected that approximately 3.1 million American consumers were victims of smartphone theft. Keeping your device in a zipped pocket, secure bag or within close proximity to your body helps reduce the risk of losing or having your phone stolen. Leaving your phone in plain view (e.g. beach blanket, park bench, etc.) increases these risks and may cost you an expensive afternoon. Also, business devices should have the capability to be remotely wiped to ensure confidential data or network access does not fall into the wrong hands.

  4. Backup and Secure Your Data: You should backup all of your smartphone’s data - for example, your contacts, photos and documents. This data can be stored on your computer, on a storage card, or in the cloud.

  5. Only Download Apps from Trusted Sources: Research apps before installing them to confirm legitimacy. Users can do so by checking the app publisher, seller and reviews, as well as comparing the app sponsor’s website with the app store link to confirm consistency.

  6. “Find my Phone” App: In the event that your device goes missing, having set up this iPhone app in advance can help you locate the device from your browser. When signing into the app, a map will appear which pinpoints your device’s location and also gives you the options to call, lock and even erase your phone.

In conclusion, the use of common sense and security measures can help mitigate the risk to your mobile device’s data. At Eze Castle Integration we regularly work with hedge funds and investment firms to create mobile security policies that make end-users happy by giving them device-freedom while keeping corporate data safe and secure.

Additional Articles:

]]>
<![CDATA[FCA to Financial Services Firms: Social Media Promotions Require #Ad Compliance]]>http://www.eci.com/blog/15696-fca-to-financial-services-firms-social-media-promotions-require-ad-compliance.htmlThu, 07 Aug 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15696 Hedge fund marketing and advertising has greatly evolved in the past few years, both with regulatory changes taking effect (in the US, the JOBS Act now allows public advertising) and new forms of media emerging, particularly social platforms such as Twitter, Facebook, LinkedIn and YouTube.

In the UK this week, the Financial Conduct Authority (FCA) took steps to further regulate how financial services firms market to consumers by launching guidance consultation on social media usage. As evidenced by FCA Director of Supervision Clive Adamson, the consultation is intended to ensure financial promotions on social media platforms protect consumers and are disseminated in a way that fairly balances both benefits and risks:Social Media Apps

“The FCA sees positive benefits from using social media but there has to be an element of compliance. Primarily, what firms do on social media must ensure customers are at the heart of their business. Our overall approach is that financial promotions, whether on social media or traditional media, should be fair, clear and not misleading. We have had extensive industry engagement on this issue and we believe our guidance is a sensible approach that doesn’t affect industry’s ability to innovate using new forms of media. We recognise social media are constantly evolving. We, therefore, welcome feedback to [the] consultation and look forward to continuing the discussion with industry.”

The FCA is currently soliciting opinions and advice from financial services in regards to social media promotions. At this time, however, they are encouraging firms to practice the following:

  • Identifying promotions: Firms should clearly identify product/service promotions as such; one accepted method, especially for character-limited media, is the use of #ad within the post

  • Stand-alone compliance: Each communication (i.e. a tweet, Facebook post, etc.) needs to be considered individually and comply with all relevant rules.

  • Risk warnings: Certain product/service promotion may require the use of risk warnings or other required statements under law.

  • Image vs. text: Consider using image advertising in place of limited character opportunities, but remember risk warnings and other pertinent information cannot appear solely in the image.

This week’s guidance could develop into official policy changes to the FCA’s initial guidance on the use of social media, first published back in 2010. At the time, the FCA (it was then known as the Financial Services Authority) released guidance regarding the use of “new media” channels for promotions. The regulator had conducted a review of social media pages operated by a variety of financial companies and determined many firms were not taking proper compliance rules into consideration and should evaluate whether social platforms were appropriate for promotions.

The big question seems to be whether a firm can adequately disseminate the risks and conditions associated with a promotion or sale of services via a social media outlet, particularly one with character/time restrictions. Twitter’s unique platform, for example, only allows 140 characters. Vine, the video sharing service, limits uploads to six-second clips. The FCA has an overarching strategic objective of ensuring the relevant markets function well. To support this it has three operational objectives: "to secure an appropriate degree of protection for consumers; to protect and enhance the integrity of the UK financial system; and to promote effective competition in the interests of consumers."

For more information on the FCA’s social media guidance consultation for financial services firms, click here.

More Resources on Financial Firms and Social Media Usage:

UK Social Media Guidance Webcast

]]>
<![CDATA[Cloud Computing: The Growing Competitive Advantage for Hedge Funds]]>http://www.eci.com/blog/15694-cloud-computing-the-growing-competitive-advantage-for-hedge-funds.htmlThu, 31 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15694 The competition amongst firms in the financial services industry is ever burgeoning, and in order to achieve differentiation, it is imperative for firms to create and maintain robust, manageable, scalable and reliable technology infrastructures. Increasingly, we’re seeing more than just emerging managers opting for a cloud solution and established hedge funds and alternative investment firms shifting gears from traditional on-premise IT infrastructures to cloud services.

If you missed our webinar yesterday on Why the Billion Dollar Club is Going Cloud, read our recap below or scroll down to watch the full webinar replay, featuring Eze Castle’s Managing Directors Bob Guilbert and Vinod Paul.

The Business Case for the Cloud: Why Established Firms are Making the Move

Why the Billion Dollar Club is going CloudAcross the industry, established firms that have been in business for several years are moving away from physical infrastructures and adopting the cloud. Traditionally, investment firms would allocate substantial capital budgets to build on-premise Communication (Comm.) Rooms. These cost-intensive infrastructures can take months to build out, and specific expenses can vary depending on a firm’s unique needs. For example, at minimum, investment firms require file services, email capabilities, mobility services and remote connectivity, as well as disaster recovery and compliance. Beyond those, many firms also require systems and applications such as order management systems (OMS), customer relationship management tools (CRM), and portfolio management or accounting packages.

To run all of these systems and build out an on-site Comm. Room (with proper power, cooling and connectivity requirements), firms will spend upwards of $200,000 to $300,000. With the cloud, those upfront capital costs are no longer a concern.

Beyond moving firms from a CapEx to OpEx model, the cloud also allows firms to reduce their spend on additional technology expenses such as software licensing, hardware upgrades and technology infrastructure refreshes, and rudimentary patch management.

The Right Time: When Established Firms are Making the Move

Although no two firms are identical, we believe the following three scenarios are key triggers for firms to go to the cloud:

  1. Office Relocations

  2. New Applications

  3. Technology Refresh

Read more about when firms typically opt to make the move to the cloud here.

The Cloud Advantage: Architecture, Access, Operations

For most financial services firms, IT services and resources are managed at an offsite data center, typically situated in a more cost-effective location rather than a high-rent office building (think New Jersey, not Midtown Manhattan). Cloud service providers use a similar architecture for the cloud, but offer the following additional advantages:

  • Rapid Provisioning: Adding resources to the cloud (storage capacity, computing resources, etc.) is much quicker than with on-premise environments.

  • Consistent, Guaranteed Performance: Providers enforce strong service level agreements and employ robust monitoring tools to ensure the operating environment remains optimal for users.

  • Professional Management and Operations: The cloud helps to solidify IT processes (e.g. adding/removing users) and moves the burden of management and monitoring to a third party, allowing internal users to focus on higher-level projects.

  • Application Support & Integration: Professionally-managed private clouds can generally support a wide variety of applications and integrate them seamlessly onto one environment (something not easily achieved with public cloud platforms).

The Cloud Advantage: Stronger Security, Lower Risk

One of the most important considerations for firms is risk mitigation, specifically when it comes to cybersecurity. Due to the increased emphasis that the U.S. Securities and Exchange Commission (SEC) is placing on security mechanisms, hedge funds and investment firms operating in today’s environment are often turning to cloud providers to leverage their robust networks and infrastructures.

A first-rate cloud provider can create a level of security that only the largest financial firms in the world can afford to implement, manage, and maintain. From the careful implementation of best practice principles and procedures to comprehensive auditing to enforcing robust authentication methods, rapid deprovisioning, 24x7 monitoring, vulnerability testing, and strong physical security methods with biometric access, and more – the cloud provider bolsters and fortifies a hedge fund’s security and offers a level of comfort that investors are desperately seeking.

Watch the full replay from our webinar, Why the Billion Dollar Club is Going Cloud, below.

Additional resources you might find valuable:

]]>
<![CDATA[FATCA: What You Need to Know About Tax Compliance]]>http://www.eci.com/blog/15693-fatca-what-you-need-to-know-about-tax-compliance-.htmlTue, 29 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15693 We’ve seen the face of the financial services industry change dramatically over the last few years, with emerging technologies, investor transparency demands and growing competition fueling firms to assess their operations and focus on the health and success of the overall business. But perhaps beyond any of these trends, the focus on industry regulations and compliance efforts may be the most significant in changing the way financial services firms do business.

FACTA and YouThis year alone, we’ve seen regulatory initiatives dominate headlines and leave firms scrambling to comply, notably the SEC’s cybersecurity guidelines released this spring and the official implementation of the Alternative Investment Managers Fund Directive (AIFMD), which went into effect last week. Also becoming official this month is the Foreign Account Tax Compliance Act, or FATCA, which requires U.S. persons to report financial accounts held outside of the United States and financial institutions (notably banks) to report foreign financial accounts and clients who hold foreign assets.

To identify non-compliance, the Internal Revenue Service is requiring financial institutions with foreign entities and foreign financial institutions (FFIs) to disclose information about U.S. clients with balances over $50,000. The law threatens a steep 30 percent withholding tax on payments for non-compliant FFIs.

There is also a significant cost for firms to implement compliance procedures and reporting standards to meet the legislative requirements of FATCA. It is reported that implementation costs average between $100,000 and $500,000 depending on firm size and are expected to amount to roughly $8 billion USD a year for financial institutions alone (not including costs to the private sector, IRS and foreign entities).

The FATCA law was written more than four years ago – back in 2010 – but went into effect on July 1, 2014. The good news for institutions making an effort to comply with FATCA is the IRS recently issued Notice 2014-33 that this year and 2015 will be a transition period for reporting and due diligence. The IRS will not enforce FATCA requirements on firms striving to meet regulations (account opening practices and procedures) but will not provide relief to entities making no effort.

Preparing for FATCA involves the entire organization’s (operations, technology, risk, legal, and tax) involvement for successful compliance. After registering FFIs or foreign entities, the steps to consider include:

  • Investigating and determining if current clients are a “US person” (this includes US citizens who live abroad) and implement new rules and procedures for new accounts

  • Developing a team (legal, tax, IT, project management) to integrate the new legislative requirements

  • Completing a gap analysis to recognize what systems and procedures need to be updated

  • Creating and implementing a plan to put new systems and procedures into place

  • Considering a third-party service provider for their expertise of FATCA’s rules and regulations

FATCA compliance will require client information to be up to date and be available electronically for reporting; new policies, procedures, and system technologies may be vital to maintaining compliance. Despite the “transition period” currently in place, firms should be taking active steps to implement the necessary requirements to meet FATCA compliance standards and ensure business operations are not negatively impacted from a cost or regulatory perspective.

Hedge Fund Outsourcing Guidebook

]]>
<![CDATA[Data Destruction Basics: Why Deleting Your Hedge Fund Data Isn't Enough]]>http://www.eci.com/blog/15692-data-destruction-basics-why-deleting-your-hedge-fund-data-isnt-enough.htmlThu, 24 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15692 Your hedge fund's information security plan likely includes details on where information is stored, how it is accessed and who it is accessible to. But a critical component of this security plan often overlooked is how and why data is destroyed when it is no longer needed. Including data destruction procedures in your hedge fund's Written Information Security Policy (WISP) or as a separate document is vital to ensuring your firm’s sensitive data and intellectual property does not fall into the hands of the wrong people. Unfortunately, in today’s technology-driven, cyber-aware environment, simply hitting the delete key is not enough.Destroyed Hard Drive

There are a few different scenarios that may warrant secure data destruction maneuvers:

Your methods and policies for secure data destruction may vary according to the above scenarios, or they may be standard across the firm. Your hedge fund should also consider if there are any regulatory implications. Do you need to maintain/archive data for a prescribed period of time in order to comply with state, federal or other compliance or auditing standards?

In any case, you’ll want to consider a variety of methods in the beginning to ensure your firm’s confidential data (e.g. investment portfolio, investor contact information, etc.) is securely destroyed, preventing unwanted breaches or thefts. Consider the following as you evaluate what makes sense for your firm:

Physical Destruction: Disk shredding, crushing or melting are common techniques. This method can be effective for a hedge fund's on-premise equipment, however, does not necessarily apply when using the cloud – as in most cases, firms are leveraging physical equipment owned by the cloud services provider. Paper shredding is the most common method of destruction for hardcopy documentation.

Encryption: If you choose not to destroy data through any particular means, you can take steps to ensure, if it is obtained by any unauthorized parties, it cannot be accessed or at least easily understood without the proper encryption key.

Degaussing: This is “the process of decreasing or eliminating a remnant magnetic field.” Degaussing is often the preferred method for firms looking to purge highly sensitive data, as it does not leave open even the remote possibility of recovery. The equipment storing the data, however, becomes collateral damage with this method, as it will be destroyed right along with the information.

Overwriting: In many cases, firms choose to overwrite old data with new information, making it difficult, at best, to locate or recover.

With the emergence of cloud services, concern has grown over data destruction methods and the level of destruction firms employ to eliminate data. Whether you are ending a relationship with a cloud services provider altogether or migrating your information to another platform, ensure there are written contracts in place to protect your data throughout the process. The vendor you are severing your relationship with should also provide a certificate of destruction to validate that any company data or information is no longer accessible to them.

Also, don’t forget about mobile devices. Many firms now employ BYOD programs, which give employees the option of using their personal smartphones and devices to run corporate software and email. As a firm, be sure you’re including mobile devices in your data destruction policies and are clear with employees on what happens to their data and devices in the event they leave the company. Many employers require users to sign contracts giving the firm permission to remotely wipe devices if employees are terminated or sensitive company data needs to be moved or transferred elsewhere.

As a final thought, we encourage firms to think through the risks of undestroyed data as they are developing and modifying their information security and data destruction policies. With cyber hackers seemingly everywhere and disgruntled employees bound to emerge, it is critical hedge funds take all measures to ensure sensitive company and employee data is protected while needed and eliminated when not.

Read on to learn more about best practices for information security:

Cybersecurity Whitepaper 2014
Photo Credit: Wikimedia

]]>
<![CDATA[Does the Network Powering a Cloud Matter? Watch and Learn]]>http://www.eci.com/blog/15690-does-the-network-powering-a-cloud-matter-watch-and-learn.htmlThu, 17 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15690 We are excited to debut our newest video that explains why the network powering a cloud service matters and should be evaluated closely.

As background for why we created this video, in today’s interconnected financial world, investment firms have global interests and a global presence, making fully on-premise IT infrastructure a way of the past. Cloud service providers have a variety of capabilities, each designed to serve a specific set of needs, which makes it crucial for businesses to critically evaluate the network behind a cloud and what it can deliver. Not all clouds are created equal.

Our ECI Link Financial Network is a global private cloud network built for the financial industry. With data centers in the US, UK and Asia, it enables organizations to efficiently leverage a single provider for all their global infrastructure needs.

Now on to the video -- let us show you why ECI Link is THE single converged network built to power today’s buy-side firms' trading operations.


]]>
<![CDATA[IT Security Dos and Don'ts to Live By]]>http://www.eci.com/blog/15689-it-security-dos-and-donts-to-live-by.htmlTue, 15 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15689 IT Security Dos and Dont'sWe spend a lot of time educating our clients about security best practices and encouraging them to implement comprehensive security policies and procedures to mitigate risk and protect both the firm and its employees. And for good reason. Just today, New York Attorney General Eric Schneiderman released a report stating data breaches across the state more than tripled from 2006 to 2013 and cost businesses more than $1.37 billion last year alone.

While companywide policies should reflect long-range expectations and corporate best practices, they should also include tactical recommendations that employees can follow to ensure they are complying with the company’s overall risk strategy. In addition to providing employees with security best practices they should follow, don’t forget to also include a list of actions they should not. Here are just a few pieces of advice we regularly offer our investment firm clients:

DO:Check Mark

  • Lock your computer and mobile phone(s) when you leave your desk and/or office

  • Use care when entering passwords in front of others

  • Create and maintain strong passwords and change them every 60-90 days (We recommend a combination of lowercase & uppercase letters and special characters)

  • Change your password immediately if you suspect that it has been compromised

  • Report suspicious activity to the IT team/CSIRT to help minimize cyber risks

  • Protect personal computers and devices with anti-virus software when working remotely

DO NOT:

  • Allow others to use your login ID or password

  • Use the same password for every applicationX Mark

  • Store passwords on a piece of paper or other easily accessible document

  • Open email or attachments if the sender is unknown or suspicious

  • Provide information such as login IDs, passwords, social security numbers, account numbers, etc. via unencrypted email

  • Leave your laptop or mobile device unattended while in a public place. Lost or stolen equipment, including mobile devices connected to corporate network, should be reported immediately

  • Keep open files containing personal or confidential information on your desks or in an unlocked file cabinet when away from your office/desk

  • Install unauthorized programs on your work computer

  • Plug in personal devices without permission from IT

For more security best practices and tips, check out these other articles:

Cybersecurity Whitepaper

Photo Credits: Wikimedia Commons

]]>
<![CDATA[Persistent Automation for Fund Management: The New Reality, Part 2]]>http://www.eci.com/blog/15688-persistent-automation-for-fund-management-the-new-reality-part-2.htmlThu, 10 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15688 Following is the second part in a two-part guest post from Branden Jones, Global Head of Marketing at Liquid Holdings Group, Inc. based in New York, NY. To read Part One, click here.

In this age of data management—this new state of cross-office functionality—operational models must be able to house, curate, and level-off information sets as they happen. Funds must not only actively manage a growing universe of market data but also tackle performance reporting, risk projections, disaster planning, and partitioned client data.

To successfully, and simultaneously, manage these activities, funds must have a data operational model that supports automation, where it makes sense:

  • Continuous processing, as an underlying system
  • Consistent normalization, across the board
  • Historical, since inception view
  • Defensive measures, to protect the operation

Processing

Advice for hedge fund managersReal-time, continuous actions are the new normal in today’s hedge fund reality. Funds are expected to understand, identify, and take advantage of opportunities as they occur. However, from a data standpoint “real-time” is only a point on a larger continuum of activity that occurs when a participant observes or captures a single event in time. Continuous processing is the underlying current that accepts and captures, or rejects data inflows and outflows. As pressures increase from both investors and regulators, managers should rely on continuous, automated services, processes, and technology to support their business, not only as a viewable segment, but constantly, throughout the lifespan of the fund.

Normalization

While the amount of data increased, the types of data and their origin/ sources have multiplied as well. That means that systems that previously could only recognize one or two sources, are now challenged with a more complex ferrying of information sets from counterparties, exchanges, fund admins, and primes. Normalization is the process that guarantees safe passage of these data packets, regardless of origin, as the data becomes available to converge with its intended destination(s) within the fund infrastructure. Consistent data, through consistent ongoing normalization, translates into accurate pricing and valuations for use in real-time and forward-looking portfolio management, as well as precision analysis and reporting for investors.

Historical

The need to investigate and utilize historical, security-level data unique to the fund is a key to the success of the business. Arming a fund with since-inception-data allows the manager to transform the most unique and granular drivers of past performance into the underpinnings of actionable, forward-looking initiatives across alpha generation, risk management, investor insights, and compliance.

Defense

While data trafficking, shaping, and viewing are relatively benign activities, when it comes to true data management, a fourth component is critical: the ability to uncover and recover from adverse events, and the greater protection of investor interests. A solid wall to prevent co-mingling of client data within an underlying architecture keeps critical, and proprietary, data safe. When it comes to planning for the unplanned, like adverse events both in the digital and physical worlds, automated services can provide the second life for a fund—without interruption. Cloud technology provides the best option for funds to house data infrastructures—not only providing secure and convenient access, but also virtual warehouses that are automated, back-up systems, shielding the business from any physical hardware environmental risks like earthquakes, floods, or outages. Thus, it’s not only important how data is managed but where it is managed.

To continue reading the white paper, please visit http://liquidholdings.com/whitepapers/newreality.html.

]]>
<![CDATA[The New Reality: Persistent Automation for Fund Management]]>http://www.eci.com/blog/15687-the-new-reality-persistent-automation-for-fund-management-.htmlTue, 08 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15687 Following is the first part in a two-part guest post from Branden Jones, Global Head of Marketing at Liquid Holdings Group, Inc. based in New York, NY.

This is the year for big data. Across industries, firms have unprecedented amounts of both public and private information sets – from user profiles and consumer habits to business outputs and proprietary algorithms. But access to data, or information at large, does not guarantee a valuable yield. Jonathan Shaw, managing editor of Harvard Magazine notes, “The [data] revolution lies in improved statistical and computational methods, not in the exponential growth of storage or even computational capacity.” Data is ubiquitous but not intrinsically valuable – it needs to be smartly processed, not just farmed.

For hedge funds, data processing is the quiet, invisible process that moves through the trade lifecycle—accessed from external entities like exchanges and brokers, modified and adjusted in execution, and at times, frozen in snapshots for an increasingly complex group of investors and regulators. More operational credibility and regulatory compliance is required than ever before, with increased scrutiny of the secret buy-side manna that goes along with it.

Smarter data management can be expensive and time-consuming as funds seek to keep up with regulatory, compliance, and transparency requirements while navigating through a sea of market opportunities. Good fund management starts and ends with precise, accurate data management. Truly taking advantage of data, and smarter computational methods, requires not only shedding the skin of outdated models, but categorically understanding a whole new data ecosystem, with new methods of processing, through selective automation and augmented observation. Once that new data ecosystem has been embraced, fund managers can spend their time mastering alpha generation and capital building initiatives.

Liquid Holdings - New Hedge Fund Reality

Lifecycle Convergence

While data management has historically been the purview of three separate functions (front-, middle-, and back-office), funds are now considering data inflows and outflows as simultaneous and holistic activities that not only govern market data and transparency capabilities, but also the capacity to be position-aware. This new viewpoint not only extends to in-house modifications, but will play an increasingly larger role amongst fund/service provider relationships. According to an Aite report from earlier this year, “…regardless of whether firms currently outsource or plan to outsource, the most common impressions of the benefits of using a single front- to back-office vendor for fund operations revolve around the attractiveness of holistic functionality, the expected contribution of a specialized vendor’s experience gained from other firms, and the vendor’s potential to better service clients.”

Essentially, funds are approaching operations as an ecosystem – instead of a train-like pipeline where only one train moves in one direction. The ecosystem houses converging cross-office data functionalities that are near-simultaneous activities, beyond the linear progression of the traditional lifecycle. Risk is moving to the front office. Portfolio management is constant. And compliance is everywhere. No longer do funds hand off a piece of paper from their trader(s), to the risk officer, over to compliance for the stamp of approval, call down to the floor to reconcile all activity, and then spend countless hours updating disparate systems and colleagues, and later investors, of the impacts on performance and risk. That is the pre-data model from the ‘80’s and 90’s – non-computational and hindered by actual human movement, where data moves in a single line, waiting in turn to be moved in and out of an outdated fund architecture by personnel who may or may not exist in today’s hedge fund reality.

The data map has changed – it’s time for a new hedge fund model.

Part 2: Be sure to come back to Hedge IT on Thursday, July 10 for the second part to this article, which examines the new data model firms should look to leverage: one that supports processing, normalization, historical and defensive measures. If you can't wait until Thursday, you can download Liquid Holdings' complete whitepaper, The New Reality, here.

Emerging managers series




















Photo Credit: Liquid Holdings

]]>
<![CDATA[What is a Security Vulnerability Assessment and How Does it Work?]]>http://www.eci.com/blog/15685-what-is-a-security-vulnerability-assessment-and-how-does-it-work.htmlTue, 01 Jul 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15685 One of the first questions on the SEC’s cybersecurity questionnaire for financial firms asks firms to "indicate whether they conduct periodic risk assessments to identify cybersecurity threats, vulnerabilities and potential business consequences", and if so, who conducts them and how often. Clearly the goal behind this question is to ensure that firms are taking a proactive approach to security. But what exactly does this risk assessment entail?

Here’s a quick overview.

The type of risk assessment typically associated with information technology and cybersecurity is an external vulnerability assessment. Essentially, this is the process of identifying and categorizing vulnerabilities related to a system or infrastructure. Typical steps associated with a vulnerability scan or assessment include:Cybersecurity Whitepaper for Download

  • Identifying all appropriate systems, networks and infrastructures;

  • Scanning networks to assess susceptibility to external hacks and threats;

  • Classifying vulnerabilities based on severity; and

  • Making tactical recommendations around how to eliminate or remediate threats at all levels.

As a best practice, Eze Castle Integration recommends that hedge funds and investment firms conduct external vulnerability assessments at least once per year. Many firms may opt for semi-annual scans, particularly if the firm’s technology environment is continually changing.

The true goal of the vulnerability assessment is to gauge the level of security a firm has in place to protect against external threats and cyber-attacks. Depending on the third party conducting the test, a firm may be ‘graded’ with a number or letter score or simply provided with a list of vulnerabilities and security recommendations. Here’s one example of a grading system associated with a vulnerability/risk assessment:

Excellent: The firm’s security exceeds industry standards and best practices, and overall the firm’s security was found to be in excellent condition with only minor, low-level security vulnerabilities discovered.

Good: The firm’s security meets accepted standards within the industry, and overall the firm’s security was found to be strong with only a few low and medium-level security risks identified.

Fair: The firm’s security is somewhat below current industry standards and moderate changes would need to be implemented to increase security and meet industry levels.

Poor: The firm’s security has significant deficiencies and is well below industry standard level. Major changes would need to be implemented to alleviate critical and high-level vulnerabilities and elevate the firm’s overall security program.

For any vulnerabilities identified as part of the assessment, a description of the risk would be included as well as any specific systems or networks affected and recommendations for how the firm can either remediate or alleviate the risk. Ultimately, these assessments and their corresponding documentation will serve to demonstrate a number of significant points:

A) that the investment firm is taking the SEC’s cybersecurity inquiry seriously and preparing for upcoming exams;
B) that investors can feel confident the firm is implementing policies and procedures to protect investor information and assets; and
C) that the firm is taking an overall proactive approach to security and business continuity.

Check out these other relevant resources:

Download Free Cybersecurity Whitepaper

]]>
<![CDATA[Tips for Tackling Your Financial Firm's Cybersecurity To-Do List]]>http://www.eci.com/blog/15684-tips-for-tackling-your-financial-firms-cybersecurity-to-do-list.htmlThu, 26 Jun 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15684 We continue to discuss cybersecurity with financial firms on a regular basis, and with the expectation that the SEC will start cybersecurity exams sometime around September, it’s evident that registered investment advisers are working diligently to answer the questionnaire and shore up internal practices.

To continue fostering education around this topic, we hosted two events last week dedicated to cybersecurity for hedge funds and other registered investment advisers. In case you missed them, you can read a brief recap of some of the key topics discussed or scroll down to watch our full webinar replay.

Cybersecurity a Hot Topic on State & Federal Level

By now, we all know the SEC has taken steps to assure that hedge funds and registered investment advisers put security mechanisms and practices in place to protect against cyber threats. SEC Commissioner Luis Aguilar said there is “substantial risk that a cyber-attack could cause significant and wide-ranging market disruptions and investor harm.” Even beyond the federal level, some states are chiming in on the cybersecurity front. Earlier this month, Massachusetts and Illinois acknowledged that they were polling investment advisers about their security practices, and that based on responses, state regulations could be impacted.

SEC Fundamental Concerns

eSentire: Must Have Security Considerations

According to Eldon Sprickerhoff, Chief Security Strategist at eSentire, the SEC’s cybersecurity initiative is designed to shed light on the following four fundamental concerns:

  • Day-to-day operations in a rapidly changing landscape

  • Detection and reporting of a cyber incident

  • Impact on cybersecurity of fundamental decision making

  • Expectations of executive oversight of this new risk category

Beyond Technology: Written Information Security Plans (WISP)

Question 2 in the SEC’s cybersecurity questionnaire states: “Please provide a copy of the Firm’s written information security policy.” In plain, bold letters, the SEC has announced that it expects hedge funds and other registered investment advisers to not only be implementing cybersecurity policies, but also to be documenting them. Administrative and operational steps are just as critical to a successful security program as robust, technology solutions.

As part of your financial firm’s cybersecurity WISP, we at Eze Castle Integration advise that firms investigate and answer the following questions (Note: this is not a comprehensive list):Cybersecurity Whitepaper

What is data and where is data located? Not all data is created equal. Is it encrypted? Is it on shared drives or stored locally?

How is data protected? Is it encrypted? If you’re sending investor information and it’s not encrypted, you put investors’ data at risk. Do you need to access a portal or some other website to access certain confidential information?

Who has access to information? Employees need access to the data necessary to complete their tasks. But beyond that - firms should be limiting what data employees have access to. It’s not about not trusting your employees, but more so about not trusting the technology behind those employees. The less data employees can get to, the less damage can be done via an internal breach or external hack.

What incident response procedures are in place? Odds are your firm has already suffered some sort of security incident – even if it’s as small as a malware attack. Firms need to identify what the business response will be to a variety of incident types. In what situations will investors, authorities, etc. need to be notified? Documenting these scenarios in advance will cut down on response times in real-life situations.

What are employees’ responsibilities? User training becomes key here. Employees should be responsible for security awareness, but businesses should also make it a priority to provide proper training and educational resources to everyone across the firm.

Technical Safeguards

On the cybersecurity technology front, financial firms should undertake employing the following technical practices to mitigate security risks:

  • Penetration testing

  • Vulnerability assessments

  • Firewalls

  • Audit & logging

For even more information on the technical and operation safeguards investment firms should implement to protect against cyber threats, watch our full webinar replay below featuring speakers from Eze Castle Integration, eSentire and Maloy Risk Services.

Other Cybersecurity Resources You Might Find Helpful:

]]>
<![CDATA[When Billion Dollar Hedge Funds Make the Cloud Move]]>http://www.eci.com/blog/15683-when-billion-dollar-hedge-funds-make-the-cloud-move.htmlTue, 24 Jun 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15683 Timing is everything. Last week we released a new whitepaper, Why the Billion Dollar Club is Headed to the Cloud, and shared an excerpt here on Hedge IT about why hedge funds are making this move. Today, to entice you to download the full paper, we'll share WHEN firms are making the cloud move.

WhitepaperFor newly emerging investment firms, the choice to adopt a cloud-based architecture is an easy one. Few firms have a business model where an in-house Comm. Room makes strategic or economic sense. But what about established firms that have been in business for several years and have invested millions of dollars in infrastructure? When is the right time to make a move?

Opportunities and timing will vary, but generally speaking, the following three scenarios represent ideal inflection points for moving to the cloud:

Office Relocations

This is an ideal time to switch to the cloud. Many companies are understandably reluctant to take on the expense of moving a massive, expensive, and often outdated infrastructure to a new location – particularly if the company expects to phase out certain portions or components in the following 24-36 months. In such cases, migrating to the cloud before relocating offices can be a smart move.

New Applications

Larger firms with larger application portfolios often find that a transitional strategy is best. Abrupt migrations to the cloud can be disruptive. In those instances, financial firms find that new applications can start in the cloud – no subsequent migration needed. And those deployments are faster. While few IT portfolios will see 100 percent turnover in the short term, this strategy can simplify any migration of on-premise apps to the cloud by minimizing the work required when the company finally makes its move.

Technology Refresh

Similarly, many firms find that when the time comes to update infrastructure or upgrade applications, that inflection point represents an excellent opportunity to perform a cost-benefit analysis. In most cases, firms find that initiating a cloud migration for that particular component of the IT portfolio is the best choice. And since either choice introduces change, there’s no added burden to making that transition. What’s important to note is that, for an established firm, migrating to the cloud is not an “all or nothing” decision. The pace and scope of the transition to the cloud can be custom-fit to the firm’s business/strategic needs.

Download the full whitepaper, Why the Billion Dollar Club is Going to the Cloud, HERE.

right time to go cloud image

]]>
<![CDATA[Why Billion Dollar Hedge Funds Are Going Cloud]]>http://www.eci.com/blog/15682-why-billion-dollar-hedge-funds-are-going-cloud.htmlThu, 19 Jun 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15682 Today we released a new whitepaper that looks at a growing trend we are seeing -- billion dollar hedge funds and investment firms moving to the cloud. Here is a sneak peak at the paper's content as well as a video interview with Bob Guilbert on why firms should read, Why the Billion Dollar Club is Headed to the Cloud.

It’s More Than Managing Money

Billion Dollar Club Goes CloudThere’s more competition in financial services than ever before. Every week, new and agile boutique firms sprout up, armed with proprietary models and the right technology foundation to compete – intensely – with the major players for billions of investment dollars. Firms of every size are competing to deliver broader ranges of increasingly exotic instruments, specialized funds, and high-performance investments that deliver competitive returns to investors whose demands and expectations continue to climb.

But when it comes to performance and success in financial services, there’s more to evaluate than just the hard numbers. Returns alone aren’t enough. Today, savvy firms know they need to deliver more. In a post-Madoff, post-2008 world, the SEC and FINRA – and investors as well – are scrutinizing all corners of the operation. There’s an increased focus on how operational risk is managed and how firms respond to greater demands for transparency. That means it’s more important than ever for firms to deploy and maintain robust, scalable, and secure technology infrastructures.

The Business Case for The Cloud: Why Established Firms Are Making The Move

Hedge Funds and CloudTraditionally, investment firms have allocated significant capital budgets – millions of dollars – to build out their own sophisticated Communication (Comm.) Rooms, which can take months to provision and bring online. There are servers to buy and install, software to license and configure, and voice/networks to deploy. And these infrastructures also require firms to recruit and hire expensive IT talent to manage and operate.

Increasingly, however, that model no longer makes good business sense for some firms. Today, cloud architectures are emerging as the dominant choice for computing infrastructures at investment firms of all sizes. With cloud computing, firms procure from a third party a scalable supply of computing, storage, and networking resources on a near-immediate basis without the upfront capital investments, delays, staffing requirements, or maintenance headaches. Funds can provision new servers in a few hours, scale up to meet short-term needs, and scale down when needs dictate. Best of all, that infrastructure is managed and protected 24x7 by dedicated professionals who focus solely on operating these services on a firm’s behalf.

Not surprisingly, many firms – including those with well-established in-house infrastructures – are making the move to the cloud for a variety of compelling reasons:

  • Predictable and Favorable Economics

  • Investor Transparency

  • World-Class Capabilities

Download the full whitepaper, Why the Billion Dollar Club is Going to the Cloud, HERE.

Need more convincing? Watch our video.


]]>
<![CDATA[What Happens to Your Firm's IT Team When You Go Cloud?]]>http://www.eci.com/blog/15679-what-happens-to-your-firms-it-team-when-you-go-cloud.htmlTue, 10 Jun 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15679 As your firm evaluates moving to the cloud – as most firms today will inevitably do – your list of priorities will likely include:

  1. Regulatory and investor impacthedge fund staffing

  2. Migration plans and operational effects

  3. Hardware disposal and infrastructure changes

But another critical business area your firm should put some thought into is the effect of the cloud movement on your internal IT department (assuming you have one). What exactly happens to a firm’s IT team once it moves operations into a cloud environment? Is there still value in maintaining an in-house staff?

The simple answer is ‘yes,’ but the day-to-day responsibilities for those staffers may not look quite the same post-cloud. With a fully managed service provider, everyday management is typically taken care of – leaving internal resources with a lot more time on their hands. But that doesn’t mean there’s no longer a need for an IT department. And it certainly doesn’t mean IT managers should be left to twiddling their thumbs. Here are a few long-term projects ideally suited for a full-time technology staff no longer bogged down by mundane software patches and licensing upgrades:

Cybersecurity programs. You’ve heard us say it before, but cybersecurity is the hottest topic in the investment industry right now. With the SEC providing an extensive questionnaire for registered firms to follow, it’s critical that firms take the time to assess their security practices and employ robust programs to not only meet SEC demands but also satisfy investors. Even if a firm chooses to leverage an outsourced cloud solution for their daily infrastructure (which may come with some inherent security features), any physical infrastructure that still resides on-premise at the firm would need to be protected. Beyond management of on-premise technology, hedge fund IT staffs should also be forward-thinking and address large-scale security initiatives and ensure the entire organization is involved in regulating and mitigating security issues.

Regulatory compliance. Outside of the SEC’s recent focus on cybersecurity, there are other regulatory issues firms should be sure to comply with. As part of a fund’s overall technology program, IT staffs should work with internal or external compliance experts to address any gaps the firm may have and ensure operations are in sync with existing regulatory requirements on state, federal and international (if applicable) levels. For example, on the international front, recent initiatives such as the Financial Conduct Authority’s Dear CEO letter and AIFMD should be on the radar for any affected parties.

Due diligence. Investor expectations are higher than ever, and technology has become one of the most critical components of the due diligence process. As technology service providers, we assist our hedge fund clients with DDQs on a regular basis and have seen an immense uptick in both the quantity of requests as well as their complexity. Investors are no longer satisfied with ‘checking the box’ responses. Internal CTOs and IT staffs can assist this process enormously and often work directly with investors in providing the necessary information to secure allocations.

Application integration. Hedge funds and investment firms who employ custom or in-house applications may look to keep IT staff on-site to manage not only integration but development of the application set being used.

Organizational support. To some, technology may seem like just another department within a business, but the fact is, IT is inherently linked to every aspect of an organization. As such, many firms continue to leverage internal staff to support operations and provide peace of mind to other employees within the office setting.

Despite the shift we are seeing firms make to the cloud, many funds today still look to leverage in-house technology experts and rely on them to assist with the aforementioned efforts and more. Moving infrastructure to the cloud is not a death sentence for an IT staff – merely an opportunity for firms to reevaluate priorities and reallocate resources to areas of the business most critical to the firm.

Additional Resources You Might Be Interested In:

Guide to Cloud Computing for Hedge Funds

]]>
<![CDATA[Hedge Fund Transformation, Part 2: Cloud, Communication & Control]]>http://www.eci.com/blog/15678-hedge-fund-transformation-part-2-cloud-communication--control.htmlThu, 05 Jun 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15678 In Part 1 of our Transformation of IT seminar recap, we shared what our expert panel discussed relative to evaluating outsourced solutions and leveraging technology solutions. Our panel included Vinod Paul, Managing Director, and Steve Schoener, Vice President, at Eze Castle Integration, John Budzyna, Managing Director, and Dave Messier, Director, at KPMG, Timothy Ng, Managing Principal at Clearbrook Global Services, Jon Anderson, Global Head of OTC Derivatives at SS&C GlobeOp and Sheldon Rubin, COO/CFO/CCO at S Squared Technology LLC.

Read on to see what our speakers had to say about the considerations for outsourcing, typical transformation challenges and more. You can also read Part 1 of the event recap or listen to the complete audio replay.

Q: Whether it's technology, compliance or another area of the business, firms ultimately need to decide if they are going to manage these areas internally or outsource to an expert vendor. How does a hedge fund determine what is the right solution for them and whether to outsource or maintain their own systems and operations?Hedge Fund Outsourcing

  • When considering internal operations vs. outsourcing, a firm must determine which option gives it the most control over the given process. The firm is not only considering outsourcing technology but also outsourcing control.

Q: Would you consider outsourcing a cure for uncertainty? Or does it add flexibility in a market swimming in infrastructural, regulatory and technological changes?

  • There is no true cure for uncertainty, but a firm can find economical ways of dealing with uncertainty as it comes. Regulations, for example, can play a part.

Q: Beyond technology, a firm also needs to rely on either in-house or outsourced personnel to take a firm through any of these so-called transformations. Obviously, in order to move from an on-premise technology infrastructure to the cloud, a firm would need to employ an experienced IT staff or leverage a cloud provider to make that migration. What skills and experience are needed for effective hedge fund operations and IT transformation?

  • The short answer is many skills and experiences. Team effort is important. Business skills are also critical: someone who is an expert in underlying business from the top down. That includes the larger perspective as well as intricate levels of detail. Communication is another critical skill.

Q: What are the typical challenges a firm faces while undergoing a transformation? Are there any recommendations you can make about how a firm can effectively navigate the transformation process?

  • Transformation, implementation or change of any kind can be overwhelming. It can be intimidating. One piece of advice is to take a large project and break it down into smaller, more manageable pieces. Firms should also put together a strategic roadmap of where they are and where they want to be. But don’t be married to that roadmap. Understand that things will change and adjustments will need to be made.

  • Another challenge can be overanalyzing problems. Sometimes getting a solution in place and fine tuning later can be more effective than waiting to find the optimal solution while in search of perfection.

Q: What are your final thoughts or forward-thinking predictions in terms of where we see firms going and what other transformations we can expect to see in the future?

  • The changing regulatory requirements have not increased the entry barriers for firms.

  • We have come a tremendous way in a short period of time. Old tried and true technologies are not going away with the emergence of new technology though. There are now just more (and better) solutions for firms to choose from – not a complete change in the industry, but ways to make firms more efficient and increase quality.

  • Firms should use technology to understand what the inherent costs are to running a portfolio.

  • There is widespread industry acceptance of outsourcing, and with the emergence of the cloud, there are certain front, middle and back office processes moving away from the core of the fund.

Here are some other resources on Hedge Fund Transformation you might enjoy:

Hedge Fund Outsourcing Guidebook

]]>
<![CDATA[WWDC 2014: The Latest and Greatest from Apple's Worldwide Developers Conference]]>http://www.eci.com/blog/15677-wwdc-2014-the-latest-and-greatest-from-apples-worldwide-developers-conference.htmlTue, 03 Jun 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15677

The annual gathering of Apple’s developers took place earlier this week in San Francisco, and top Apple execs Tim Cook, Phil Schiller and Craig Federighi took center stage to reveal what new products and features users can expect to see from Apple in the near future.

Before we get into the specific announcements from the Worldwide Developers Conference (WWDC), let’s talk numbers and take a look at what Apple has been up to as well as their growth as a company:

  • 9 million registered Apple developers (47 percent increase from 2013)

  • 800 million iOS-powered devices sold to date

  • 80 million Macs installed to date

  • 130 million new customers in the past year

  • 1.2 million apps currently available in the App store

  • 75 billion apps downloaded to date

  • 12% growth in the Mac market share (whereas PC has declined)

Now back to the WWDC. The event’s keynote speech delved deep into what Apple has been working on tirelessly for the last year and what users can expect to see at its annual fall release. Here is a breakdown of new features and key additions for Apple’s newest release: iOS 8.Apple Healthkit

Healthkit – There is a clear health and fitness focus in the latest software upgrade. Healthkit provides a composite profile of your favorite fitness apps and health information, similar to how Passbook organizes boarding passes, movie tickets and loyalty cards. Healthkit syncs your health-related apps into one convenient space. ‘Health’ is the primary app within the profile; it has the ability to track a wealth of information such as activity (steps), nutrition, heart rate, sleep, weight and blood pressure. It also integrates with third party applications, such as Nike.

QuickType – Apple has finally revealed that they are providing predictive typing, a feature already commonly used with Android products. QuickType will be able to guess your next words as well as adapt your language depending on who you are talking to.

Group Messaging – Group messaging is getting a serious facelift. The updated feature will allow users to: name friends, add and remove members, and permanently leave a thread. And, for the real winner, you can apply “do not disturb” settings at any time!

Homekit – This new platform allows users to control locks, doors, lights, cameras, thermostats, etc. with one central device. Apple has partnered with a variety of third-party vendors to make this possible.

Interactive Notifications – This feature will allow users to respond to notifications such as texts or Facebook messages while still remaining in the application currently in use. How? Simply pull down the notification window and easily respond to the pressing message at hand. Users will have the option to respond with text, picture, video or voice recording without interruption.iOS 8

Family Sharing – Six members of a family are now able to share iTunes purchases, including applications, music and movies, with one central credit card. This feature also gives access to linked members’ calendars, reminders and photos. Parents also have the ability to control children’s purchases because permission to purchase must be verified by the main cardholder.

Synced Photo Editing – iOS 8 will automatically sync your photos with iCloud to ensure that images are available across all applications. There are also new affordable iCloud plans:

  • 20 GB for $.99 per month

  • 200 GB for $3.99 per month

The iCloud Photo Library will also include new smart editing features that allow users to manually adjust multiple effects such as contrast, color, light exposure and more.

Overall, the results from WWDC 2014 are consistent in terms of the types of information Apple usually presents. Nonetheless, the features and additions they presented should continue to please their user base and help the company stay amongst the leaders in the smartphone market.

To stay up-to-date on other technologies, take a look at some other Hedge IT articles, including:

Contact an Eze representative


Photo Credits: 9 to 5 Mac, Apple
]]>
<![CDATA[Hedge Fund Transformation, Part 1: Evaluating Outsourced Solutions & Leveraging Technology]]>http://www.eci.com/blog/15676-hedge-fund-transformation-part-1--evaluating-outsourced-solutions--leveraging-technology.htmlThu, 29 May 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15676 Earlier this month alongside KPMG, we hosted a seminar in New York on “The Transformation of IT and Hedge Fund Operations.” We asked experts to examine the changes impacting hedge funds today and the future of this industry transformation. Our distinguished panel included Vinod Paul, Managing Director, and Steve Schoener, Vice President, at Eze Castle Integration, John Budzyna, Managing Director, and Dave Messier, Director, at KPMG, Timothy Ng, Managing Principal at Clearbrook Global Services, Jon Anderson, Global Head of OTC Derivatives at SS&C GlobeOp and Sheldon Rubin, COO/CFO/CCO at S Squared Technology LLC.

Below is a brief recap of the topics discussed during the lively event. To listen to the full audio podcast of the event, click here.

What do you see as the greatest transformation the hedge fund industry has undergone or is currently in the midst of?

  • There is more acceptance of outsourcing. Many firms are leveraging outsourced service providers for front office support, for example, and leaving their in-house departments to focus on the core business. Outsourcing

  • Many firms starting today don’t even consider building out a middle and back office – they immediately look to outsourcing. The quality and opportunities provided by outsourced service providers, including administrators, are much better than they have ever been before.

  • Third-party software and service providers continue to improve and many firms are attempting to fully integrate the back office as a result. With systems designed effectively, firms can yield benefits including reduced costs and increased efficiencies.

  • Allocators are being more frequently asked to take on the role of consultants and analyze underlying risks within fund portfolios – something many investors today don’t understand fully.

How do you see fund managers utilizing technology to address the call for greater portfolio transparency by institutional investors and consultants?

  • Investment firms are using technology to get a better view of the inner workings of the portfolio. Funds who utilize portfolio or risk software are often asked to provide risk metrics to investors. A fund should focus on getting the transparency, understanding it and translating it for the investor so that they are comfortable with any current or future allocations.

What are some opportunities for fund managers – particularly those with modest budgets – to leverage technology for strategic and/or operational benefit?

  • Firms should conduct a cost-benefit analysis to evaluate the importance of any implementation. If you can justify the effort needed to ensure a successful project based on the benefits outlined, it is a project worth moving forward.

How can emerging managers, in particular, cope with limited resources and personnel and still compete on an institutional level as well as meet the increasing amount of regulatory oversight and pressure?

  • One approach for emerging managers looking to compete is to avoid hiring internally for a variety of functions. Firms can outsource technology, back office, administration, etc. as long as the service providers are reputable and institutional-grade. If allocators can see that firms are set with due diligence, compliance and other services and are utilizing the high standards of a service provider, they will be more likely to invest with emerging managers.

What are some of the best ways to apply transformation or operational improvement efforts to such a rapidly-changing area, like compliance, for example?

  • The idea of operational improvement is a continuum: from incremental, tactical opportunities to transformational opportunities. Compliance tends to lean more towards the incremental side. There are many well-integrated, efficient solutions in the marketplace to satisfy needs relative to personal trading, securities, brokerage and execution, legal compliance, etc. Firms need to look closely at individual compliance needs and find a solution that will satisfy both the firm itself and investors.

Is there some particular pattern to when a firm undergoes the transformation process and goes from analyzing the problem to fixing the problem?

  • When struggling with a problem, you often reach a critical point where the complexity or volume of the problem has outstripped your capacity as a business. This is a critical situation. The problem might start to cause mistakes or money if not resolved. This is often a significant driver for change.

Be sure to come back to Hedge IT next Thursday, June 5, for more of our Transformation of IT recap! In the meantime, you might find these resources valuable:

Guide to Technology Outsourcing]]>
<![CDATA[Video: Hedge Fund Startup 101 Roundtable with the Hedge Fund Association]]>http://www.eci.com/blog/15671-video-hedge-fund-startup-101-roundtable-with-the-hedge-fund-association.htmlTue, 13 May 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15671 The following article is part of our Emerging Managers Insight Article Series. Read more articles from the Series HERE.

What are the keys to starting a hedge fund? How does an emerging manager ensure success in a constantly-changing world of legal and regulatory guidelines, increasing investor expectations and evolving technology platforms?

In order to answer these questions, Asset TV and the Hedge Fund Association recently gathered an expert panel for a video roundtable focused on hedge fund startups. Our own Managing Director, Vinod Paul, was featured on the panel, along with experts from The Kingdom Trust Company, Eisner Amper LLP, and Thompson Hine LLP. Watch the video below to learn more about a variety of topics important to new fund launches, including:

  • Custodial Needs

  • Technology Infrastructure Priorities

  • Compliance Concerns

  • Data Management

  • Dodd-Frank & Regulatory Requirements

  • Cybersecurity Concerns

  • Investor Expectations

To learn more about launching a hedge fund, check out some of our other relevant resources:

Articles for Emerging HF Managers

]]>
<![CDATA[Preparing for SEC Cybersecurity Exams: Webinar Recap & Replay]]>http://www.eci.com/blog/15670-preparing-for-sec-cybersecurity-exams-webinar-recap--replay.htmlThu, 08 May 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15670 Cybersecurity is one of the hottest buzzwords in the industry right now – but it’s also a serious concern for hedge funds and investment firms. So much so that the Securities and Exchange Commission has taken formidable steps in 2014 to assess the cybersecurity landscape and provide guidance to registered broker dealers and investment advisers around what policies and technical safeguards should be in place to protect them.Webcast: Preparing for SEC Cybersecurity Exam

With so much information being shared and so many industry changes around this topic, we asked our cybersecurity experts – Steve Schoener and Lisa Smith – to talk us through what’s happening in the world of hedge fund cybersecurity and provide direction for firms looking to comply with the SEC’s latest guidelines. Following is a brief recap of a webinar we held earlier this week doing just that. To watch the full replay of the event, click here or watch below.

Industry Update: How did we get here?

Before we dive into what expectations the SEC has for registered firms in regards to their cybersecurity practices, let’s first take a look at how we got to this point. Among the host of high-profile security incidents we’ve seen dominate the news of late, these few resonate the most:

  • Dec 2013: Target data breach results in customers’ personal data stolen

  • April 2014: Crytolocker ransomware holds data hostage

  • April 2014: Heartbleed vulnerability poses potential data exposure threat

  • April 2014: Internet Explorer vulnerability puts technology at risk, leaves PCs open to being hacked

As a result of these and other security concerns, the SEC has taken steps to ensure hedge funds and investment firms are prepared for the next incident. In a Risk Alert issued last month, the SEC announced it will perform examinations of at least 50 registered firms and also provided a lengthy sample questionnaire for firms to use as a guide in their preparations. The seven-page document addresses various aspects of a firm’s technical infrastructure and corporate policies and sets expectations that firms should meet a set of standard criteria in order to comply with the new guidelines.

A Sample Look at the SEC’s Cybersecurity Questions

To help firms gain a better understanding of what information the SEC is looking for within its request for information document, following are a few questions from the document and some helpful information for firms starting to draft responses.

Category: Identification of Risks/Cybersecurity Governance
Question: Please indicate whether the Firm conducts periodic risk assessments to identify cybersecurity threats, vulnerabilities, and potential business consequences. If such assessments are conducted: a) who conducts them and in what month/year was the most recent assessment completed? and b) please describe any findings from the most recent risk assessment that were deemed to be potentially moderate or high risk and have not yet been fully remediated.

If you’re not familiar with what exactly a risk assessment is, let’s start there. A risk assessment looks at a firm’s systems and data and evaluates the potential level of risk and impact to that firm if a security incident were to occur. We recommend risk assessments be conducted on an annual basis as well as in the event of major business changes (e.g. expansion, adding new applications, etc.). Third-party vendors, such as our partners at eSentire, are well-versed in conducting vulnerability assessments for financial services firms.

Category: Protection of Firm Networks and Information
Question: Please indicate if the Firm maintains a written data destruction policy.

Keep in mind that a data destruction policy does not only apply to electronic information. Your firm should employ a policy that addresses the destruction and/or removal of all data and records including, but not limited to, portfolios, subscription information, employee personnel files, hard drives, servers, and tape backup.

Another consideration to think through is what third parties your firm is engaged with and which of them have access to your company’s data or infrastructure. For example, if you are working with a cloud provider, there should be a contractual obligation on the part of that vendor to remove any client data and either destroy it or return it to the client in the event the relationship is terminated. With the cloud, obviously physical infrastructure is not destroyed, but firms should ensure their data is removed from the cloud environment if and when the client migrates off the platform.

Category: Detection of Unauthorized Activity
Question: Identify and explain how and by whom the following practice is carried out – identifying and assigning specific responsibilities, by job function, for detecting and reporting suspected unauthorized activity.

With this line of questioning, the SEC is looking to see that firms are putting thought into their cybersecurity preparations and assigning specific ownership to firm personnel. Firms should identify a person or team of persons to oversee policies and procedures around the firm’s security practices as well as to lead the charge in responding to any types of security incidents that occur. In many cases, this role is taken on by a Chief Technology Officer or Director of IT.

The Importance of Written Information Security Plans (WISP)

The most effective way for a hedge fund or investment firm to respond to the SEC’s examinations is with a written information security plan (WISP). A WISP is a carefully crafted document firms should create as a means to identify and implement both administrative and technical safeguards to protect a firm’s sensitive data and infrastructure. Key elements of a WISP include:

Administrative Safeguards

  • Define confidential data

  • How is it protected?

  • Where is it located? (Shared drives, emails, CRM systems, etc.)

  • Who has access? Do they have a business need?

  • Roles and responsibilities (Is there a person or team in place to manage this?)

  • Communication procedures (Who needs to be notified? e.g. investors/regulators)

Technical Safeguards

  • Assessment of technical safeguards (e.g. penetration testing, encryption software, etc.)

  • Evaluation

  • Implementation of additional safeguards, as necessary

As a final thought, firms should work with their internal IT staffs and/or outsourced technology providers to review the SEC’s questions and customize responses according to their specific infrastructure configurations and data requirements. In cases like these, unfortunately, one size does not fit all, and firms will find that their written information security plans will need to include detailed specifics relative to the firm.

Eze Written Information Security Plan ServiceEze Castle Integration’s WISP team is actively working with clients to respond to the SEC inquiry and develop comprehensive written plans to satisfy regulatory and investor demands. If you would like to learn more about Eze Castle’s WISP service or speak with a sales representative, please don’t hesitate to contact us.




Additional Cybersecurity Resources You Might Find Helpful:

]]>
<![CDATA[The Transformation of IT and Hedge Fund Operations]]>http://www.eci.com/blog/15668-the-transformation-of-it-and-hedge-fund-operations.htmlThu, 01 May 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15668 Regulatory oversight, competition for assets and investor due diligence concerns have left investment management firms with more pressure than ever to succeed. And technology innovations like the cloud have turned the traditional hedge fund operations model on its head. The questions remain: how do fund managers evolve in 2014 and meet the increasing demands of the financial services industry? And how do firms compete with the incoming crop of new launches that continue to emerge and vie for investor allocations?

The following presentation takes a closer look at these key transformations within the hedge fund industry and examines the shift firms are making from traditional, on-premise IT infrastructures to cloud-based platforms. It also highlights managed disaster recovery services and offers best practices for security in the cloud.

Take a look, and if you can, join us in New York on Tuesday, May 6 as a panel of experts discusses these topics and more at our Transformation seminar.

]]>
<![CDATA[SEC Outlines Cybersecurity Questions, Sets Magic Number at 50 Firms]]>http://www.eci.com/blog/15664-sec-outlines-cybersecurity-questions-sets-magic-number-at-50-firms.htmlTue, 22 Apr 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=15664 SEC Cybersecurity and logoThe SEC last week provided even more clarity into its growing focus on cybersecurity at broker dealers and registered investment advisers. A key takeaway in a Risk Alert issued on April 15, 2014, is that the Office of Compliance Inspections and Examinations (OCIE) will be conducting examinations of more than 50 registered broker-dealers and registered investment advisers, focusing on areas related to cybersecurity.

In order to help compliance professionals prepare and assess their firms’ responsive cybersecurity preparedness, OCIE has created a sample cybersecurity request document that outlines the types of questions firms can expect. OCIE is good to point out that these questions should not be considered all inclusive of the information that OCIE may request. OCIE will alter its request for information as it considers the specific circumstances presented by each firm’s particular systems or information technology environment.

You can find the Risk Alert and questions HERE.

Now What? Preparing for the SEC Cybersecurity Exam

The SEC was kind enough to provide a proverbial map of the directions it may take during a cybersecurity exam; now firms need to assess their internal processes and procedures as well as supporting technology. It is important to note that the SEC is just as interested in your Written Information Security Policy (WISP) as they are in your technology safeguards.

The areas the SEC outlined include:

  • Identification of Risks/Cybersecurity Governance

  • Protection of Firm Networks and Information

  • Risks Associated with Remote Customer Access and Funds Transfer Requests

  • Risks Associated with Vendors and Other Third Parties

  • Detection of Unauthorized Activity

  • Other: Identity theft red flags; Security breach incidents; Reported incident history.

Here at Eze Castle Integration, we are going through the questionnaire and beginning to work with clients to answer the various sections. Our WISP team is also on-call to begin the process of developing more comprehensive internal and external policies and procedures around security.

Your IT provider should be able to provide assistance, but policies and procedures are key too.

Cybersecurity Hedge Fund Report










]]>
<![CDATA[A Public Reminder on the Private Cloud Debate]]>http://www.eci.com/blog/1736-a-public-reminder-on-the-private-cloud-debate.htmlTue, 25 Mar 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=1736 Earlier this week, it was reported that Nasdaq was reconsidering its Amazon-based cloud product, FinQloud. According to the Financial Times, FinQloud has failed to gain significant traction in the marketplace amongst financial services firms including broker-dealers and exchanges. If Nasdaq pulls out of the deal with Amazon Web Services (AWS), it would be a major disappointment to Amazon, who is actively pitching AWS to large financial institutions and enterprises.

Whether the limited adoption of FinQloud is a sign of a product flaw or a larger industry trend, we feel it important to draw attention to a longstanding debate within the financial services industry – a debate that we’ve shared our thoughts on here on Hedge IT many times: public vs. private clouds. Public vs Private Clouds

It’s certainly possible that the slow adoption of FinQloud is a result of concerns over mass public cloud usage – a stern reality for many financial services firms who expect and demand that their critical applications and data be stored in a highly secure and available environment. Hedge funds and investment firms, in particular, cannot afford unexpected downtime, and unfortunately, we’ve seen several public cloud providers experience major outages in recent years. Just last week, Dropbox users logged in to find the service was unavailable, and Amazon and Google have both found their services in the headlines in recent years due to very large and public disruptions.

Security in the public cloud remains a bit of a question mark, as public cloud providers are still lacking in transparency and are less likely to disclose the specific security and compliance protocols that support their infrastructures. Particularly as regulatory bodies stress the importance of security measures in the world of heightened cybercrime (the SEC is holding a cybersecurity roundtable this week), it is imperative that investment firms leverage secure systems to power and protect their operations.

Service and support are also critical factors to consider when selecting a cloud provider. Hedge fund service providers have the experience and expertise to handle any IT issues that arise and are often available on a round-the-clock basis to meet the needs of their clients. Public cloud providers may have general support lines or customer service representatives available, but the odds that their expertise lies in financial services technology are slim. Any application or investment technology-related questions or problems would be easier answered by a provider whose business is designed to meet the industry’s unique demands.

To read more about the differences between public and private cloud environments and the considerations for each, take a look at some of our other resources:

Cloud Usage Survey Report: Download Now

]]>
<![CDATA[Finding Agility & Focus by Hosting Your Hedge Fund Applications]]>http://www.eci.com/blog/1735-finding-agility--focus-by-hosting-your-hedge-fund-applications-.htmlThu, 20 Mar 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=1735 Earlier this week, we hosted a webinar on the topic of application hosting in the cloud and featured our newest partner, Black Mountain Systems. Our speakers looked at the benefits firms can realize from hosting their hedge fund applications in the cloud as well as the future of cloud adoption. Let’s take a closer look at what was covered. If you’d like to watch the full event replay, click here.

Here at Eze Castle Integration, we see the adoption of cloud computing continuing to grow in a significant way, particularly among new startup firms. Realizing the operational and financial benefits of a cloud infrastructure, nearly 95 percent of new startup funds are opting to utilize the cloud. Existing firms are also shifting in this direction (though at a much slower pace), and we’re seeing on-premise infrastructure deployments starting to decline.

Firms can reap significant operational benefits from hosting applications in the cloud. For one, the cloud provider (and not the hedge fund) is responsible for management and maintenance of the infrastructure as well as managing upgrades and software procurement. There is a quicker turnaround time when firms need to add users or resources, and adding an application to an existing cloud platform becomes a much simpler process than dedicating servers and on-premise equipment. Another operational benefit is that firms who have existing technology staff can reallocate those internal resources and refocus their attention on higher priority areas of the business.

Application Hosting Webinar

From a financial perspective, there are no costs for the firm to incur relative to upgrades or maintenance, and in some cases with smaller firms, overall costs can be lowered as a result of application hosting or cloud adoption.

How Do I Choose a Cloud Service Provider?

Choosing who to work with to manage your firm’s cloud environment can be a daunting task. Here are a few key considerations to keep in mind as you go through the evaluation process.

Type of Cloud (Public vs. Private/Managed)

A public service provider provides the CPU, memory, and storage resources you need and gives you the control to build your application. But beyond that, you might not receive a whole lot from that relationship. A managed service provider (such as Eze Castle) delivers these essential building blocks but also provides staff and industry expertise to truly manage your firm’s infrastructure and resources.

Geography/Proximity

Consider where your firm’s offices are located and where you’d like to be in relation to “the cloud.” Firms engaged in high-frequency trading, for example, will benefit from low latency and therefore short distances to financial markets and stock exchanges. You should also consider the distance between your office(s) and cloud infrastructure and how the end user experience may be affected by said distance.

Quality of Data Center Facilities

Keep these factors in mind as you evaluate cloud providers:

  • Level of Operations/Support (Who manages the facility?)

  • Redundancy (Is it a N+1 configuration?)

  • Power/Cooling Resources (Are multiple power grids utilized to protect uptime?)

  • Certifications and Standards (Is it SSAE-16 certified?)

  • Security (Are there physical and digital security standards in place?)

Data Transit Options

Some clouds charge firms every time data is sent in and out of the cloud. This charge is based on the size of the data. Other providers offer a subscription service which allows for an unlimited amount of data to be sent in and out at a fixed monthly price. Depending on your transmission levels, one of these options may make more sense for your firm than the other.

Backup & Disaster Recovery

When it comes to protecting your firm’s critical data and infrastructure, you can never be too careful. Be sure to ask if backup and DR are included and where your data is stored. Are there limitations on restored data if a disaster occurs? What is the time frame to restore data to a secondary location?

Documentation and Transparency

Ensure your cloud provider is open and honest with you about both the cloud infrastructure and the processes that support it. Are Service Level Agreements in place and do they align with your business requirements? Can SLAs be revised if and when your business changes?

Trending to the Cloud

A recent report by CEB TowerGroup, expects the majority of applications will be delivered via the cloud in 2015 and “cloud adoption is potentially highest for post-trade activities, such as accounting, reporting and performance measurement.”

Here at Eze Castle, we see the movement to the cloud continuing, whether it be for hosting applications or full technology outsourcing. Either way, firms are shifting away from deploying costly infrastructure on-premise and leaning towards the operational and financial benefits the cloud offers.

To watch the full replay of our Application Hosting webinar, click here.

Guide to Cloud Computing

]]>
<![CDATA[Why are Hedge Funds Moving to Miami?]]>http://www.eci.com/blog/1733-why-are-hedge-funds-moving-to-miami-.htmlThu, 13 Mar 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=1733 What comes to mind when you think of Miami, Florida?

Beaches and sun, exciting nightlife, a popular Will Smith song. These are typical associations with Miami. How about finance? This might not be the first thought that comes to mind, but the city of Miami is hoping that will change. Miami is a major financial hub and growing, and according to the president of the Miami Finance Forum, it’s the second most concentrated financial hub behind New York City.

Currently home to over 60 international banks and 100 alternative investment companies, Miami and its busy Brickell Avenue has emerged as “Wall Street South,” and according to Forbes is luring many financial firms away from more traditional hubs such as New York and Greenwich, CT.

In 2013, the Miami Downtown Development Authority began an initiative to attract Miami Skylinemore hedge funds, investment firms, and family offices. In an effort to attract financial firms and encourage them to relocate or expand into the city, they have included one-on-one meetings and recruitment trips to the Northeast. The initiative is sparking interest, and inquiries into real estate are piling up. So why is the financial flock heading to Miami? Here are some of the key drivers we’re seeing:

  • Weather: The warm Florida weather is a natural attraction, and many fund managers often vacation and spend time in Florida during the winter months.

  • Location: The short distance between Miami and Latin America offers the perfect opportunity to expand into this emerging market. Latin America has a thriving investment community, and with direct flights to many Latin cities, Miami makes it easy to network and expand business opportunities.

  • Financial Incentives: Miami offers hedge funds and investment firms a variety of tax breaks including no individual income or estate taxes and only federal capital gains taxes.

  • Reduced Travel Costs: Many fund managers spend their winters traveling to investment conferences in the South. With permanent offices in Miami, managers can reap the benefits of reduced travel expenses.

At this point, all signs point to growth in Miami continuing for the financial industry.

Whether your firm is relocating to Miami or moving to a new office down the street, don’t forget there are a host of project management-related considerations. Here are some additional resources to review before your project commences:


Photo Credit: Flickr

]]>
<![CDATA[Microsoft XP Extends Antimalware Support, Cybersecurity Concerns]]>http://www.eci.com/blog/1732-microsoft-xp-extends-antimalware-support-cybersecurity-concerns.htmlTue, 11 Mar 2014 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=1732 Back in October of last year, we learned that Microsoft was ending support for its XP operating system – a move that would force users to upgrade to its more current software. Fast forward to today, and more than 29% of PC users are still using XP (according to NetMarketShare). In an interesting move, Microsoft announced recently that it will continue to provide updates to its antimalware signatures and engine for Windows XP users through July 14, 2015. Microsoft did caution that its research shows that the effectiveness of antimalware solutions on out-of-support operating systems is limited.

But why?Windows XP End of Life

We can assume this is a move at least partly fueled by slow adoption of software upgrades, based on the figure NetMarketShare has provided. Beyond private PC users, however, there may lie an even greater reason for extending security support. Reports suggest that more than 90% of ATMs across the United States are operating with Windows XP – a potentially crippling situation if hackers were able to breach the operating system. Last year, “a high-profile criminal group in Europe took advantage of a security vulnerability in XP that allowed them to use flash drives to infect ATMs with malicious software, emptying the machines of cash one-by-one. Researchers estimate that they may have gotten away with millions of Euros.”

Even beyond ATMs, the cybersecurity threat to Windows XP is still very real. Avoiding or delaying the software upgrade can pose critical risks to firms as their PCs continue to deteriorate and become more susceptible to breaches and attacks. Financial services firms, in particular, should take note, as a recent study published by PricewaterhouseCoopers (PwC) revealed the financial industry is the most targeted group in the cybersecurity world. The PwC study found that 39 percent of financial services respondents had been affected by cybercrime, compared to the next highest industry at 17 percent.

Here are Eze Castle, we strongly advise you to investigate your firm’s current operating system (or if you’re an Eze client, talk to your client relationship manager) in order to ensure measures are taken to avoid any downfall as a result of Windows XP’s end of life. Despite the malware protection extension, XP’s demise still poses a significant threat to users and businesses who have not successfully upgraded.

In the event you aren’t overly tech-savvy and can’t be sure which operating system you’re currently using, Microsoft has made it simple to find the answer by visiting their website.

To continue reading about security, here are a few handy resources we’d recommend:

]]>
<![CDATA[Dropbox Alternatives Coming to a Hedge Fund Private Cloud Near You]]>http://www.eci.com/blog/1730-dropbox-alternatives-coming-to-a-hedge-fund-private-cloud-near-you.htmlTue, 04 Mar 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=1730 Dropbox Alternative for Hedge FundsIs Dropbox becoming a noun? For the sake of this article, let’s say it is.

With over 200 million users, Dropbox (and similar services) is gaining popularity based on its ability to allow users to share files and sync data between devices. These capabilities are very appealing but rely on a public cloud platform that can introduce security and compliance concerns for hedge funds.

Dropbox made headlines last year when it was discovered by security researchers that the service opens some files once they are uploaded. While Dropbox provided an explanation, this can be a serious issue for businesses where employees are using Dropbox to share sensitive company and investment data.

So are your employees using Dropbox? Probably. A study conducted by Gigaom of 1,300 business professionals found that one out of five use public file sharing services, such as Dropbox, with work documents. And, half of those users know their companies have rules against it. This raises the question, how do you give employees access to a valuable tool in a way that meets compliance and security protection obligations?

Hello, Dropbox Alternatives

In the hedge fund space, private cloud providers (like us!) are adding enterprise-class file sync and sharing capabilities into their offerings using technology such as Varonis DatAnywhere. Eze Castle Integration recently rolled out DatAnywhere to our Eze Private Cloud clients.

DatAnywhere aims to strike a balance between security and convenience, which it does well. Employees are able to easily share files and access them across multiple devices while the company is able to set sharing and access control permissions for data. Additional benefits of this Dropbox alternative include:

  • Users have the same drag-and-drop experience as shared network drive or cloud sync folders

  • Data is automatically backed up and version controlled

  • Data is transmitted securely over SSL

  • All access is monitored and abuse is alerted

  • No user gets access to data unless they already have permission to access the data

  • Ability to create and easily share collaboration templates for teams, departments and individuals.

The power of file sharing tools is significant, and users will continue to be drawn towards them even when preventative corporate policies are in place. As a result, hedge funds should consider alternatives to empower their employees while staying compliant.


Contact Eze Castle Integration

]]>
<![CDATA[A Hacker's Tool Kit: Cyber Security Threats to Financial Firms]]>http://www.eci.com/blog/1729-a-hackers-tool-kit-cyber-security-threats-to-financial-firms.htmlThu, 27 Feb 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=1729 It has been said that cyber weapons can be as dangerous as weapons of mass destruction. To emphasize this, at last night’s FBI Citizens Academy seminar on cyber security in financial markets, the speaker noted that if you take out an industry (think financial, teleco) you can cripple an entire country.

But just how would this happen? What’s in a hacker’s tool kit? Quinn Shamblin, executive director of information security at Boston University, provided a glimpse into the cyber security underworld.

Targeting Your Favorite Device

Let’s start with Mobile Device Security. Hackers are shifting their focus and resources to mobile devices. They recognize that a user’s life is virtually encapsulated on his/her mobile device. From contacts and email to documents, passwords and banking apps, mobile devices now hold as much as or more personal information than PCs or laptops. And most devices do not have anti-virus/malware software installed.

Just last Friday, Apple released a critical update to its iOS 7 operating system after a flaw was identified that could give an attacker with a privileged network position the ability to capture or modify data in sessions protected by SSL/TLS (aka public key encryption). Following that announcement, researchers at a cyber security firm (FireEye) published a proof of concept for a surveillance app that, if created and distributed by hackers, could capture every tap on an iPhone’s screen. The information captured, including passwords and credit card numbers, would be accessible to the attacker. These are just two examples of the cyber security threats facing mobile devices. Users need to be aware that these threats exist and practice smart computing on all devices.

DDoS: A Hacker's Version of Leverage

Next let’s talk DDoS (distributed denial-of-service) attacks, a common strategy used by hackers. We are nearing the one-year anniversary of the largest DDoS attack that was dubbed the “DDoS that almost broke the Internet.” As the story goes, Spamhaus (non-profit, anti-spam organization) came under attack by two individuals who were able to harness open DNS resolvers to send incredible amounts of traffic at the Spamhaus website. It is reported that, at one point, 300GB of traffic per second were being pushed.

In a statement on its website, Spamhaus explains that “preventing attacks like these depends on two key technical measures. First, all networks should ensure that they do not allow traffic to leave their network that has 'spoofed' (forged) sending addresses. Without the ability to spoof traffic there would be no reflection attacks possible. Secondly, open DNS resolvers should be locked down and secured. These attacks should be a call-to-action for the Internet community as a whole to address and fix those problems.”

No Update Here

Another vulnerability hackers love to exploit is out of date software. April 9, 2014 will be a big day for the hacker community, because on April 8th, Microsoft officially ends support of Windows XP. This means no more security patches or updates. We can assume that for the last year or so, hackers have been holding Windows XP-related malware just waiting for Microsoft to end support. (Read more on end of life here.)

For the most part, professionals at hedge funds and investment firms have upgraded from Windows XP, but it is not uncommon for a few of these systems to still be on a corporate network and it only takes one highly connected Windows XP device to let hackers into an entire corporate network. So if you haven’t already, now is the time to start planning to have your systems upgraded. At Eze Castle Integration, we are working with clients to set an upgrade timetable for their systems.

As a final thought, the most commonly infected file types are PDF, Flash and Java so make sure you install updates when they are rolled out by the vendors. Also, never open an attachment from a sender you don’t know.

For more cyber security guidance, check out these articles:

Hedge Fund Cyber Security Guide]]>
<![CDATA[Three Reasons the Private Cloud is Just like Olympic Curling]]>http://www.eci.com/blog/1727-three-reasons-the-private-cloud-is-just-like-olympic-curling.htmlThu, 20 Feb 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=1727 Have you been enamored by the coverage of the Winter Olympics the last two weeks? We sure have. And watching all of these great sports we don’t normally get the chance to witness got us thinking – there are a lot of similarities between technology and Olympic sports. They’re both complex in many ways and require experts (engineers and athletes) who are the best of the best at what they do.

One of our favorite sports to watch is curling. And we couldn’t help but notice that Olympic curling and the private cloud are a lot alike. Don’t believe us? Take a look.

Both are safe and secure.

Secure Private Cloud

Let’s be honest: curling clearly presents the least amount of danger and lowest risk for injury at the Winter Olympics. Skiing and snowboarding? We’ve seen our fair share of wipeouts this year. Bobsled, luge and skeleton? Those are terrifying enough just as a spectator. Even figure skating poses a risk when skaters are leaping and twizzling left and right.

But curling? Extremely safe. Athletes can be fairly certain – whether they are curling or sweeping – that they will come out of the event unscathed.

Similarly, users in a professionally managed private cloud environment can rest assured their data and infrastructure are safe and secure. As an investment manager, you should not have to worry about the integrity of your firm’s assets and applications. In a private cloud environment, your infrastructure is protected and monitored by technical experts 24x7x365. To have complete confidence in your firm’s cloud environment, inquire about specific security measures your cloud provider takes to ensure your firm is protected at all times.

Both have a global presence.

Global Cloud

Okay, technically this applies to all Olympic sports, but the countries competing for medals in curling this year cover a wide geography. Male and female athletes from Great Britain, Canada, Sweden, China and Switzerland are vying for Olympic medals this week, and we think it’s great to see so many regions showing off their premier athletes on a global platform.

A cloud platform can only properly support your firm on a global level if it also has a global presence. When looking for a cloud provider, look for a company that can support your operations with data center facilities and employees on the ground in multiple locations. We’re proud to say our Eze Private Cloud supports investment firm users across the world – in the United States, United Kingdom and Asia.

Both require specific technique.

Olympic Curling

At first glance, curling might seem like a simple sport. But in fact, it requires an incredible amount of concentration and skill. The curler (or thrower) is responsible for the delivery of the stone, lunging forward and releasing the stone along the ice. The sweepers are then instructed to sweep the ice in front of the stone in an attempt to reduce friction and control the stone’s trajectory. Strategy and technique are critical to navigating the stone to a place within the house (that series of circle targets you see marked on the ice).

Think you could excel at curling? We’re willing to bet it’s harder than it looks.

Much like curling, the operation and management of a private cloud is not for the average person. Not everyone can design and manage a robust and secure private cloud platform. That’s why relying on an expert cloud provider can make a lot of sense, especially for busy hedge funds and investment management firms. When looking for a cloud services provider to support your firm, seek a company with expertise deploying cloud environments across the globe (see above) and supporting the unique needs of financial services firms. To make it easy, here is a list of questions to ask a potential cloud services provider during the evaluation process.

Visit our Facebook page and tell us which sport in the Winter Olympics is your favorite to watch!

Photo Credits: Wikipedia and Flickr

]]>
<![CDATA[Ledgex Tackles Liquidity Management Challenge for Fund of Funds]]>http://www.eci.com/blog/1726-ledgex-tackles-liquidity-management-challenge-for-fund-of-funds.htmlTue, 18 Feb 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=1726 Ledgex Liquidity Management SoftwareEffectively managi­­ng liquidity and reporting within investment portfolios has been a struggle for fund of funds, institutional investors, pensions and endowments. No manager wants to in a position where their investor liquidity does not match portfolio liquidity but at the same time firms are trying to offer investors more frequent liquidity options as a competitive edge. In some case, investors are even asking for no liquidity limits.

To adapt to the changing liquidity risk landscape, firms are selecting portfolio management systems from companies like Ledgex Systems. Recently, Ledgex released the next generation of its portfolio management platform that delivers new liquidity management and manager research modules. These new tools give firms real-time visibility into their existing and proposed portfolio liquidity options while providing the research and analytics that support the manager selection process.

The Ledgex Liquidity module provides an advanced liquidity modeling utility and reporting engine, which can generate all available options for accessing assets given certain conditions by processing each tranche and their respective trade characteristics with a manager’s liquidity terms. Ledgex can model 90% of the manager liquidity terms used in the industry.

The Ledgex Research module combines CRM, document management and research management capabilities within a single system that removes silos and puts manager research in context with the entire investment portfolio management strategy. Ledgex Research allows investment professionals to efficiently manage, navigate and report on mass amounts of research data, while only acting on the right information. The module adapts to existing processes, from manager selection to manager monitoring, while providing a comprehensive tool to track firm defined manager attributes, including exposures, allocation weighting, attribution, AUM and investor concentration.

Ledgex Liquidity and Ledgex Research further enhance the existing Ledgex platform, which includes:

  • Ledgex Portfolio Manager, a comprehensive portfolio management system that allows managers to easy manage complex portfolio structures and look through these portfolios for exposure, performance and allocation weights.

  • Ledgex Workbench, a front office decision support tool for managing projected capital activity and fund activity and evaluating the impact that these decisions have on your portfolio.

  • Ledgex Investor Relations, a highly configurable tool designed specifically for managing communications, capital movements, meetings, and client interactions in a centralized system that brings organization to the investor relationship management (IRM) process.

Learn more about Ledgex at www.ledgex.com.

]]>
<![CDATA[Give Back this Valentine’s Day: Like for Life Campaign]]>http://www.eci.com/blog/1493-give-back-this-valentines-day-like-for-life-campaign.htmlThu, 13 Feb 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=1493 For the past few years, Eze Castle has held a "Like for Life" Campaign in the hopes of bringing attention to and raising donations for charitable endeavors. Continuing this important tradition in 2014, this year we will be supporting One Laptop Per Child, an organization that focuses on empowering the world’s less fortunate children through education. OLPC’s goal is to provide every child it can with low-cost, low-power, connected laptops. The organization has designed its own hardware, content and software to support this self-empowered learning and to give children the potential for growth and a love of learning.

Because of our love for and obvious interest in technology and hardware, this charity seems like a natural fit. But we cannot support this great cause without your help. To support this worthy organization, Eze Castle is hosting a social media fundraiser in which we pledge to donate $1 to One Laptop Per Child (up to $1,000) for every new “like” we receive on our Facebook page and every new follower received on Twitter (@EzeCastleECI). The pledge campaign will run between February 13, 2014 and March 13, 2014 and we hope you'll make this small move in the hopes of making a big change.

Please take a minute and “like” us on Facebook and follow us on Twitter to help us support One Laptop Per Child and help change the lives of children across the world who deserve the chance to learn.

One Laptop Per Child

If you'd like to learn more about One Laptop Per Child, watch the video below.


]]>
<![CDATA[How Is Your Firm Mitigating Technology Risk?]]>http://www.eci.com/blog/1491-how-is-your-firm-mitigating-technology-risk.htmlThu, 06 Feb 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=1491 Investment risk plays an important role in the life of a hedge fund manager, but technology risk should not. When it comes to your firm’s technology systems and operations, you want things to run efficiently, not add more stress to your already crowded plate.

Mitigating technology risk is a critical step to ensuring your hedge fund operates smoothly and successfully. Following are a few areas to keep in mind as you evaluate your firm’s technology risk:

Layers of Redundancy

One way to reduce your firm’s technology risk is to add layers of redundancy throughout your infrastructure. Whether you’re utilizing a cloud infrastructure or an on-premise environment, your servers, networking and telecomm lines should feature N+1 availability, a configuration in which multiple components have at least one independent backup component to ensure system functionality continues in the event of a failure. Mitigating Technology Risk

Disaster Recovery & Business Continuity Planning

Beyond redundant systems, it’s critical your firm employs DR and BCP strategies to protect systems and the overall business from succumbing to an outage or disruption. A complete disaster recovery solution will leverage replication technology to mirror your production environment to an offsite location. If and when a disaster strikes, employees can access data and applications virtually without missing a beat. Outside of technology systems, you can mitigate risk by relying on a business continuity plan to protect employees and processes. Ensure your BCP plan is communicated throughout the firm and all individuals have a thorough understanding of what to do and where to go if business is interrupted.

Security

One area investment firms need to be especially aware of in today’s age is security, as cyber-attacks and other security-related incidents can pose a real threat to a business’ welfare. In order to mitigate these risks, firms need to take the necessary steps to protect their technology environments from internal and external breaches. Security best practices should be implemented at both the physical and infrastructure levels – meaning wherever your servers are located (cloud facility, colocation, Comm. Room), cages should be locked and monitored 24x7x365. To support these practices, strict and enforceable policies should be adhered to regarding access control and information security management. Read more about security best practices here.

Outsourced Technology Solutions

In order to better mitigate all of the above risks we’ve mentioned, your firm can leverage the expertise of a third-party technology provider. By placing the burden of risk on an outsourced provider, you free up your firm’s resources for other projects – whether they be IT or investment focused. Whether its project-by-project or on a part- or full-time basis, your outsourced IT provider can offer a vast array of services and solutions designed to meet your firms unique needs – and, of course, to reduce your firm's inherent risk.

Looking for more on outsourced technology? Read our Guide to Technology Outsourcing for Hedge Funds.

Guide to Technology Outsourcing

Photo Credit: Flickr
]]>
<![CDATA[Video: Security Incident Response Priorities for Your Hedge Fund]]>http://www.eci.com/blog/500-video-security-incident-response-priorities-for-your-hedge-fund.htmlThu, 23 Jan 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=500 At the end of last year, we predicted security would continue to be a hot topic in 2014 - and our experts agree. It's still such an important topic for hedge funds and investment firms to be educated on that we even dedicated our first webinar of the year to it.

Expert speakers from Eze Castle Integration and eSentire spoke earlier today about security incident response priorities and offered best practices for investment firms looking to plan before a security breach occurs.

Watch the video below and learn more about the three critical phases of security incident management:

  • Planning

  • Response

  • Resolution

Be sure to come back to Hedge IT on Tuesday for a more detailed recap of the event! And don't forget to check out some of our other security articles:

]]>
<![CDATA[Android Apps Coming to a BlackBerry Near You]]>http://www.eci.com/blog/497-android-apps-coming-to-a-blackberry-near-you.htmlTue, 14 Jan 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=497 It’s true, the Canadian smartphone maker BlackBerry is preparing to launch a new firmware upgrade to its BB10 OS smartphone, including the Q5, Q10, Z10 and Z30 phones, that will allow Android apps to become available to its users via the BlackBerry World portal.

There is no question the BlackBerry handsets have been struggling because of a significant “app gap.” Consumers have come to expect unimaginable numbers of apps at their fingertips, which can easily be found on iOS and Android.Android Apps

In the past, BlackBerry only accepted apps created using their own proprietary format. The 10.2.1 upgrade to its BlackBerry operating system will support Android apps.

The company has been approaching big games and apps firm developers to upload their Android apps to a new section on its online app store, BlackBerry World. Developers will only need to submit screenshots and descriptions to have their software listed in the BlackBerry World, which means almost no effort from them. Users, on the other hand, will be able to download and install the apps just as they would any content built for their smartphones.

What are the new improvements to the BlackBerry 0S 10.21 upgrade?

The upcoming BB OS 10.2.1 update is set to bring in new features. The new update is expected to add a new section to BlackBerry World where all Android applications will be listed. The Android runtime is also expected to be upgraded, meaning that users will be able to run newer apps.

The new improvements will now include:

  • Android Native Support: Android apps that use shared libraries written in native-code, such as C and C++, will now be supported on BlackBerry 10. Support is limited to the recommended system headers and APIs as documented by Google. Headers and APIs outside this scope may not function correctly.

  • Bluetooth: Android applications using Android Bluetooth APIs will now work on BlackBerry 10. Bluetooth Low Energy for Android is planned to be supported in a future OS release. As a reminder, Bluetooth LE is supported in the BlackBerry 10 Native/Cascades SDK.

  • MapView v1: Applications that use MapView from Google Maps v1 API are now supported using OpenStreetMaps. Support for MapView v2 API is being planned for a future release.

  • Share Framework: Android applications that register with the share framework in Android will now also appear as share targets on the BlackBerry 10 share menu.

  • Spellcheck: Applications that use text input can now leverage support for spell checking and correction, and the ability to add words to the BlackBerry 10 dictionary.

No date has been confirmed for when BlackBerry is expected to release the OS 10.2.1 update.

]]>
<![CDATA[Five Ways the SEC Will Impact You in 2014]]>http://www.eci.com/blog/495-five-ways-the-sec-will-impact-you-in-2014.htmlTue, 07 Jan 2014 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=495 This week we have a contributed post from Deborah Prutzman, CEO of The Regulatory Fundamentals Group.

Since the summer of 2012 the SEC has embarked on a drive to change the culture within financial services firms, including those in the alternatives space. At first the SEC focused on education—both of its staff and of industry participants. Now the SEC is actively using enforcement as a hammer to drive deeper change. Enforcement cases in 2013 included a focus on boards that failed to properly steer the valuation process and on individuals who misled compliance, as well as the highly-publicized cases involving insider trading.

What does this mean for you in 2014?

Five Ways SEC Will Impact You in 20141. The SEC will continue to focus on governance and on gatekeepers. This means you. Whatever your role-- as an adviser, on a board, or as a service provider-- you must have a grasp of key regulatory requirements. The SEC has announced an initiative to bring enforcement actions for inadvertent (or in technical terms “non-scienter”) violations. Do not let your firm be on that list. Take the time to learn what is required of you. Doing otherwise is like crossing the street with your eyes closed. Some may make it across, but do you want to be the one hit by a truck?

2. The SEC will continue to follow the money. This means continued focus on conflicts, valuation, expenses and compensation. Exam questions will change accordingly, as will enforcement proceedings and investor scrutiny. Recent enforcement proceedings illustrate that staff can be reluctant to raise issues with senior management that have the potential to hit the bottom line. Reflecting point #1, senior managers must encourage staff to raise these issues and demonstrate their importance by undertaking their own meaningful inquiries. Guidance may come from the UK regulators which have instructed management to undertake an internal conflicts assessment. (In fact, again reflecting point #1, UK regulators required some CEOs to attest that an assessment of conflicts has been presented to their firm's governing body and that the firm’s process for handling conflicts is adequate.)

3. Your protection will be a strong governance process. Senior management will need to be able to clearly articulate how it satisfies its “duty to supervise”— to drive both business results and to comply with legal requirements. There can always be a bad actor in an organization. Should enforcement personnel determine this to be the case, senior management will protect their firm and its staff during the enforcement process by showing that the individual acted alone. In short, strong governance provides coverage and credit if a bad actor is discovered. On a related note, the SEC relies heavily on cooperation and strong supervision can lead to meaningful cooperation in the regulator's eyes.

4. A strong governance process will include a full-fledged compliance program. This is compliance as an organic part of the organization and incorporates risk assessments and enhanced testing, not just the existence of a compliance manual. It will also include self-reporting and other behaviors underscored in the U.S. Federal Sentencing Guidelines.

5. Investors will focus on these issues even more in 2014 than in 2013. They will add a third leg to their due diligence efforts—legal and regulatory due diligence, which complements market and operational issues that were the focus of due diligence in the past.

The upshot of all this is that understanding the issues, and staying ahead of any changes, will help you run a tighter ship, understand your business better and protect you, your staff and your firm should something go awry. Doing so will not only keep regulators at bay, but will also instill greater confidence in your investors. In a tough market where investors are increasingly concerned with legal and regulatory exposure, managers who master regulatory requirements will enjoy a competitive advantage over firms that do not provide their investors with the same level of protection.

]]>
<![CDATA[Best of the Year Blog Posts: 2013 Edition]]>http://www.eci.com/blog/493-best-of-the-year-blog-posts-2013-edition.htmlTue, 31 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=493 I know, I know, we say it every year. But can you believe another year has come to an end? Even more amazing? We’ve now been bringing you fresh content on Hedge IT for nearly four years – including close to 400 articles! As we look ahead to 2014, we want to extend a huge THANK YOU to our loyal Hedge IT readers and hope you’ll stick around to see what we have up our sleeves in the New Year. Here’s a hint: it may even include a fresh new look...

With that said, as we do every year, let’s take a look back at some of our most popular Hedge IT articles from 2013. Here are some of your favorites (and ours, too).

Most Investment Firms Are In the Cloud: Are You?

Back in September, we revealed the results of our 2013 Survey: Examining Cloud Usage within the Investment Management Industry. In conjunction with IDG Research, we surveyed more than 100 financial services firms and found that nearly all of them (87%) are using the cloud in some way. Other key findings included the dominance of the private cloud (74%) and the growing belief that the private cloud is just as secure as an on-premise infrastructure. Read the complete survey report here.Happy new Year 2014

A Look at Liquidity Risk Management

Investment firms face a host of liquidity risk and data management challenges in today’s changing environment. But new and robust tools are designed to assist firms with these challenges and help them achieve the highest levels of liquidity management efficiency. Our partners at Ledgex Systems have built one such tool.

AIFMD’s Impact on US Hedge Funds: An Expert’s View

The Alternative Investment Fund Managers Directive (AIFMD) went into effect in 2013, but before its inception, we hosted a webinar with Bill Prew, founder of INDOS Financial, and he took us through the legislation’s goals and objectives and how both UK and US fund managers might be affected. Read his key highlights and watch a full replay of the webinar.

10 Signs it’s Time to Rethink Your Approach to DR & BCP

Another one of your favorite webinars of 2013 was our session on rethinking disaster recovery and business continuity. Our resident DR & BCP experts, Steve Banda and Lisa Smith, took us through their 10 signs to look for, which included everything from hardware refreshes and due diligence reviews to organizational changes and incident response practices.

The Business Case for Moving to the Cloud: A Hedge Fund Manager’s View

While the technology benefits of moving to the cloud are well-known, the business case is just as important – and often misunderstood. Some of the key business benefits realized as a result of cloud services include transferring from CapEx to OpEx, enhancing operational efficiencies and hosting applications with increased ease.

The Hedge Fund CFO’s IT Checklist: Questions to ask about the cloud

Speaking of the business case for the cloud, it oftentimes falls to a hedge fund’s CFO to manage technology – but what if that person doesn’t have a technology background? We provided a handy checklist for hedge fund CFOs to reference when asking about the cloud. Important information to gather should include upfront costs, budgeting & forecasting, security concerns and compliance considerations.

Training Your Employees on Information Security Awareness

Security was one of the hottest topics of 2013 – and we predict it will remain so in 2014. One often overlooked component of hedge fund security is remembering to train and educate employees on security vulnerabilities and what they can do to protect themselves and their firm. Coordinating a formal training session is a good strategy for ensuring everyone is on the same page.

Is Bigger Always Better? Advice for Hedge Funds Named David

This year in San Francisco we gathered an exciting panel of experts to talk about technology and hedge fund outsourcing. Their conversation focused mostly around how smaller and mid-sized firms can leverage outsourcing to compete with their larger counterparts. (We’re talking David vs. Goliath here!). Read the full article for some insight into advantages your firm may have if you’re on the smaller side, too.

That’s it for us in 2013! We wish all of our clients, partners, colleagues and friends a safe and happy New Year and hope to see you in 2014!


Photo Credit: Google]]>
<![CDATA[New Year, New Trends: What to Look for in Technology in 2014]]>http://www.eci.com/blog/492-new-year-new-trends-what-to-look-for-in-technology-in-2014.htmlThu, 26 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=492 It’s hard to believe, but it’s already the time of year we look into our crystal ball and predict the top technology trends for the coming year. 2014 is right around the corner, so here’s a look at what we think will be some of the dominant topics in the tech world.

Hedge Fund Outsourcing Grows in Popularity
One dominant topic that came up during our Boston hedge fund event earlier this month was outsourcing. According to several experts, hedge funds and investment firms can and should continue to outsource areas of their business to service providers as a strategic initiative. Outsourcing leave the nuts and bolts of any area (be it technology, fund administration, etc.) to the service provider, and it allows the fund to focus on higher value areas including, naturally, investment management.

Cloud Solutions Become the Standard
There is no denying the steady adoption of cloud services among hedge funds and investment firms over the years. In fact, our 2013 Cloud Usage Survey shows adoption has risen to nearly nine out of ten firms across the U.S. In 2014, we believe the cloud will become the de facto solution for 2014 Fireworksbusinesses as firms gravitate towards the simplicity, flexibility and ease of management the cloud has to offer.

Security Remains Top Concern
For the last few years, security has been a prominent area of focus for businesses of all kinds, especially investment firms. We’ve spent countless hours talking about hedge fund security and offering our best practices and tips for firms to rely on to stay protected. Unfortunately, cyber-attacks and security threats still pose serious risks, and all firms must work diligently in 2014 to stay educated on the topic and implement sound practices to mitigate any internal breaches or external vulnerabilities. We believe security is such a serious topic, in fact, we’re even kicking off our 2014 webinar series with an installment on Incident Response. To pre-register for this event, email us.

BlackBerry’s Decline Continues
BlackBerry made headlines again this week, as its co-founder abandoned plans to buy the company outright and reduced his stake in the company to under five percent. The announcement comes on the heels of news that BlackBerry lost $4.4 billion last quarter and is discontinuing hardware development to focus more on the software side of the business. In 2014, we expect Apple and other smartphone devices and operating systems to continue their dominance as BlackBerry, sadly, becomes a name of the past.

The War Goes On: PC vs. Tablet
Speaking of changes, one could argue there will be no greater transition on the technology front than the current shift away from PCs and toward tablets and smartphones (BlackBerry excluded, apparently).

According to some, tablets are the new PCs and will account for about half of the “PC” global market share in 2014. Others predict traditional PC purchases to increase in the future as refresh cycles hit and more traditional consumers opt to stay true to the devices they have previously owned. Earlier this year, Intel sponsored an InfoBrief which found that U.S. adults are still using traditional PCs as their primary computing devices. Productivity will play a significant role is how both consumers and businesses select which devices to use and recommend.

Be sure to come back next week as we take a look back at our top Hedge IT blog posts of 2013!

Photo Source: Google]]>
<![CDATA[Happy Holidays From Eze Castle!]]>http://www.eci.com/blog/491-happy-holidays-from-eze-castle.htmlTue, 24 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=491 In honor of the holiday season we would like to wish our clients, partners, colleagues and friends a happy and healthy new year. May it be filled with success and good fortune!

Click here to see our 2013 Holiday eCard.

Happy Holidays

]]>
<![CDATA[2013 Benchmark Study Reveals Top Hedge Fund Applications]]>http://www.eci.com/blog/490-2013-benchmark-study-reveals-top-hedge-fund-applications.htmlThu, 19 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=490 The results from our Global Hedge Fund Technology and Operations Benchmark Study are in and here is a snapshot of the 2013 findings. You can find the complete report here. We surveyed 538 buy-side firms across the United States, UK and Asia in order to discover their front, middle, and back office technology and application preferences.

Respondent Profile

All survey respondents fell into the following categories within the financial industry: hedge fund (60%), asset/investment manager (13%), private equity firm (8%), fund of hedge fund (5%), non-financial firm (5%), advisory firm (1%), broker dealer (1%), venture capital firm (1%), quant fund (1%), or ‘other’ (3%).

The firms resided in three different asset classes: 30 percent reported their AUM as $100 million and under; 32 percent fell between $101 and $500 million; and 38 percent reported over $500 million in assets under management.

In regards to investment strategy, long/short equity continues to dominate as the most favorable with 45 percent of respondents reporting this to be their primary investment strategy. Other preferred strategies include fixed income (8%), credit (7%), global macro (6%), emerging markets (6%), distressed debt (5%), and event driven (4%). The top prime brokers employed by firms in 2013 are Goldman Sachs, Morgan Stanley, Credit Suisse, JP Morgan and UBS (same as last year).

Front Office

OMS: Firms use order and execution management systems in order to support trading, operations, compliance and portfolio management. Once firms have passed their initial launch phase and start seeing investment growth, a robust and efficient solution becomes critical to their continued progress and development. Our survey found that most firms rely on Eze Software Group’s Eze OMS, followed by Bloomberg’s Asset and Investment Manager (AIM), Advent’s Moxy and RediPlus EMS.

Market Data & Analytics: Bloomberg continues to be at the head of the pack as far as market data services and analytics in the financial industry. Respondents reported that 92 percent are using Bloomberg for market data and 82 percent for market analytics.

Research & Document Management: Even with the growing need for research and document management tools, more than half (55%) of firms responded that they are not using a formal RMS tool. Most firms (34%) are still using an in-house or proprietary system for research and document management. For those firms using a specific tool, Advent’s Tamale, Microsoft’s SharePoint, or Code Red RMS are the most common.

Middle & Back Office

Portfolio Accounting: Advent Software continues to be the primary market leader in regards to portfolio accounting with its APX and Geneva products remaining the top two choices among investment firms surveyed. Both APX and Geneva users represent 27 percent of the market share, accounting for more than half of the total responses from firms surveyed.

Risk Management: We are still seeing slow growth towards the adoption of risk management solutions despite the high demand for firms to manage risk in all areas of business- including portfolio, compliance and operational risk. This may be due to firms outsourcing risk management capabilities to a fund administrator instead of using a formal RMS system. For those firms that do have a formal solution in place, the most popular vendors used outside of proprietary systems include Advent, Calypso, Risk Metrics and SunGard.

Outsourced Administration: While not all firms choose to utilize an outsourced fund administrator for more comprehensive services, those that do tend to work with a variety of different vendors. Citco was the top choice among our survey respondents, followed by SS&C GlobeOp, and Goldman Sachs. Northern Trust, State Street and US Bancorp also made the list of top administrators.

Customer Relationship Management: The top three CRM tool providers remain consistent from last year's survey. However, Salesforce.com has moved forward as the most popular solution with Backstop in second and Pertrac slipping to third place.

Message Archiving: A vast majority of survey respondents (82%) are relying on Global Relay for their email and IM message archiving services. This figure also includes Eze Castle’s Eze Archive service, which is powered by Global Relay. The remaining firms are primarily using Smarsh, Frontbrige, Postini, Symantec or Microsoft Exchange.

Mobile Technology: We continue to see firms using BlackBerry (92%) as their primary mobile solution. However, iPhone use has increased because of the recent trend in BYOD and the deployment of mobile device management solutions.

What’s Next?

Like past years, we expect to see the rise in adoption of cloud services will remain a major game changer in how hedge funds and investment firms choose the technology that supports their operations. According to the results of our survey: Examining Cloud Usage within the Investment Management Industry, which came out earlier this year, nearly 9 out of 10 firms are using cloud services currently or plan to do so in the near future. Additionally, we expect to see firms select their technology based upon the influence of investors. Investors have become more knowledgeable about the technology landscape and are placing greater demands on the quality of technology used by investment firms. Firms should expect to see greater expectations, and in return be optimistic for greater rewards!

We hope our 2013 Hedge Fund Technology Benchmark Study will serve as a guide and assist firms in making these critical decisions.

2013 Hedge Fund Technology Report

]]>
<![CDATA[Painting a Picture of Hedge Fund Technology (Infographic)]]>http://www.eci.com/blog/489-painting-a-picture-of-hedge-fund-technology-infographic.htmlTue, 17 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=489 They say a picture is worth a thousand words so here is an infographic of our 2013 Global Hedge Fund Technology Benchmark Study that explores the most common front, middle and back office applications and technology used at today's hedge funds.

You can download the full report HERE or come back Thursday for more interesting findings from the study.

]]>
<![CDATA[Five Years Later: How Bernie Madoff Has Transformed the Investment Industry]]>http://www.eci.com/blog/488-five-years-later-how-bernie-madoff-has-transformed-the-investment-industry.htmlThu, 12 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=488 Yesterday marked exactly five years since the infamous Bernie Madoff was arrested for executing the largest Ponzi scheme in U.S. history. As a result, Wall Street and the investment community has undergone a plethora of changes designed to avoid such scandals in the future. Let’s take a look at the lasting impact of Madoff and what changes we can still expect to see in the future.

The History

Unless you’ve been living under a cave for the last several years, you’ve heard the name Bernie Madoff and understand its association with all things negative: scandal, fraud and disgrace. The former NASDAQ chairman and founder of Bernard L. Madoff Investment Securities LLC (BLMIS) swindled billions of dollars and affected more than 12,000 investors, faking investment returns over the course of multiple years.

Amidst the nation’s most serious financial crisis since the Great Depression, we all learned of Madoff’s devastating scheme. He eventually turned himself in at the urging of his sons and is currently serving 150 years in federal prison for his crimes.

The Impact Bernie Madoff - Cover of Portfolio Magazine

The effects of Madoff’s investment scheme can still be felt throughout the investment community and across Wall Street. Shortly after Madoff’s confession (and the US financial crisis), the Securities and Exchange Commission (SEC) began taking steps to combat similar scandals and protect future investors. One of the first initiatives put into place post-Madoff was the Dodd-Frank Act, also known as the Wall Street Reform and Consumer Protection Act In addition to registration requirements and new rules for exemptions, Dodd-Frank also prompted hedge funds and investment firms to adhere to new reporting requirements and gave the SEC authority to monitor financial firms with the potential to pose systemic risk.

Around the time Congress began working on Dodd-Frank, the investment industry also began making general calls for greater transparency to investors. The rise in comprehensive due diligence inquiries from investors over the past years has been significant, as investors want more clarity and insight into the funds they are allocating their investments to. We continue to assist our hedge fund clients in completing due diligence questionnaires relative to their technology and security practices to satisfy investor requests and give them greater piece of mind.

More recently, the SEC has adopted additional reporting requirements to prevent future Madoffs from arising. In July 2013, the SEC voted to approve a rule requiring brokers to file quarterly reports detailing how they maintain customer securities and cash.

Lastly, according to Forbes, the SEC has continued to file record numbers of investigations and enforcement actions against advisors and other investment firms, making good on their promise to pay closer attention to the actions of those in the investment world.

The Future Due Diligence Prep Tools

Though Bernie Madoff may reside in a North Carolina prison, the fallout of his incredible Ponzi scheme is very much part of our world today. Five former Madoff employees are currently standing trial for their alleged participation in the scandal. Beyond their individual fates, Wall Street and the greater investment community will continue to feel the effects of Madoff’s fateful decisions. Investors have come a long way in demanding greater transparency and reporting standards from firms, and we expect that will only continue in the years to come. On the technology side, investors are careful to inquire about the specific systems and infrastructure used to secure and protect their assets – another critical component to ensuring a similar financial crisis does not take place. Only time will tell how else the industry will continue to adapt following the Madoff scheme and other financial crises.

To read more about hedge fund due diligence, check out these articles:

Photo Credit: Flickr]]>
<![CDATA[The Who, What, When and Where of the Bad, Bad Cryptolocker Ransomware]]>http://www.eci.com/blog/487-the-who-what-when-and-where-of-the-bad-bad-cryptolocker-ransomware.htmlTue, 10 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=487 At last week’s Hedge Fund Launch 2.0 seminar, the topic of the malicious Cryptolocker malware that is circulating was highlighted as a wakeup call for why backup and security are nonnegotiable IT components. Questions abounded about this new evolution in malware so today’s post aims to address the who, what, when and where of Cryptolocker as well as a few other common Qs.

What is Cryptolocker?

Cryptolocker is a new variant of ransomware that restricts access to infected computers by encrypting them and demanding that the victim pay the attackers a ransom in order to decrypt and recover their files. Some versions of Cryptolocker can encrypt local files as well as external hard drives, network file shares and even cloud storage services that allow local folders to sync with online storage. The malware is severe and a real threat. If a company becomes infected and does not have their files backed up the files may be lost.

At Eze Castle Integation we have had clients become infected. Thankfully in these cases the clients had the appropriate backup systems in place and were able to restore the files to the pre-infection state. As of this time, the US-CERT says the primary means of infection appears to be phishing emails containing malicious attachments. The attachments may look like legitimate emails, so it is important to remind users not to click on any email links if they do not know the sender.

Fake Email

Who is behind Cryptolocker?

This is a difficult question to answer as it appear there may be a few different cyber-attack groups using CryptoLocker at the moment. What is known is that attackers demand a ransom payment in a number of different payment methods, including Bitcoin, that allows them to stay anonymous. Bitcon is an open source peer-to-peer payment network.

Where and who is Cryptolocker targeting?

According to Kaspersky’s Costin Raiu, this malware primarily targets users from US and UK, with India, Canada, Australia and France being second-tier targets.

What’s the difference between Ransomware and Cryptolocker? (This Q&A comes direct from Symantec)

The difference between Ransomlock and Cryptolocker Trojans is that Ransomlock Trojans generally lock computer screens while Cryptolocker Trojans encrypt and lock individual files. Both threats are motivated by monetary gains that cybercriminals can make from extorting money from victims.

What happens if my computer is infected?

According to Kaspersky, once infected, the ransomware-interface displays a countdown clock of three days, warning users that if time elapses, the private decryption key will be deleted forever, and there will be no way to recover the encrypted files.

At this point, users have two choices: 1) pay the ransom and hope the attackers make good on their “promise”or 2) recover their data from backups. Any hedge fund or investment management firm should be able to confidently select option number 2. Regular backups are a nonnegotiable part of a hedge fund’s data protection strategy and the cryptolocker virus highlights just why.

CryptolockerUS-CERT also suggests the following possible mitigation steps that users and administrators can implement if they believe a computer has been infected with Cryptolocker:

  • Immediately disconnect the infected system from wireless or wired networks. This may prevent the malware from further encrypting any more files on the network.
  • Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware.
  • If possible, change all online account passwords and network passwords after removing the system from the network. Change all system passwords once the malware is removed from the system.

What can we do to avoid getting infected?

Here are a few things you can do to prevent your PC from being infected:

  • Most viruses are introduced by opening infected attachments or clicking on links to malware usually contained in spam email. Have users avoid opening emails and attachment from unknown sources, especially zip or rar archive files.
  • Don’t open attachments from an unknown sender.
  • Maintain up-to-date anti-virus software.
  • Use a drive that is backed up to save important files – do not save them to a local machine/PC that is not backed up regularly.
  • If you must save files locally, make sure they are backed up somewhere and regularly.
  • Keep your PC and software up-to-date.

Some handy articles on security best practices:


Hedge Fund security guidebook]]>
<![CDATA[Expert Tips for Launching a Hedge Fund in a New Environment]]>http://www.eci.com/blog/485-expert-tips-for-launching-a-hedge-fund-in-a-new-environment.htmlThu, 05 Dec 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=485 As we look forward to 2014, we can expect that the hedge fund and investment management industry will continue to evolve and experience change as in years past. As more and more new funds launch, the competition for investors will increase and firms will be hard-pressed to live up to the successes of the top performing funds in the industry.

Earlier this week, we gathered several panels of experts in Boston to share their insights into the hedge fund landscape for startups in 2014 and the tips and advice for firms looking to compete in the changing marketplace. Following is a brief recap of the event.

Building a Hedge Fund is Like Building Any Successful Business

When starting a new firm, it’s critical to think about all aspects or forming a new business. Yes, your investment strategy is important, but if the foundation of your business is not critically thought out, it will wreak havoc for your firm. Following are a few areas you shouldn’t overlook as you go through the launch process:Open for Business

  • Talent identification: As you build your business, choose employees who complement you and your vision for the firm. Be sure to spend time with people on your team from the start to avoid clashes down the road.

  • Planning for growth: It’s critical to think beyond your initial startup. Investors want to see growth plans, and you should expect to develop one that details your goals for the next 3 to 5 years.

  • Story-telling. Speaking of investors, you only get so many opportunities to impress them. Be sure to tell your story (and make it interesting!). Keep the lines of communication open as you secure an investor base.

  • Maintaining privacy: In Massachusetts, there are strict regulations about keeping client and investor personal information confidential and private, in other words, encrypted. MA 201 CMR 17 should be taken seriously and not overlooked as Boston-area firms look to launch. Keep in mind, the regulation applies to firms who have clients/investors in MA – so even if your firm isn’t based there, you may be subject to compliance.

Achieving Institutional-Grade Technology

One way to set yourself apart from your competition is by ensuring your technology is up-to-snuff. As you look to implement a technology solution (either in-house or with an outsourced provider), remember that investors are more tech-savvy than ever and expect to see robust systems and practices in place to protect their investments.

One of the biggest technology priorities for 2014 is security. With threats and ‘hactivism’ at an all-time-high, it’s more important than ever that firms implement sound security best practices to thwart attacks and protect critical infrastructure. Adding various layers of security will help ensure your firm doesn’t succumb to an attack or breach. At a baseline, firms should implement secure firewalls, anti-virus protection and spam and web filtering solutions, plus ensuring strong passwords are maintained and changed often. If you want to add additional layers of redundancy, you should consider real-time monitoring and intrusion detection. Malicious virus attacks such as the Cryptolocker virus have circulated recently and are important reminders to employ security best practices throughout your firm.

Other technology priorities for 2014 include maintaining comprehensive DR and BCP plans. Investors expect to see that your firm is prepared for an outage or disaster – whether it be an office power outage or a regional disaster. Educating and training employees on proper procedures is also essential to ensuring your business remains operational regardless of the situation.

Capital-Raising in a New Era

As the investment industry continues to evolve, capital raising becomes more of a strategic effort for hedge fund firms. And with the recent implementation of the JOBS Act – allowing firms to openly market and advertise to investors – firms need to get serious about their fundraising strategies.

It’s important to understand what investors are looking for. Here are a few qualities:

  • High positive returns
  • An experienced portfolio manager with the ability to raise assets
  • Proven track record
  • Insight into the non-investment side of the business (e.g. operations, technology, etc.)
  • Follow up and communication
  • Better terms and less complexity

Once you have a firm understanding of what your potential investors are looking for, it’s time to pull yourself together and begin preparing. Follow these simple tips outlined by our speakers:

  1. Define your story. Formulate your vision and tell investors who you are. Seize the opportunity and make sure you get it right.
  2. Identify your audience. Does your target have an appetite for your product? Highlight the importance of having a targeted marketing plan.
  3. Do your research. Know who you are meeting with.
  4. Make yourself available. Maintain regular communication with investors and give them access to other members of your firm to speak with.

That’s it, folks! Our speakers had a lot to say. If you have any questions about tips and best practices for starting a hedge fund, please reach out to speak to one of our experts.


Contact an Eze Castle representative

Photo Credit: Flickr]]>
<![CDATA[Reflecting on What We're Thankful For This Thanksgiving]]>http://www.eci.com/blog/483-reflecting-on-what-were-thankful-for-this-thanksgiving.htmlMon, 25 Nov 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=483 It’s almost Thanksgiving, and like always, we are reflecting on what we are truly greatful for. This year, we thought we’d ask some of our Boston employees what they’re thankful for this holiday season.

View our slideshow below to see their answers!

Click to play this Smilebox slideshow
Create your own slideshow - Powered by Smilebox
A digital slideshow by Smilebox
]]>
<![CDATA[Cybersecurity Insurance Evolving to Protect Businesses From Increasing Threats]]>http://www.eci.com/blog/478--cybersecurity-insurance-evolving-to-protect-businesses-from-increasing-threats.htmlThu, 07 Nov 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=478 Last month, former Secretary of Homeland Security Michael Chertoff said the most significant threat we face as a nation is cybersecurity. That’s a pretty jarring statement given the threats our country faces in terms of terrorism and war, for instance. But the reality is, cyber networks have become the gateway for risks both on the global terrorism front as well as within our internal circles at our places of business.

With watchful eyes geared towards security threats, interest in cybersecurity insurance continues to rise. The Department of Homeland Security and the Department of Commerce have identified cybersecurity insurance as a viable opportunity to thwart the effects of security breaches and attacks by:

  • Promoting widespread adoption of preventative measures;
  • Encouraging the implementation of best practices by basing premiums on an insured’s level of self-protection; andSecurity Headlines
  • Limiting the losses that companies face following a cyber-attack.

Cybersecurity insurance can cover risks including data breach or loss, network damage, and cyber extortion, though less tangible damages such as client losses or reputational damages may be more difficult to find coverage for.

The cybersecurity industry, particularly the insurance companies themselves, are working diligently to address increasing concerns and identify potential risks so as to properly protect businesses in the future. Insurance companies, for example, have a naturally vested interest in promoting greater security to minimize risks, as they will, in the end, be required to pay out cyber losses to any affected parties. Therefore, according to Bloomberg Law, “an insurer can require a policyholder to establish that it has adopted certain precautions and practices before the insurer will issue coverage. The [Internet Security Alliance] asserts such requirements may eventually become de facto standards that are tailored to fit the needs of diverse businesses.” Insurance companies may also exercise the benefit of offering lower premiums to firms already employing cybersecurity best practices.

What is the future of cybersecurity insurance?

It’s hard to say at this point, as the industry continues to evolve at a rapid pace. With security risks of a diverse nature, it will take time for the proper authorities, including Homeland Security and the Internet Security Alliance – as well as the insurance providers – to work together in identifying a list of comprehensive cyber risks and encouraging effective precautions and best practices. We’ll be keeping our eyes and ears open to any developments on this in the near future.

For more information on cybersecurity, check out these interesting reads:


Contact an Eze Castle representative


Sources:
Bloomberg Law, Cybersecurity: Moving Toward a Standard of Care for the Board,” http://about.bloomberglaw.com/practitioner-contributions/cybersecurity-moving-toward-a-standard-of-care-for-the-board/

Department of Homeland Security, http://www.dhs.gov/publication/cybersecurity-insurance

]]>
<![CDATA[While Your Traders Watch Twitter, Is Your Fund Still Compliant?]]>http://www.eci.com/blog/476-while-your-traders-watch-twitter-is-your-fund-still-compliant.htmlThu, 31 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=476 Happy HalloweenFirst and foremost, Happy Halloween!

In honor of Halloween, I’m going to share a trick and a treat about the world of social media and investment firms.

First the trick.

Did you hear the story about how shares of bankrupt Tweeter soared when Twitter announced its IPO? If not, here goes According to WallStreetInsanity, on October 4, 2013, “shares in bankrupt TWTR Inc. (OTC: TWTRQ) were up over 1500 percent as the company’s stock soared from $0.0 to $0.15 on extremely heavy volume. Seems some people thought the consumer electronics retailer was Twitter.”

This story demonstrates that traders are monitoring social media outlets for investment ideas even if they are not personally participating. It also shows that many of those folks buying TWTRQ didn’t quite understand how an IPO works or what Twitter will be valued at (certainly not pennies), but we’ll ignore that fact for the sake of this article.

Now for the treat.

Social media can be a powerful tool for business development as well as investment idea generation. If a hedge fund is participating in social media they absolutely need an archiving solution in place, because like other forms of electronic communications, social media is also subject to regulatory requirements. According to Global Relay, FINRA Notice 10-06 and 11-39 advise that firms must ensure they have an archive in place to retain all records of social networking communications as per SEC Rules 17a-3, 17a-4 and FINRA Rule 4511 — much the same as with business email and instant messaging.

However, what if the fund isn’t participating, but traders are monitoring Twitter for investment ideas?


Good question. Increasingly, traders are using social media for a real-time barometer of what is going on in the markets. Analyzing data can help firms spot new trends and gauge whether traders are optimistic or pessimistic. This information can be useful in ascertaining if a stock or asset is gaining attention and ready to move. At the same time, at the Reuters Investment Outlook 2013 Summit, an FBI agent said the FBI is using social media tools to investigate insider trading.

The growing use of social media for trade ideas combined with increasing regulations is making it even more important for hedge funds and investment firms to be aware of how and where employees are using these tools. If traders are actively monitoring Twitter, we recommend firms put a policy in place and consider supporting technology such as Global Relay Archive for Twitter.

Beyond just capturing all messages (i.e. tweets, mentions, direct messages, etc), Global Relay Archive for Twitter captures a user’s actual Twitter feed along with its contextual metadata. According to Global Relay, the end result is a rich representation of the messaging data within the Archive for review and supervision.

Here are a few other articles on social media you may find interesting:


Contact Eze Castle Integration


]]>
<![CDATA[Opalesque Radio: Answering Fund Operational Challenges]]>http://www.eci.com/blog/475-opalesque-radio-answering-fund-operational-challenges.htmlTue, 29 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=475 Eze Castle on the RadioThis week Opalesque Radio featured an interview with Bob Guilbert, managing director here at Eze Castle Integration, on addressing operational challenges facing hedge funds with cloud solutions.

The 9:30-minute podcast covers a range of topics. You can listen to the full podcast HERE, just jump to the sub-features that interest you most below.

Hedge Fund Differentiation & the Cloud

Can you tell us something about the hedge fund clients you service and the kinds of challenges they are confronted with today? How can such hedge funds differentiate themselves? What are the business needs that make such hedge funds consider or switch to cloud-based solutions?

Duration: 02:39



Play now

Cloud Adoption Rates

So how has Eze Castle seen the rate of cloud adoption increase over the last few years? What are the different ways in which cloud-based solutions can be used?


Duration: 01:18


Play now

Public, Private or Hybrid

Are hedge funds primarily using public, private or hybrid clouds?


Duration: 00:32


Play now

Hot Topics: DR, BCP and Security

How can hedge funds achieve improved disaster recovery and business continuity? What level of security does it, and can it, offer in the context of cybercrime?


Duration: 02:33


Play now

Cloud Security?

Based on your survey findings, security is identifiable as a primary reason for hedge funds to embrace the private cloud. What sort of security practices should firms be looking to put in place, or expect from their service providers?

Duration: 01:23

Play now

The Future of Hedge Fund IT?

How are you expecting hedge fund service related technology to evolve? Will cloud-based services still be the technology-of-choice for investment firms?

Duration: 01:03

Play now

Hedge Fund Cloud Adoption Survey Report 2013

















]]>
<![CDATA[Goodbye Windows XP and Office 2003: Are you ready for End of Support?]]>http://www.eci.com/blog/474-goodbye-windows-xp-and-office-2003-are-you-ready-for-end-of-support.htmlThu, 24 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=474 On April 8, 2014 two Microsoft products – Windows XP and Office 2003 – will reach "end of support". End of support refers to the date when Microsoft no longer provides automatic fixes, updates, or online technical assistance for these products.

What Does This Mean?

Microsoft XP End of Life

End of support is significant for a number of reasons. First, this means that Microsoft will no longer be a support option should complex issues arise surrounding the software.

Secondly, Microsoft will no longer provide security hotfixes or any patches for these systems. This means that any security vulnerabilities left in these systems will no longer be addressed by Microsoft and calls to their support will not be worked.

The longer workstations keep Windows XP and Office 2003 versions the more vulnerable they become to virus/malware/rootkit infestations and risk potential data compromise.

What Should I Do?

If you haven’t already, now is the time to start planning to have your systems upgraded. At Eze Castle Integration, we are working with clients to set an upgrade timetable for their systems.

It is important to note that, as of now, Bloomberg software is not supporting Office 201. Therefore, Bloomberg users may select to have any new PCs downgraded to Outlook 2010. Bloomberg’s September 2013 release notes for their software state a TBA answer for support of Office 2013.

If you are an Eze Castle Integration client, please contact your client manager with any questions.

Related Articles:

]]>
<![CDATA[A Best Practices Guide to Business Continuty Planning]]>http://www.eci.com/blog/472-a-best-practices-guide-to-business-continuty-planning.htmlThu, 17 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=472 There has been a lot of discussion about “best practices” lately when it comes to business continuity and disaster recovery planning, especially as we approach the first anniversary of Hurricane Sandy. In fact, I had the pleasure of speaking about some specific DR and BCP best practices earlier this week during a webinar, 10 Signs It’s Time to Rethink Your Approach to DR/BCP.

If you do a Google search for “business continuity and disaster recovery best practices,” you’ll get several options to choose from. However, if you are in working in the financial industry, the first resource you should consider taking a look at is the best practices guide published by the SEC, FINRA and CFTC in August 2013.

Sandy was a remarkable storm that affected many businesses along the East Coast, including hedge funds and investment firms based in the tri-state area. Post-Sandy, regulatory bodies including the SEC, FINRA and CFTC met with several registered advisors to ensure they were prepared for future disasters. Based on the findings, these organizations developed a four-page best practice guide for investment firms.

As a Certified Business Continuity Planner, I’ve had the pleasure of working with some of Eze Castle’s clients to compare these best practices with their own BCP and DR planning strategies. Below I’ve outlined some of the primary best practices offered by the SEC/FINRA/CFTC and how they can be applied to your firm. I encourage you to take these to heart as you are developing new BCP/DR plans and modifying existing strategies.SEC Best Practices for Business Continuity Planning

1. Communication Plans

  • Outline procedures for communicating with external business partners (regulators, exchanges, emergency officials, etc.)

  • Ensure your website is kept current and can post a recovery status.

  • Consider multiple broker-dealer relationships to allow for multiple market entry points

2. Remote Access/Telecommunication

  • Validate that employees have the ability to work remotely, especially essential personnel.

  • Assess the resources being utilized by employees to work remotely to identify areas for improvement to increase efficiency.

  • Validate your firm’s infrastructure can accommodate telecommuting of all employees.

3. Review and Testing

  • Conduct full BCP tests at least annually.

  • Validate critical functions can operate regardless of location.

  • Ensure employees complete annual BCP Training.

4. Telecommunications Services and Technology Considerations

  • Implement telecommunication redundancy.

  • Evaluate contingency plans for telecommunication vendors.

  • Review multiple alternative staffing scenarios.

5. Vendor Relationships

  • Ensure adequate BCPs for clearance and settlement, banking and finance, trading support, fuel, telecommunications, electricity, etc.

6. Regulatory and Compliance Considerations

  • Define time-sensitive regulatory requirements.

  • Keep BCP current to meet changing industry demands.

7. Telecommunications/Transportation/Utility

  • Plan for widespread outages that could impact:

    • Telecommunications
    • Office
    • Public transportation
    • Utilities

These were just some of the highlights from the best practices guide. You can download the complete guide from the SEC/FINRA/CFTC here.

Every company is organized differently, and therefore, each organization’s BCP and DR plans will vary. These best practices, however, will serve as a guide for firms reevaluating or updating their plans. Be thoughtful in choosing strategies that will ensure your business can stay operational in the event of any type of disaster.

Download: Guide to BCP and DR Planning

]]>
<![CDATA[If I Were a Cloud, I'd Be...]]>http://www.eci.com/blog/470-if-i-were-a-cloud-id-be.htmlThu, 10 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=470 After reading (and enjoying) one too many “you know you’re [insert age/town/job] if you’re [insert something funny]” articles, we decided to have a little fun with our favorite technology topic – the cloud (surprise!).

So, here is how I envision life as a cloud.

I wouldn’t care what I consumed because scalability would be one of my greatest traits. You might even catch me yelling, “More, more, more…”


Scalable Cloud Image

I’d never have to waste time on sleep, not even in Brooklyn. I would be available 24x7x365.


No Sleep Til Brooklyn

Thunderstorms and lightning strikes wouldn’t bother me a bit. I’d say bring it on, I’m 100% resilient and built for high availability. No scaredy cats here!


Resilent private cloud

I’d be international, supporting people around the world, and there is a good chance I might even be internationally known.


Global Cloud

My standards would be high, my practices the best and my secrets would be locked up tight. There would be no getting past my security team.



And in case you are curious what flavor of cloud I would be, I’d be an Eze Private Cloud (of course)!

]]>
<![CDATA[What is Hypervisor-based Replication? (We know!)]]>http://www.eci.com/blog/469-what-is-hypervisor-based-replication-we-know.htmlTue, 08 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=469 Are you like one of the millions of people pondering the answer to ‘what is hypervisor-based replication and how will it change my disaster recovery approach’? I know I was.

So, let me help you with that!

Our technology experts here at Eze Castle Integration spent some time in the lab testing and evaluating hypervisor-based replication and recently incorporated it into our Eze Disaster Recovery 2.0 offering. We think it delivers excellent benefits, but let’s start with the basics.

What is hypervisor-based replication?

TechTarget defines hypervisor-based replication as “a technology that automatically creates and maintains replicas of virtual hard disks or entire virtual machines (depending on the platform that is being used).” Analyst firm IDC goes on to say that this replication approach “protects virtual machines (VMs) at the virtual machine disk format file level rather than at the LUN or storage volume level, thus replication can be done without the management and TCO challenges associated with array-based replication.”

Here is a diagram of how it works in our Eze DR solution, which uses Zerto hypervisor-based replication technology.

Eze Disaster Recovery with Hypervisor Replication

How does it compare with other software-based replication?

Before answering that question let’s quickly review the other replication category segments. Following are IDC’s definitions:

  • Host replication software typically resides at the file system or logical volume level within the operating system and makes a point-in-time copy or snapshot of a data set to disk used for disaster recovery (DR), testing, application development, or reporting.

  • Fabric and appliance-based replication software makes use of intelligent switches and heterogeneous array products to provide block-level replication within the SAN. The intelligent switches have technologies that perform the volume management and replication process and eliminate the overhead on the host while providing any-to-any replication.

  • Array-based replication software makes a block-based point-in-time block copy or snapshot of storage to disk used for disaster recovery, testing, application development, reporting, and other uses.

Okay, but what’s the difference?

According to Zerto, “before virtualization, replication was managed at the storage layer, which made perfect sense because that’s where the information was…but in a virtual environment, the boxes aren’t (or aren’t all) physical, so putting a physical sensor on a virtual box isn’t going to help you protect its contents.”

Hypervisor-based replication moves replication up into the virtualization/hypervisor layer – above the resources abstraction layer. The benefits of this approach, according to Analyst George Crump, can include:

  • Being VM aware, which can simplify storage setup and minimize storage requirements at a DR site

  • Gaining a hardware-neutral solution

  • Reducing DR-related costs

  • Delivering flexiblity

Who are the players?

Well you’ve heard me mention one already – Zerto. Analyst firm IDC identifies Zerto as “the first to launch a hypervisor-based replication approach in June 2011. VMware followed suit in August 2011, with its vSphere SRM 5.0 data replication feature.” Given the potential of this technology we expect to see more firms targeting this space.

Disaster recovery planning for hedge funds

Sources:

]]>
<![CDATA[Software Spotlight: Five Questions with Ledgex Director Brian Macallister]]>http://www.eci.com/blog/468-software-spotlight-five-questions-with-ledgex-director-brian-macallister.htmlThu, 03 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=468 We are happy to announce that our friends over at Ledgex have just launched their new website. In light of their recent achievement, I sat down with their Managing Director Brian Macallister to pick his brain on who Ledgex is and where he sees the company going in the future. Brian is the chief architect and product visionary of the Ledgex platform and is responsible for leading the company’s engineering, support and client service teams.Brian Macallister, Managing Director at Ledgex

Q: It has been a while since we covered Ledgex on Hedge IT. Four readers not familiar with Ledgex, can you give us your elevator pitch?

A: Ledgex provides a portfolio management system for managers who invest with multi-firms. It delivers key functionality that supports portfolio management, investor relations and manager research for firms that invest with other managers. Through a series of intensive processes we make our clients’ data repeatable to improve integrity, increase efficiency, and reduce error. We have produced a unique enterprise reporting platform and process management system tailor-made for the financial industry.

Q: Who are the primary users of Ledgex?

A: Our primary users are within the portfolio management teams of firms such as fund of funds, endowments and pensions. Ledgex has capabilities that are ideal for a variety of end users: liquidity management and portfolio modeling for portfolio managers, manager research, due diligence and document management for analysts, client communication and reporting for client service teams, and trade workflow for operations and back-office teams.

Q: What pain points does Ledgex solve? Historically, what have firms done to address these pain points?

A: Ledgex addresses numerous pain points across a firm’s portfolio management team. Firms historically were forced to work off of old data, but Ledgex has created a system that supports real-time information, greatly improving data integrity. Ledgex removes the need for data shadow systems and retains data accuracy by gaining increased transparency reporting on the investments fund of funds have exposure to.

With Ledgex, analysts can create a centralized repository for data management, enabling ease of access and sharing of information. Users can quickly generate reports and respond to client requests, as well as manage communications for all investor-facing activities. Ledgex also streamlines trade acitivty and balances by automating a previously manual workflow.

Historically all of these pain points were addressed individually, reducing efficiencies and accuracy and requiring a significant time commitment.

Q: What do the results and return on investment look like for a company that implements Ledgex?Ledgex

A: Companies will see accurate and transparent investment management with Ledgex. They will also see repeatable reports that match each investor’s specific preferences and allow firms to reallocate client service resources to be more productive and efficient, while improving the integrity of data. With Ledgex, you know what you own and where you want to invest – this is paramount in the fund of fund industry. Ledgex allows firms to replace existing systems that are proprietarily built, supported and maintained, which can translate into cost-savings.

Investors will see improved processes and highly efficient and accurate reports that reflect the quality of the fund of fund. Investors now want to see firms that are invested in new technology, ensuring their information is up-to date. The Ledgex system solves this. It easily removes duplicate entry and manual processes. Too often the same information is entered in multiple times in different systems by different groups. Ledgex solves this by delivering a centralized system that shares information across key portfolio management functional areas.

Q: What can our readers expect to see from Ledgex in the coming months?

A: We are continuing to add some exciting features and expand across the firm, from manager research and analytics to cash projects and estimated investor balances. We are also expanding our sales team as well as opening an office presence in New York City.

We are also very excited about launching our new website. It was an extensive process, and we are enthused to see it up and running.

Be sure to head over to www.ledgex.com to check out their brand new website!

]]>
<![CDATA[Diary of a Happy Cloud User: Cloud Survey Results Part 2]]>http://www.eci.com/blog/467-diary-of-a-happy-cloud-user-cloud-survey-results-part-2.htmlTue, 01 Oct 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=467 Welcome back to Hedge IT! Now that you’ve read Part I of our Cloud Survey Findings recap, let’s take a look at some of the other results we found.

Cloud Users = Satisfied

One of the most interesting findings our 2013 survey revealed was the level of satisfaction investment firms have with their current cloud deployments. Over 90 percent of respondents indicated their clouds (whether public, private or hybrid) were meeting or exceeding expectations in each of the following areas:Satisfaction Levels of Current Cloud Users

  • Reducing IT costs

  • Improving users’ IT experience

  • Simplifying management of IT

  • Allowing firms to reallocate resources to more valuable activities

  • IT performance, scalability and resiliency

  • Providing a high return on investment

Private cloud users appear to be the most satisfied with their cloud services. When asked how their cloud services reduced their IT costs, nearly all (98%) private cloud users said their cloud model was effective in this regard. In contrast, only 83 percent of firms using the public cloud felt the same.

One benefit many firms see from the use of cloud services is the ability to reallocate internal resources to more valuable activities. For example, if outsourcing cloud services to a third-party provider, a firm’s internal IT department no longer needs to focus on the day-to-day management and maintenance of the cloud – thereby allowing those employees to focus on higher-value areas of the business such as meeting regulatory and compliance requirements and improving security practices across the firm. Eighty-nine percent (89%) of overall cloud users believe the cloud is currently meeting or exceeding their expectations in this area, but once again, there are some discrepancies between cloud types. While 39 percent of hybrid cloud users say their cloud type exceeds expectations in this area, only 22 percent of private cloud users feel the same.

Cloud Forecasting Looks PositiveReport: Cloud Usage in the Investment Industry

Given their overall happiness in the cloud, it shouldn’t come as a surprise that many hedge funds and investment firms we surveyed are planning to maintain the same cloud usage levels or increase them in the near future. For example, within the next year, 41 percent of firms expect their use of private cloud services to increase. Thirty-nine percent of firms expect to use the hybrid cloud more; only 28 percent will increase their use of public cloud services.

Many firms (37%) also reported their budgets for cloud projects had increased in 2013 compared to 2012. The majority (52%) indicated their budgets had remained the same year over year.

Benefits Gained from Cloud Usage

The cloud continues to entice hedge funds and investment firms of all types and asset classes, and based on our survey findings, most users are happy with their current technology deployments. The benefits firms gain from cloud services continue to impress. Our survey found that firms expect to realize the following outcomes from the cloud:

  • Improved data management ability (60%)

  • Improved ability to manage applications (55%)

  • Improved resource utilization (54%)

  • Improved disaster recovery/business continuity (52%)

  • Simplification of the infrastructure (51%)

  • Cost savings/lower total cost of ownership (48%)

  • Improved application service levels or IT responsiveness (47%)

  • Lower support costs (46%)

  • Improved scalability/flexibility (46%)

  • Increased agility in bringing in new business applications (45%)

To hear more about our 2013 Cloud Usage Survey Results, watch our 30-minute webcast. You can also download the full report of survey findings here.

]]>
<![CDATA[Most Investment Firms Are In the Private Cloud. Is Your Firm?]]>http://www.eci.com/blog/466-most-investment-firms-are-in-the-private-cloud-is-your-firm.htmlThu, 26 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=466 Earlier this week, we announced the findings of our 2013 market survey: Examining Cloud Usage within the Investment Management Industry. If you haven’t already, check out our infographic here.

If you’re not up for reading the full report yet, here’s Part I of our Cloud Survey Recap. Be sure to come back next Tuesday for Part II!2013 Cloud Deployment Models

As a follow up to our 2012 Cloud Adoption Trends Survey, we wanted to take a closer look at how and why hedge funds and investment firms are leveraging cloud services in today’s marketplace. Working again with IDG Research, we surveyed 101 investment firms across the U.S. about their current and planned cloud usage.

Firms covered a wide range of asset bases: 38 percent reported less than $100M; 20 percent fell between $100 and $499.99M; 19 percent between $500M and $999.99M; and 20 percent said they had more than $1B.

You might recall that last year, our survey found that 8 out of 10 investment firms were using or planning to use the cloud. In 2013, that number has increased, and we found that 87% of firms are currently leveraging cloud services for some or all of their business needs. More than 6 in 10 firms are using the cloud for basic business/office functionality including email, file services, and storage solutions. Other key uses of the cloud include financial application hosting and complete IT outsourcing. About a quarter of firms (24%) also said they were using the cloud in other ways, which may indicate increased usage of SaaS applications or cloud-based disaster recovery solutions.

The move to the private cloud continues to be the dominant journey for hedge funds and investment firms, as 74 percent of firms said they are currently using a private cloud solution either exclusively or as part of a hybrid deployment. When asked why they selected their particular deployment method (public, private or hybrid), those who went with the private cloud cited security as the primary factor. One firm said:Security: Cloud vs. On-Premise

“Security is the number one driving factor above everything else.”

Speaking of security, it appears firms have come a long way in feeling comfortable about their data and applications in a cloud environment. According to our survey results, investment firms overwhelmingly believe that private cloud deployments are more secure (60%) or just as secure (33%) as an on-premise technology infrastructure. Firms are less confident in the public cloud, however; 61 percent said it was less secure than an on-premise environment.
We also asked respondents to indicate the top business requirements driving their move to the cloud. Top results included:

  • Easy access to applications and simplified application management

  • Greater control and predictability of IT costs and budgeting

  • Reduced complexity and management of IT

  • Improved disaster recovery and business continuity

Interested in reading more about what your peers had to say? Download our full survey report here. And don’t forget to come back to Hedge IT on Tuesday for Part II of our findings recap!

Cloud Survey 2013

]]>
<![CDATA[Cloud Survey Sneak Peek: 2013 Results (Infographic)]]>http://www.eci.com/blog/465-cloud-survey-sneak-peek-2013-results-infographic.htmlTue, 24 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=465 Psssst.

Do you want the inside scoop on how and why your investment firm peers are using the cloud? We're in the know.

Check out our infographic below for a sneak peek at the results of our 2013 survey: Examining Cloud Usage within the Investment Management Industry. Next week, we'll share a more detailed recap of the findings. If, of course, you can't bear to wait until next week, you can download our full survey report here.

Enjoy peeking!

Survey: Cloud Usage in the Investment Industry

]]>
<![CDATA[Hedge Fund Case Studies: Why The Cloud Made Sense for Two Firms]]>http://www.eci.com/blog/463-hedge-fund-case-studies-why-the-cloud-made-sense-for-two-firms.htmlTue, 17 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=463 Last week, Mary Beth Hamilton and Steve Schoener hosted a webinar to discuss hedge funds moving to the cloud and the experience and benefits that they receive as a result. During this discussion, they highlighted two client case studies to provide examples of various scenarios that drive firms to use cloud services.

Case Study #1: OMS Says Hello to the Cloud

The first client we discussed was a growing hedge fund based out of Chicago with about 15 employees and $300 million in assets under management. The firms’ goal was to identify what areas of their technology systems needed improvement. After thorough evaluation, the firm decided they didn’t want to deal with the burden of controlling their own infrastructure and servers and needed the flexibility and resiliency to allow many employees to work remotely.

This fund ultimately decided to leverage the Eze Private Cloud because of its resilient and robust infrastructure, application hosting services, scalability and 24x7x365 support.

Here’s a brief synopsis of the conversation Mary Beth and Steve had about this case study:

MH: What is the migration process like when moving an order management system to the cloud? Will the user experience be the same?

SS: The migration to the cloud is not bad – very similar to updating or upgrading your system. There will always be a bit of a change for end users, but hopefully by putting in something new or upgrading, you’re adding more functionality. As for moving to the cloud, we are actually able to make it less risky than doing an upgrade to the office. For example, we are able to set up a new system, import the data, provide the application over Citrix, and confirm that everyone is on the same page. We can then pick a cut-over date for a data refresh.

MH: How is application performance effective when running out of the cloud as opposed to on-premise?

SS: It’s very much the same technology we are running in firm’s offices – a storage area network (SAN), Dell servers, VMware virtualization. A firms’ technology performs as well as the performance we give it, both in someone’s office and in the cloud. In the cloud, if requirements change, we have infinite capacity to add more performance behind the scenes, and it’s an OpEx cost, not a huge hardware refresh.

Case Study #2: Goodbye On-Prem, Hello Cloud

The second case study we featured is an established New York City investment firm with around $3 billion in assets and 30 employees. There were two primary reasons they opted to move to the cloud. First, it was time to refresh their network technology. Secondly, they were unhappy with their existing IT provider. The firm recognized the benefits that a move to the cloud could deliver, and Eze worked closely with them to design a cloud-based solution that would address all their infrastructure and application requirements.

MH: How did moving to the cloud impact this firm’s disaster recovery?

SS: Firms have been running DR in the cloud for a long time. What’s interesting is replicating an environment from a primary office to the cloud. When you look at running both production and DR out of cloud data centers, it oftentimes is only a minimal cost increase to solely running DR in the cloud. In our case, we control the hardware infrastructure 100 percent and the data center management, and firms are often surprised when it is only a 30 percent increase to add production services to the cloud on top of disaster recovery.

These two particular case studies demonstrate how moving to the cloud can provide a better and more flexible technology solution for hedge funds. With the cloud, firms can say goodbye to comm. rooms, physical hardware, extraneous costs and a higher chance of failover to DR. Click here for a full audio version of Mary Beth and Steve’s conversation.

To speak to an Eze Castle Integration cloud expert, contact us today.

Contact an Eze Castle representative today

]]>
<![CDATA[Is Bigger Always Better? Advice for Hedge Funds Named David]]>http://www.eci.com/blog/462-is-bigger-always-better-advice-for-hedge-funds-named-david.htmlThu, 12 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=462 Like David bravely dueling with the larger Goliath, small and mid-sized investment firms are often faced with insurmountable odds when competing against larger (and better endowed) funds. With more experience and more assets, larger firms have the advantage when it comes to soliciting investor allocations. But do these inherent shortcomings equal certain failure? If David can emerge victorious, can’t smaller hedge funds?

Earlier this week, we gathered a panel of experts in San Francisco to discuss this topic at length. Following is a brief synopsis of the topics they covered.

In 2012, more than 90 percent of hedge fund allocations went to fund managers with over $1bn in assets. Interestingly enough, certain studies have shown that smaller funds actually provide better returns, despite their limited assets. An ICL study, for example, examined returns over a 16-year period (1994 to 2010) and found that excess return decreased as firm size grew (9.89% for firms with $10mm AUM or less; 5.45% for firms with greater than $1bn).David vs. Goliath

Despite performing well, smaller funds continue to require creative solutions to compete in the investment marketplace. Operational infrastructure is a critical component of any successful investment firm, and in many cases, can provide added value to small firms and help put them on par with larger funds. There are a variety of areas where small-to-mid-sized funds can look to leverage service providers and other creative outsourcing solutions to boost operations and appeal to investors.

Real Estate: Leasing commercial real estate space may not make the most sense for a firm with limited staff and budget. Firms should consider a hedge fund hotel or incubator space, whereby they may be able to leverage other services (e.g. administrative, technology, etc.). Avoiding real estate hotspots, so to speak, may also be worthwhile. For New Yorkers, a Chelsea or Tribeca office may reap greater benefits than a Midtown or Downtown location.

Technology: The reality is, smaller investment firms cannot afford to skimp on technology. Luckily, cloud services and other solutions can dramatically alter a fund’s budgeting, particularly when it comes to upfront capital expenditures. Investors are also keen to see firms leveraging third-party cloud solutions, rather than hosting their own IT equipment in-house and putting the firm’s critical data at risk for a disaster.

Accounting/Middle & Back Office Administration: Firms should carefully determine what types of middle and back office services they require and where they might be able to get creative. Can an outsourced administrator assist with accounting? These are often areas where outsourcing makes the most sense and firms can save on personnel costs while leveraging the expertise of third-party vendors. Compliance and human resources can also fall into this category.

Even with solid performance and operational infrastructure, it is still challenging for smaller investment firms to compete with their larger counterparts. A few possible advantages to remember for the Davids out there:

Smaller funds tend to deliver more alpha.

A smaller fund can access thinner markets than larger firms.

Many investors value a higher-touch service and more personal communications afforded by smaller firms.

Special thanks to our esteemed panelists for sharing their expertise this week in San Francisco!

  • Jason Gerlach, Managing Partner, Sunrise Capital Partners

  • Ted Bruenner, Portfolio Manager, Cypress Point Solutions

  • Joseph Doncheski, Chief Operating Officer, Kayak Investment Partners

  • Ed Tedeschi, Principal, Rothstein Kass

  • Mike Hartig, Director, Eze Castle Integration

Guide to cloud computing in hedge fund industry













Photo Credit: Deviant Art

]]>
<![CDATA[The Latest from Apple: 5C, 5S and iOS 7]]>http://www.eci.com/blog/461-the-latest-from-apple-5c-5s-and-ios-7.htmlTue, 10 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=461 In traditional fashion, Apple conducted their latest smartphone release event today at their headquarters in California. This year’s hot topics were the company’s two new product models: iPhone 5C and iPhone 5S, as well as the new iOs7 software update. If you missed the announcement, here’s a quick recap:

Software Updates

  • iOs7 will be officially released on September 18. The new software has a beautiful, feature-rich design. One of the key feature changes is the restructuring of the camera roll. iOS7 now groups all of your photos into different moments (legible thumbnails), based on time period, similar to iPhoto. There are also additional photo effects that can be applied during or after shooting.

  • Siri has also vastly improved. Her new voice command capabilities allow for the search and pull of information directly from both Wikipedia and Twitter. iPhone 5S

  • iOs7 will also feature iTunes radio (a competing service to those like Pandora and Spotify) a revamped notifications center and a variety of new sound effects. The new software update supposedly gives a totally new feel to the iPhone.

iPhone 5S

Set to be released on September 20, the 5S is an incremental update to the iPhone 5, similar to previous ‘S’ updates. It comes in three new colors: champagne, silver and graphite. It’s most impressive feature is a fingerprint sensor for increased security and convenience. The sensor is made from laser-cut sapphire crystal and is built into the home button, providing 360 degrees of readability. In addition to unlocking the home screen, the sensor can also authenticate App Store purchases, negating the annoyance of having to enter long and complicated passcodes on multiple occasions.

The 5S is powered by a new A7 chip. Phil Schiller, Apple’s Senior VP of Marketing, calls it the first 64-bit smartphone chip on the market. It is supposedly twice as fast as other processors withgraphics dramatically faster than those of its competitors. They also installed a M7 chip which acts as a motion co-processor, enabling a new line of health and fitness apps – a move that signifies the potential for an iWatch in the near future.

There is also an upgrade to the camera; megapixels were not clearly defined, but there is a new image censoring system and a dual-LED flash. This new high-end model will sell for $199 for the 16GB, $299 for 32GB, and $399 for 64GB (with a wireless contract).

iPhone 5CiPhone 5C

The iPhone 5C is Apple’s new “beautifully plastic” phone. It is significantly cheaper in price -$99 (with a contract) for a 16GB model. Apple is trying to break into new economic brackets with this model, as well as appeal to emerging markets such as Brazil, Russia, India and China. The 5C comes in five different shades, including white, pink, blue, green, red and yellow. The iPhone 5C is very similar to the current iPhone 5, including dual-core CPU, 4-inch retina display and a 8-megapixel camera. An exciting upgrade: the battery life is projected to be better than the iPhone 5.

Today’s information release proved to be fairly standard and in tune with Apple’s steady progression. With Samsung making leaps and bounds in the past calendar year, Apple needs to deliver with these recent updates in order to stay in control of the market. The iPhone was revolutionary when it initially came out, but rival products continue to come out at better prices and with newer features. Apple needs to keep up with their creative regimen in order to stay on top of the innovation pile.

The pressure is on.

]]>
<![CDATA[From the Comm. Room to the Cloud: Webinar Recap & Replay]]>http://www.eci.com/blog/460-from-the-comm-room-to-the-cloud-webinar-recap--replay.htmlThu, 05 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=460 While it’s not the sexiest aspect of a hedge fund’s operations, a firm’s technology infrastructure is critical to its success. But a major consideration lies in choosing what type of infrastructure to use, and accordingly, where to host it.

Earlier today, we picked the brain of our Vice President of Client Technology, Steve Schoener, and asked him to share his expertise on the key drivers for firms migrating to the cloud. He also shared two examples of clients who’ve successfully transitioned to the cloud for various reasons. Below is a short recap of Steve’s presentation.

Would you rather watch the full replay? Scroll down or click here.

The Right Time to Think About the Cloud

We find that there are typically three points in time when it makes sense for an investment firm to think about moving to the cloud.

Office Relocation
If you’ve outgrown your office space or need to relocate for any reason, it may be a good time to evaluate your infrastructure. Firms can save money by eliminating the need to build out a new Comm. Room in a new office, as the price of real estate, power, cooling and other resources can be quite expensive to incur. Plus, think about how easy the moving process will be without having to worry about moving your complete infrastructure. There is inherently less work and less risk involved in moving to the cloud during this time of relocating offices.

Hardware Refresh
There comes a time when your firm’s hardware will reach the end of its lifecycle, and it will be time to make a significant investment in new technology. Similar to relocating offices, the idea of transitioning from in-house hardware to the cloud offers promising results and less upfront expenses. The migration process is mostly painless and similar to upgrading to new hardware on an on-premise solution.Inquiring Minds Want to Know

Adding a New Application
Your firm may also decide to reevaluate its infrastructure options when the time comes to add a new application to its suite. For example, adding an order management system, with the cloud, can take merely hours, and firms are no longer tasked with unpredictable costs as a result. In most cases, adding a new application to the cloud is non-disruptive and does not affect the user experience.

Inquiring Minds Want to Know

Here are Steve’s answers (paraphrased, of course) to some commonly asked questions we see from our clients about the cloud:

  • What are my peers doing? Nearly everyone is moving to the cloud; we’re seeing almost all new business clients choose a cloud solution, and many existing firms are migrating over as a result of many of the circumstances mentioned above.

  • What will investors think? While investors were previously skeptical of the cloud and asked endless questions during due diligence requests, nowadays investors are extremely comfortable with cloud solutions and are oftentimes asking firms why they AREN’T in the cloud. Not to mention, in a post-Sandy world, investors do not want to see firms with infrastructures located on-site.

  • What are the cost differences between the cloud and on-premise solutions? In many cases, the long term costs between the two solutions will not vary dramatically. The real savings from the cloud are realized upfront, as firms do not have to commit to capital expenditures of day one and, instead, utilize predictable, ongoing cost models.

  • What about security in the cloud? In my opinion, the cloud is more secure than many technology infrastructures managed in-house by investment firms. Eze Castle invests significantly in our cloud in an effort to make it the most secure environment for our clients.

Client Case Studies

We examined two client scenarios whereby firms made the move to the cloud for different reasons. Watch the replay below and listen to what Steve had to say about each of these circumstances and why it made sense for these clients to choose the cloud over an on-premise solution. (Jump to 17:32 for our first case study).

Contact an Eze Castle representative

Photo Credit: iStock

]]>
<![CDATA[National Preparedness Month: The Why, How & What]]>http://www.eci.com/blog/459-national-preparedness-month-the-why-how--what.htmlTue, 03 Sep 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=459 Would you be ready if there were an emergency today? Would your employees know what to do? September is National Preparedness Month (NPM) which is sponsored by the Department of Homeland Security and FEMA’s The Ready Campaign in an effort to increase awareness for individuals, businesses, families and communities. NPM aims to encourage the public to make preparedness a part of their daily lives and stresses the importance of being ready for the unknown.

Why should you focus on being prepared?

By teaching your employees why to prepare, your firm will not only demonstrate its importance, but employees will also maintain this knowledge and expertise that will help keep the business operational. Preparation can mean the difference between a successful and failed recovery, both personally and professionally. Educating your employees on what they’ll need at home, where to go, who to contact, etc. will equip them with the right information they’ll require at the time of an incident. With the proper information readily available, employees can focus on helping resume business operations more quickly. Preparedness Month - September 2013

How do you prepare your employees?

Preparing your employees begins with training geared towards how to respond to an incident. Training is typically more helpful if conducted multiple times, various ways and with additional variables involved in the program. There are a number of ways you can begin preparing your employees. Following are some of the techniques we recommend:

  • Employee training exercises – A great starting point for any awareness program. This employee training should focus on where to go, who to contact and what to do at the time of an incident.

  • Tabletop exercises – Typically includes key members of the firm who are responsible for ensuring their employees are accounted for, safe and able to continue business operations. Tabletop exercises take these members through an imitation real-life scenario and focus on how to recover.

  • Posters – Typically high-level information posted throughout the firm’s high-traffic areas to increase awareness.

  • Checklists – These can be lists on crucial items to have on-hand, key contacts, local hotels, etc. These checklists are typically provided for employees to fill out and keep with them for a time of need.

  • Guides on Personal Preparation – This includes key information assisting employees on how to prepare, respond and recover on a personal level.

What should be included in your awareness program?

It’s important for your firm’s awareness program to first define who in the company will be the leaders of the incident response. These leaders will be the main points of contact Preparedness Month - September 2013for employees throughout the response process. Other key information to include in the firm’s awareness program is where employees will go and how they will access the firm’s network. Not only should employees have this information readily available to them, but the awareness program ought to also include high-level material such as the items below:

  • An assembled emergency kit – For the office and suggestions for employees’ homes

  • An emergency plan – For the firm, your employees’ families and/or homes

  • Staying informed – Identifying what information is available to the firm and the employees

  • Getting involved – Having employees test remotely, knowing what resources are available at the time of an incident, etc.

Through various training exercises over time, your employees will begin to understand the importance of being prepared for the unknown. Equipping your employees with the right information both personally and professionally will give them peace of mind that they’re ready and can handle anything that comes their way. Once they know what to do, where to go, and have the vital resources to assist in recovering, your employees will be able to return their focus to business operations easily and quickly.

Eze DR/BCP Guidebook for Hedge Funds

]]>
<![CDATA[What to Look for at the Hedge Funds World Asia Conference]]>http://www.eci.com/blog/458-what-to-look-for-at-the-hedge-funds-world-asia-conference.htmlThu, 29 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=458 Next week, from Wednesday 4th – Thursday 5th September, Eze Castle Integration will be participating at Asia’s most established & strategic hedge fund gathering - the 2013 Hedge Funds World Asia Conference at the Harbour Grand Hotel in Hong Kong. Eze Castle’s representatives will be in attendance for both days to tech talk and answer any questions, so stop by our booth and say hello!

Hedge Funds World Asia is now running in its 16th year, bringing together Asia’s leading family offices, pension funds, sovereign wealth funds and private banks with the world’s leading hedge funds, fund of funds and asset managers for two days of discussion and debate designed to formulate solutions to the key challenges affecting the Asian alternative investment industry.

In preparation for the conference, I have reviewed the agenda and selected a few topics that will interest our readers.

Due diligence

The 2008/2009 financial crisis prompted stricter regulations on the financial services industry and significant changes in the way investors evaluate investment managers in an effort to increase transparency.

Operational due diligence has become a hot topic amongst the alternative investment industry. Investor’s due diligence requirements now focus heavily on increased transparency, robustness of infrastructure and quality of service providers. Most common questions you can expect to see in a due diligence questionnaire are around a service provider’s organisation, annual assessments and audits, and access control. Network and physical security policies, disaster recovery, and backup procedures are also critical areas of focus.

Outsourcing

Hedge funds are more welcoming to the idea of outsourcing their technology needs to expand their offerings and enhance productivity in today’s climate.

There are many important factors for hedge fund managers to consider when evaluating a service provider. These range from the breath of solutions, depth & quality of staff, experience in development, project management experience, hosted/private cloud infrastructure options, disaster recovery policies & procedures, and vendor relationships.

Download our guide to technology outsourcing, which outlines:Eze Outsourcing Guidebook for Hedge Funds

  • Laying the foundation of an outsourcing plan

  • Cloud computing

  • Hosted IT environments and managed services

  • Colocation

  • Outsourcing FIX connectivity

  • Outsourced staffing options

  • Pricing models

Implications of recent global regulatory developments for the Asian fund manager

The rapidly evolving world of global regulations continues to present many challenges for the financial services industry, and Asia is not immune to global regulatory developments. Further regulatory changes to enhance investor protection may be inevitable, albeit with different priorities.

Check out some of our recent articles on global regulation:

And don't forget to stop by our booth at Hedge Funds World Asia for some tech talk and a chance to win an iPad mini!

To learn more about the conference, visit: http://www.terrapinn.com/2013/hedge-funds-world-asia/index.stm

]]>
<![CDATA[The Good, Bad and Ugly of the Nasdaq Outage]]>http://www.eci.com/blog/457-the-good-bad-and-ugly-of-the-nasdaq-outage.htmlTue, 27 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=457 The three-hour outage on the Nasdaq last Thursday has us channeling Clint Eastwood as we look at the Good, the Bad and the Ugly of the outage. As a refresher, the Nasdaq exchange halted trading shortly past noon ET after it became aware of a problem disseminating price quotes.

With a few days to hone our 20/20 hindsight glasses, here is my take.

Nasdaq outageThe Good (We use the term “good” pretty loosely.)

  • The Nasdaq shutdown appeared to occur in an orderly manner and didn’t disrupt other parts of the stock market.
  • Timing was “good” as it happened during the summer on a relatively quiet day and certainly didn’t have the same impact as the Flash Crash of 2010, which also happened on a Thursday.
  • Technical issues were resolved in the first 30 minutes of the shutdown according to Nasdaq and the remaining time was used to coordinate with other key stakeholders (i.e. exchanges, regulators, etc) for an orderly re-opening 35 minutes before the market close.

The Bad (This category is pretty self-explanatory. Nobody likes downtime!)

  • Trading came to a halt for three hours and as a result about 3,200 Nasdaq-listed stocks were paralyzed.

  • The shutdown was sudden, unexpected and certainly made investors nervous.

  • Some Nasdaq officials are sourced as saying “their technicians should have been able to manage the problems and avoid the halt,” which isn’t exactly a vote of confidence that this won’t happen again. That said, exchanges as well as regulators are taking this very seriously.

The Ugly (What are the aftershocks from the outage?)

  • The heat is on. The Nasdaq outage places more pressure on the exchange and others to ensure something of this nature doesn’t happen again.

  • Some say if glitches continue it could “undermine confidence at a time when U.S. stock indexes are near records but many investors are anxious about asset prices.”

  • Finger-pointing between Nasdaq and NYSE has begun as the SEC asks both sides for a recount of events leading up to the shutdown. The role in the outage of NYSE's electronic stock market, Arca, is at the heart of the disagreement as the halt was proceded by connectivity problems between Arca and Nasdaq’s Securities Information Processor (SIP).

  • On September 12, SEC Chair Mary Jo White will meet with the heads of Nasdaq and NYSE to discuss the outage. Sources say part of the meeting will cover the resiliency of Nasdaq’s SIP, which is used to consolidate and distribute stock prices.

We'll certainly be tuning into the September 12 meeting. Will you?



Source: WSJ, Nasdaq in Fresh Market Failure

]]>
<![CDATA[Giving Back: Eze Castle Philanthropy Goes 'Back to School']]>http://www.eci.com/blog/456-giving-back-eze-castle-philanthropy-goes-back-to-school.htmlThu, 22 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=456 Every once in a while, it’s important for us to talk about issues bigger than technology. At Eze Castle Integration, we make a conscious effort to stay philanthropic and keep the larger community in our minds and hearts.

As you know, we are global sponsors of Help for Children (formerly Hedge Funds Care) and regularly participate in their fundraising efforts both in the United States and abroad. Our Managing Director of Service, Vinod Paul, even sits on HFC’s Global Board of Directors and is involved in planning and organizing efforts to raise money for children affected by child abuse.

Each February, we hold a ‘Like for Life’ campaign through our Facebook page, and for every new like we receive, we donate $1 to a charitable organization. In 2012, we supported The Alliance for a Healthier Generation, a foundation recognized by the 100 Women in Hedge Funds annual philanthropy conference in Boston.Back to School Backpack Drive

This summer, we are proud to say we’ve organized our 4th Annual Back to School Backpack Drive in our Boston office and are collecting school supplies to support School on Wheels of Massachusetts, a nonprofit dedicated to improving the lives of children living in homeless shelters.

This year, we’ve even extended our Backpack Drive efforts to other US offices and will be supporting the following organizations:

  • Stamford, CT: Southern New England Salvation Army

  • Chicago, IL: SOS Children’s Village IL

  • New York, NY: Volunteers of America

  • San Francisco, CA: United Way of the Bay Area

Beyond efforts organized directly by Eze Castle, we also encourage our employees to support their communities individually, and we are committed to matching gifts our employees make to charitable organizations. Whether it’s a backpack full of school supplies or a fundraising event sponsorship, here at Eze Castle we recognize the importance of community involvement and hope to spread that awareness and significance to other organizations and individuals.

A BIG thank you to our employees who participated in this year's Back to School Drive!

]]>
<![CDATA[Living the PC Life: Intel Study Shows Consumer 'Digital Dependence' on PCs]]>http://www.eci.com/blog/454-living-the-pc-life-intel-study-shows-consumer-digital-dependence-on-pcs.htmlThu, 15 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=454 In contrast to frequent news articles declaring that the end is near for the PC market, a new study by IDC reports that consumers still rely on PCs most of the time.

The Intel-sponsored InfoBrief surveyed nearly 4,000 U.S. adults about their computing trends and purchases and found that 97 percent of them use a PC as their primary computing device. Yet conflicting reports show that PC sales are declining at rapid rates, and tablets, in particular, are eating up the market share. Lenovo reported this week that their tablet and smartphone sales outnumbered PC sales in the first fiscal quarter – a quarter in which all of the top five PC vendors saw a decline in shipments.

But Intel’s report maintains that PCs are necessary, particularly for consumers, and especially when it comes to maximizing productivity. Tablets and smartphones, it suggests, are not designed to enable users to be productive, which may explain why respondents indicated they spend 50 percent of their digital device time on a PC (compared to 31% on a smartphone and 20% on a tablet).

Intel Digital Dependence on PCs

From a business and enterprise perspective, the jury is still out on whether tablets or traditional PCs and notebooks are more effective. With the ‘bring your own device’ trend gaining steam, many expect tablets to maintain an edge. But don’t forget to carefully analyze your business’ needs when determining whether PCs or tablets are the right fit. Be sure to evaluate the following factors when comparing devices:

  • Short and long-term costs

  • Integration with applications and multiple operating systems

  • Storage capacity

  • Screen size and interface (keyboard vs. touch)

Where do you stand? Are you a PC believer or a tablet convert?

]]>
<![CDATA[Welcome MixBit (and Eze Boston!): The newest video sharing app]]>http://www.eci.com/blog/452-welcome-mixbit-and-eze-boston-the-newest-video-sharing-app.htmlThu, 08 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=452 Every once and a while we like to deviate from our business technology and operations articles to look at a new technology that has applicability to consumers as well as businesses. Today we look at the newly released MixBit, which in all honesty, is more applicable to consumers at this point.

MixBit was created by the founders of YouTube and just released today for iOS. MixBit fills the void (if you can call it that) between Vine and Instagram Video. With Vine videos can only be 6-seconds and with Instagram they can be 15-seconds.

MixBit not only takes the bold step of increasing the size to 16-seconds but also makes blending multiple clips together easy so videos can be longer.

Aside from the 1 second advantage, MixBit is unique in its ability to let users remix video clips with others they find on the site.

To see what MixBit can do, I created this 16 second “tour” of our Boston office. Nothing fancy, but certainly user-friendly.


Will you be giving MixBit a test drive?


]]>
<![CDATA[Why a Disaster Recovery Activation is So Much More Than a “Test”]]>http://www.eci.com/blog/451-why-a-disaster-recovery-activation-is-so-much-more-than-a-test.htmlTue, 06 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=451 As you know, we encourage our clients to regularly test their disaster recovery systems (at least twice a year!). But believe it or not, there is actually an even better preparation for a DR situation - a planned activation.

In recent years, Eze Castle has seen a large increase in requests for planned activations amoungst our hedge fund clients. Why? A few notable reasons include:

  • Compliance purposes

  • Investor due diligence requests

  • A desire for more comprehensive scenario-testing

“But isn’t a planned activation the same thing as a DR test?”

I thought you might ask that! Believe it or not, they are two very different scenarios. Here’s the basic difference:

  • Planned Activation: The DR site is actually active and in use, and replication back to the production site is required.

  • Test: The DR site is only being accessed and tested, and any changes made during the DR test are overwritten when replication is restarted.

Below are a few other distinctions between DR activations and DR tests.

Disaster Recovery: Activations vs. Tests

With a planned activation, your DR provider has the luxury of time to prepare for the failover and failback, as this is not an automatic process and does not occur with ‘the flip of a switch.’ In this case, the disaster recovery team has ample time to notify internal groups and third parties, identify any risks or key areas of focus, and secure necessary service resources.

While there are a lot of cogs in the DR wheel and parties involved in making sure your DR activation runs smoothly, here is a quick snapshot of what the activation process looks like on both ends:

Failover

  1. Production services are disabled, including Exchange, SQL, Citrix, file shares, etc.Disaster Recovery Cog

  2. Replication is stopped from production to DR.

  3. Applications are brought up in the DR site.

  4. Clients work out of the DR site until test activation is completed.

Failback

  1. Replication begins from DR to production.

  2. Access to the DR site is closed.

  3. All applications and services in DR are shut down.

  4. Replication is completed between DR and production.

  5. Service is restored in production and all applications are tested and verified.

  6. Upon confirmation of restoration, replication is restarted from production to DR.

Our Eze Disaster Recovery Team works diligently with our hedge fund clients to plan activations and tests to meet the individual needs of each firm. You can learn more about our Eze DR service here.

Finally, you may also enjoy the following reference articles on hedge fund disaster recovery:

Contact an Eze Castle representative

Photo Credit: Pixabay

]]>
<![CDATA[In Business Continuity Planning, Employee Communication is Vital]]>http://www.eci.com/blog/450-in-business-continuity-planning-employee-communication-is-vital.htmlThu, 01 Aug 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=450 Remember earlier this week when we said we’d be talking more about BCP communication? Well, you know we always keep our word!

A successful business recovery requires more than the ability to access critical systems and applications. It also requires effective communication. It is vital to communicate with your employees about the procedures of your business continuity plan before, during and after an incident. By doing so, you set the wheels in motion by creating the guidelines for the firm’s recovery.

Effective communication should include, but not be limited to:

1) Accounting for employees;

2) Setting workload expectations; and

3) Providing employees with recovery status updates.

Let’s take a deeper look into those strategies.

In a disaster, account for all employeesAccounting for Your Employees
At the first sign of any major disruption, accounting for your employees should be at the top of the to-do list. At the core of every product or function within a firm are the people. And ensuring those people stay safe should be one of your company’s main concerns. Ask yourself critical questions:

  • Who isn’t in the office today?

  • Do you have emergency contact information in case you can’t get in touch with someone?

  • Were there any employees near the affected area?

A designated member of the Incident Response Team (the firm’s leaders who oversee the incident) should work with Human Recourses to track down and reach out to every employee, ensuring their safety. If employees are in an affected area, determine whether the firm will offer assistance to those in need. Accounting for employees’ safety will illustrate to employees that the priority is not only resuming business operations, but also ensuring the safety of the firm’s staff. Once employees are safe and accounted for, workload expectations should be set.

Set employee expectations during a disasterSetting Workload Expectations
Have you ever been left in the dark wondering what was happening? Leaving your employees to wonder can cause confusion about their responsibilities and next steps and ultimately lead to downtime. By reaching out to employees at the beginning stages of an incident, you are able to demonstrate the firm’s awareness and set the workload expectations for the organization as a whole.

Here are some more critical questions to ask:

  • Will staff be allowed to work from home?

  • Is it safer to keep them in the office for the time being?

  • Will you be sending employees home in waves or all at once?

Setting these expectations at the first sign of disruption will demonstrate to your employees that someone within the firm is in control of the situation and that they needn’t worry. Once these expectations are set and business operations resume, the incident response leaders should focus on providing timely updates ensuring awareness of the firm’s recovery efforts.

updated employees during a disasterProviding Recovery Status Updates
By providing recovery status updates throughout the incident, employees will calmly be able to support the recovery efforts. Depending on the severity of the incident, it should be communicated to employees that these status updates will be provided in a well-timed manner.

For instance, during Hurricane Sandy some firms set the expectation that status updates would occur every few hours. These high-level updates should include a recap of the event, what the firm knows and what response leaders are proactively doing to recover. If there are multiple offices, employees traveling, etc. those updates should be included in how they are being affected by the incident. Once the incident has been resolved, the last recovery status communication should be an incident recap.

Provide answers to the following critical questions:

  • What happened?

  • What did the firm do?

  • How did the firm react?

  • What was successful?

It is extremely important to have a communications plan outlined prior to an incident occurring. Delegating who will communicate to employees and what will be communicated is a vital piece to any business continuity plan and any firm’s successful recovery. By communicating effectively, your firm demonstrates its proactive approach to not only your employees, but external business partners as well.

About the Author: Katharine Washburn is a Business Continuity Analyst at Eze Castle Integration and regularly works with our hedge fund and alternative investment firm clients on their business continuity planning. Learn more about our Eze BCP Services HERE.

disaster recovery articles for hedge funds]]>
<![CDATA[Three Critical Steps to Business Continuity Planning Success]]>http://www.eci.com/blog/449-three-critical-steps-to-business-continuity-planning-success.htmlTue, 30 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=449 Successfully implementing your business continuity plan requires more than just ensuring your systems are operational and accessible. Success starts with your employees – those who maintain the expertise and knowledge to keep your business operational. Communicating appropriate BCP steps to your employees is essential in ensuring your business is not impacted by a disaster or disruption. But more about BCP communication on Thursday…

Following are three critical steps firms should take to find business continuity planning success:

1. Identify a specific evacuation site in the event of a disaster. Designate a safe location for employees to gather if your firm’s building is evacuated. Don’t forget to:

  • Make sure the site is ALWAYS accessible. For example, don’t choose a restaurant as your evacuation site if they don’t open until 11 a.m. or are closed on Mondays.

  • Communicate the evacuation site details to all employees, including those who work at client sites. Because not all employees will necessarily be in the office when a disaster occurs, anyone off-site or returning from a meeting should know where to report to.BCP Success

2. Designate a team of disaster leaders. Determine who will make the executive decisions when a disruption occurs. This team is often referred to as an Incident Response Team, Recovery Management Team or Business Recovery Team.

  • The goal of this team is to ensure that a group of employees in leadership roles are responsible for declaring the situation a disaster, overseeing the incident, and delegating tasks as necessary.

  • The leaders will also determine whether employees should be sent to another location to work (e.g. home, alternate office, etc.) or remain at the evacuation site in hopes that the office will reopen.

3. Provide remote office instructions for employees. If your employees can’t return to the office, but your business needs to remain operational (which, of course, it does!), then employees will either need to work from their homes or an alternate location. Managers should be clear about setting expectations for employees when they are working outside of the primary office location. Be sure to provide employees with the following critical information:

It is important to have a complete and well-detailed business continuity plan, but it’s even more essential to ensure all employees understand the plan and what their individual responsibilities and expectations are. The information we’ve outlined above can easily be printed on a wallet card or quick reference card (QRC) and distributed for employees to keep on them or at their homes.

Once it’s clear to employees what is expected of them, they will focus on ensuring their daily tasks are completed, and ultimately, this will lead to ensuring your business does not suffer additional disruptions at the hands of a disaster.

Be sure to return to Hedge IT on Thursday to learn more about the importance of communication in business continuity planning!

In the meantime, you can read up on more of our BCP resources, such as these:

Photo Credit: Seeking Alpha

]]>
<![CDATA[Training Your Employees on Information Security Awareness]]>http://www.eci.com/blog/448-training-your-employees-on-information-security-awareness.htmlThu, 25 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=448 You guessed it. It’s Security Week here on Hedge IT! Today, we’re diving into a topic that we’re passionate about – education and awareness.

We’ve told you about the types of threats that can harm a business, the steps you should take in the event of a security incident, and the policies you should create to keep your organization safe. But now it’s time to talk about training your employees to understand each of these.Security Awareness Training

A firm’s security strategy will only work if employees are properly trained on it. Therefore, the importance of providing information security awareness training cannot be understated. The goal of an awareness program is not merely to educate employees on potential security threats and what they can do to prevent them. A larger goal should be to change the culture of your organization to focus on the importance of security and get buy-in from end users to serve as an added layer of defense against security threats.

Once you have buy-in from employees, your focus can turn to ensuring they get the necessary information they need to secure your business. An effective security awareness program should include education on specific threat types, including but not limited to:

  • Malware

  • Trojans

  • Viruses

  • Social engineering

  • Phishing

Another important area to address is the importance of password construction and security. Seems minor? It’s not. Believe it or not, password cracking is remarkably easy, particularly for advanced hackers. And this ‘minor’ step that users take every day could make a significant difference in protecting your firm’s sensitive information. Read more about creating safe and original passwords here.

Training materials should also review corporate policies and clearly detail consequences for any suspicious or malicious behavior amongst employees. For your convenience, we’ve compiled a variety of information on various security policies, including:

As far as logistics are concerned, the size and scope of your organization will be a key factor in deciding whether you want to design and implement your own security awareness training or leverage the expertise of a third-party company. Be sure to weigh the pros and cons of each.

PRO to using an outside training company? Your firm saves its time and resources by allowing an experienced firm to implement the training. Materials can also be pulled together and implemented much quicker.

CON? It will likely be a standard training program and won’t necessarily be tailored to meet the unique needs of your firm.

For additional resources on developing an information security awareness program, visit the National Institute of Standards and Technology (NIST).

Hedge Fund Security Guidebook












Contact an Eze Castle representative

]]>
<![CDATA[Oracle Warns IT Security Not Protecting the Right Assets: Hedge Funds Take Notice]]>http://www.eci.com/blog/447-oracle-warns-it-security-not-protecting-the-right-assets-hedge-funds-take-notice.htmlTue, 23 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=447 man thinking about securityIt has been said that cyber security is becoming what disaster recovery was 20 years ago -- the threat is real and increasing at a notable rate, and precautions must be taken. As a result, studies abound about the potential impact of security threats on a company.

Just last week, CSO Custom Solutions Group and Oracle raised the question of whether companies are protecting the right assets. Based on a survey of 110 companies, including financial services firms, CSO and Oracle found that most IT security resources in today's enterprises are allocated to protecting network assets, even though the majority of enterprises believe a database security breach would be the greatest risk to their business.

Following are specific survey findings pulled from the report that aim to make the case that firms should focus more on protecting core systems (i.e. apps, databases) versus the network layer:

  • Nearly 66 percent of respondents said they apply an inside-out security strategy, whereas 35 percent base their strategy on end-point protection.

  • However, spending does not align, as more than 67 percent of IT security resources -- including budget and staff time -- remain allocated to protecting the network layer, and less than 23 percent of resources were allocated to protecting core systems like servers, applications and databases.

  • 44 percent believed that databases were safe because they were installed deep inside the perimeter.

  • 90 percent reporte the same or higher, level of spend compared to 12 months prior. The survey shows that 59 percent of participants plan to increase security spending in the next year.

  • In 35 percent of organizations, security spend was influenced by sensational informational sources rather than real organizational risks.

  • 40 percent of respondents believed that implementing fragmented point solutions created gaps in their security, and 42 percent believe that they have more difficulty preventing new attacks than in the past.

The study highlights the need to take a thoughtful approach to IT security and understand the changing landscape. However, companies, especially smaller ones, need to be realistic about the amount of security they can handle/afford. Eze Castle Integration helps clients tackle this consideration on a daily basis and can be a great resource.

Here are some other helpful articles:

Hedge Fund  Security Guidebook

Source: Oracle
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

]]>
<![CDATA[Ok Glass, Let's See What You Can Do]]>http://www.eci.com/blog/446-ok-glass-lets-see-what-you-can-do.htmlThu, 18 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=446 Mirror, mirror on the wall. Ok Glass, who is the fairest of them all?

Goggle GlassThis is how I envision the modern day queen in Snow White receiving her daily validation. Why? Because Google’s Glass, a wearable smartphone, has the potential to shift how we function and put us all on the path to talking to ourselves on a daily basis.

Google Glass is one example of how smartphone technology is ditching the confines of phones and moving into new form factors including glasses and watches.

Currently, about 8,000 “Explorers” are testing Glass and experiencing how beginning a sentence with “Ok Glass” can dramatically change how you receive information. Earlier this month, Google provided more details on Glass and promised wider availability in 2014. They also took steps towards squashing privacy concerns.

The Glass screen, when activated, looks “a lot like a 25 inch color TV floating about 8 feet in front of you,” and the glasses weigh about as much as a pair of sunglasses.

So what can Glass do?

Pretty much anything your smartphone can do but with the added benefit that it is hands-free and looks {insert your descriptor}. Here is a rundown of the features:

  • Google Glass MapSearch: Saying “Ok Glass” gets you the information you need whether it is trivia answers or language translation.

  • Navigation: No more taking your eyes off the road to check out your GPS. Glass projects the turn by turn directions right in front of your eye.

  • Gmail & Calendar: Glass makes checking “email quick and easy” (according to Google).

  • Phone & SMS: Ditch your Bluetooth ear piece for Glass and gain the benefit of speech-to-text transcription.

  • Photos, Videos & Video calls: This is where the privacy concerns really start because early versions of Glass do not have a dedicated indicator light to show when a video or photo is being taken.

Google aims to easy privacy concerns by explaining, the “device’s screen is illuminated whenever it’s in use, and that applies to taking a picture or recording a video.”Additionally, Glass requires a verbal command to operate, so listen for “Ok Glass, take a picture” or “Ok Glass, record a video.”

Here’s a video on how life feels through Glass


]]>
<![CDATA[As BlackBerry Woes Continue, We Wonder ‘What’s Next?’]]>http://www.eci.com/blog/445-as-blackberry-woes-continue-we-wonder-whats-next.htmlTue, 16 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=445 This week, Research in Motion officially became known as BlackBerry Ltd. But will the name change really change anything for this struggling company? It’s hard to say.

BlackBerry’s woes have multiplied of late, with personnel changes, price cuts and stakeholder dissatisfaction making headlines. Just this month, two long-time board members announced they will be stepping down, while CEO Thorsten Heins continues to ask shareholders for patience as the company tries to reinvent itself and compete with its successful rivals.BlackBerry Z10

On the smartphone market front, BlackBerry’s struggles continue. According to Gartner, BlackBerry's market share has dwindled from over 50 percent in 2009 to less than 3 percent. BlackBerry’s newest device, the Z10, has already lost its luster. US smartphone carriers including AT&T and Verizon have slashed prices from $199 to just $99, less than four months after the phone’s initial release. Retailers like Amazon and Best Buy are doing one better, and selling the phones for as low as $49 under contract.

To make matters worse, speculation is that BlackBerry is also planning to cut more jobs, signaling to many that the company is a long way from rebounding. There is positive news, however. Believe it or not, BlackBerry revenue was up 15 percent in the first quarter of fiscal 2014 compared to the previous quarter.

The company also recently announced it sold 18,000 iterations of its BlackBerry Enterprise Service (BES) 10 since its launch at the beginning of the year. More than 60 percent of US Fortune 500 companies have deployed BES 10 or are currently testing it, demonstrating the company has yet to relinquish its hold on the enterprise market. As you'll recall, the Z10 must be managed by the BES 10.

So, what’s next?

Only time will tell what the cards hold for BlackBerry and whether the organization will be able to bounce back and play a competitive role in the enterprise and consumer smartphone markets. Stay tuned!

To read more about mobile devices on Hedge IT, check out these posts:



Photo Credit: Flickr]]>
<![CDATA[Prohibition Era Ends, Hedge Fund Advertising To Resume]]>http://www.eci.com/blog/444-prohibition-era-ends-hedge-fund-advertising-to-resume.htmlThu, 11 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=444 In a move likely to redefine the financial industry, the SEC voted this week to rescind an 80-year-old ruling prohibiting hedge funds from public advertising. The ruling comes as the result of the Jumpstart Our Business Startups Act (JOBS Act), which is intended to make it easier for small businesses to raise capital.

The Securities Act of 1933 was originally implemented following the stock market crash in 1929 as a means to regulate and control securities sold, requiring that funds register with the SEC unless they met an exemption.Hedge Fund Advertising

Under the new rule, hedge funds, private equity funds and other investment firms will have the opportunity to publicly solicit capital via a variety of commercial advertising outlets, including websites, print ads, and social media. Hedge funds have historically been quiet on such mediums, largely due to fear of noncompliance with regulations.

Many, however, do not expect advertising fever to catch on too quickly. According to Forbes, “it’s more likely hedge funds will start slow. Some may start thinking about a real marketing strategy for the first time. Others might find the new rule as an opportunity to provide some more detail on their website, or speak in public about their funds.”

More Details:

  • Hedge funds and other firms will be required to notify the SEC 15 days prior to a public offering

  • Companies who fail to notify the SEC in advance of advertising will be barred from making public offerings for one year

  • Investments in the offerings remain restricted; Only “accredited investors” with a net worth of at least $1 million may invest

  • The ban will be officially lifted 60 days after the ruling is published in the Federal Register


The SEC also voted to propose a “package of investor protections” in hopes of better policing the private offerings that will ensue.

Looking for more information on hedge fund marketing? Check out our Hedge Fund Marketing Knowledge Center and learn how to stand out from the crowd!

Photo Credit: CNN Money

]]>
<![CDATA[Acceptable Use Policy: A Recipe for Success]]>http://www.eci.com/blog/443-acceptable-use-policy-a-recipe-for-success.htmlTue, 09 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=443 Here at Eze Castle Integration we have a pantry full of thoughtful policies that help ensure we keep everything in tip-top shape. In past Hedge IT articles, we’ve shared our recipes for creating security incident policies, BYOD policies and social media policies.

Today, we are going to share our recipe for creating an Acceptable Use Policy, which governs how a company and its employees use computing resources. The SANS Institute, which has policy templates galore, also has an Acceptable Use Policy template that you can find HERE and is the foundation for our award-winning recipe.

First, define the purpose and scope of your policy by answering questions including:

  • Why are the rules in place (i.e. protect firm from virus attacks, compromising of the computing network, etc.)?

  • Who does the policy apply to (i.e. employees, consultants, contractors, etc.)?

Next, select the meat for the actual policy. While every firm’s palate is different, this gives you a taste for the types of ingredients typically included:

General Use and Ownership

  • Users should understand that the data created on the corporate systems is the property of the company, and that the company cannot guarantee the confidentiality of the information stored.

  • Employees must exercise good judgment when it comes to personal use and know that for security purposes, in some cases, authorized company individuals may monitor equipment, data or systems.Acceptable Use Policy - Recipe for Success

  • The company has the right to audit networks and systems on a periodic basis to ensure policy compliance.

Security & Proprietary Information

  • All computers and mobile devices should have password-protected screensavers with an automatic activation feature set to five minutes or less (ideally). Also, users should be trained to lock their computers and mobile devices when leaving them unattended.

  • Passwords should be kept secure, and employees should not share accounts. Additionally system-level passwords should be changed at least quarterly, and user level passwords should be changed every 90 – 120 days (ideally).

  • Employees should take all necessary steps to prevent unauthorized access to confidential information that resides on the company’s Internet/Intranet/Extranet-related systems

  • Employees must use caution when opening email attachments from unknown senders as they may contain viruses.

Unacceptable Use

Define what activities are generally prohibited unless necessary for the job function and what activities are 100% prohibited (i.e. illegal activities). Following is a sample list provided by the SANS Institute:

System and Network Activities
The following activities are strictly prohibited, with no exceptions:

  • Introduction of malicious programs into the network or server

  • Exporting software, technical information, encryption software or technology, in violation of international or regional export control laws

  • Unauthorized copying of copyrighted material

  • Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations

  • Revealing your account password to others or allowing use of your account by others

  • Making fraudulent offers of products, items, or services originating from any company account

  • Effecting security breaches or disruptions of network communication

  • Circumventing user authentication or security of any host, network or account

Email and Communications Activities

  • Sending unsolicited email messages, including the sending of "junk mail"

  • Any form of harassment via email, telephone or texting

  • Unauthorized use, or forging, of email header information

  • Creating or forwarding "chain letters", "Ponzi" or other "pyramid" schemes of any type

Blogging & Social Media

Define your company’s policy on employees’ participation on social media sites while at work. Be sure to reaffirm that confidential information should never be shared via these outlets.

Enforcement

What disciplinary action will an employee be subject to if they violate this policy?

Definitions

Be sure to define any terms included in the policy that you think employees may be unclear on – better to cater to the lowest common denominator to help ensure there is no confusion.

There you have it, a wonderful Acceptable Use Policy recipe. If we’ve piqued your appetite, be sure to give our other policies a try:

Bon Appetit!

]]>
<![CDATA[Happy Independence Day from Eze Castle!]]>http://www.eci.com/blog/442-happy-independence-day-from-eze-castle.htmlWed, 03 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=442 We hope all of our readers, clients, partners and friends have a great Fourth of July holiday! We'll see you back here on the Hedge IT on Tuesday, July 9th for more tech talk!

happy fourth of july from eze castle integration

]]>
<![CDATA[Snapchat "Disappearing" Messages: What it is & why you should care]]>http://www.eci.com/blog/441-snapchat-disappearing-messages-what-it-is--why-you-should-care.htmlTue, 02 Jul 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=441 You may have heard of it – the newest social media app that’s sweeping the 18-25 year old demographic – Snapchat. But what is it, and how could the technology behind it affect the business world?

What is Snapchat?

Snapchat is a photo messaging application in which users can take photos or record short videos on their smartphones, then add text or drawing and send them to select contacts. When sending the content, users have the ability to set a time limit for how long the recipients can view it (up to 10 seconds), after which the photo or video will disappear from the recipient's device.

Here’s a recent Snapchat ad that depicts how the app is used:

How could it affect businesses?

While the app itself is primarily intended for use in the social sphere, the technology that powers Snapchat has caught the attention of some developers in the business world. Companies that regularly send and receive emails with highly sensitive or proprietary information are interested in having the ability to make those messages disappear after they’ve been read.

The idea is that email content would never actually reach the recipient’s internal server. The sender enters the content into an email, then the recipient gets a separate email containing a link to access the content entered by the sender. After a pre-determined period of time (typically chosen by the sender), the link will no longer work.

But, as with any new technology, there are certain benefits and pitfalls to be cognizant of before employing these tools in the workplace.

The Prossnapchat logo
According to a recent Wall Street Journal report, proponents of this technology believe that vanishing emails could be very useful in an era when forwarding, printing or sharing sensitive emails with unauthorized third parties is as easy as one click of a mouse or tap on a touch screen. It can also help reduce the risk of a cybersecurity breach. Email, as with other forms of online communication, has a high degree of permanence. An organization could face a public relations nightmare if years of stored emails are compromised. In theory, this technology could help prevent that scenario.

The Cons
In May, 2013, a Forbes investigation into Snapchat showed that the photos and videos don’t actually disappear from the receiver’s device. In fact, with just basic IT skills, they found the content can be retrieved long after its time limit expires. The Electronic Privacy Information Center has also filed a complaint with the FTC stating that Snapchat has been deceiving users by leading them to believe that their images are destroyed within seconds of being viewed. In a business setting, this flaw could result in sensitive information becoming easily accessible to even the most minimally-skilled hackers, which could make the firm susceptible to a major security breach.

In the financial services space, email archiving and retention are among companies’ top compliance concerns. Disappearing emails could pose a challenge in this area. So far, no direct legislation has been put in place to regulate the types of content that must be retained versus those that can be used in vanishing emails, so this is a bit of a gray area for the time being.

As developers continue to enhance this technology and regulators begin to formulate guidelines for using it in a business environment, disppearing content will likely become a hot discussion topic. Keep an eye out for more developments, and be sure to consider all of the pros and cons before deploying this technology for personal or professional use.

Hedge Fund Security Guidebook

]]>
<![CDATA[...And Many More: Happy 18th Birthday, Eze Castle!]]>http://www.eci.com/blog/440-and-many-more-happy-18th-birthday-eze-castle.htmlThu, 27 Jun 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=440 This month, Eze Castle turns 18! The company, founded in 1995 by childhood neighbors John Cahaly and Sean McLaughlin, has grown into a global technology operation with offices in the United States, Europe, and Asia. In honor of the Castle’s (that's our little nickname for ourselves) 18th birthday, let’s take a look at 18 fun facts highlighting not only our successes on a company level, but those of the wonderful employees who make it all possible.

Happy Birthday Eze!

]]>
<![CDATA[IT Ownership & Data Protection: A Security Roadmap]]>http://www.eci.com/blog/438-it-ownership--data-protection-a-security-roadmap.htmlThu, 20 Jun 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=438 Earlier this week, our friends at Varonis Systems joined us for a webinar to talk about information technology ownership and hedge fund data protection. IT threats as a result of external hackers or internal security breaches are on the rise, and therefore firms are encouraged to protect and audit file data in order to answer two simple questions:

Who has access to my data?
Who has accessed my data?

Let’s take a closer look at how Varonis helps investment firms accomplish this.

Context is king

Firms can hasten data protection by achieving a greater amount of context awareness. Some contextual questions to ask are:

  • Who owns the data?

  • Who uses the data?

  • Who should have access?

  • Who should not have access?

  • Who granted access?

  • Who moved my data?

Firms have complex ecosystems in which there are many different people who will interact with data (business users, IT and data owners), formats through which data will be presented (PDFs, media, video), and IT infrastructures to manage data (Exchange, Windows, SharePoint). Answering the above questions is necessary for a firm to understand how it can efficiently protect its valuable and sensitive data. Companies should optimize metadata functionalities to answer these questions and protect data through accessibility, collaboration, self-service, analytics and modeling, retention and storage, metadata collection, access monitoring, and content classification.

Protecting data in the real world

In order to protect sensitive information, firms should employ a metadata framework that has the ability to expand when necessary. This framework, which must not interrupt daily office activities, should be used to gather and evaluate metadata, systemize workflows to be efficient, and auto-generate reports. There should also be a clear and dependable operational plan in place to guarantee that data is always assigned to a unique owner.

How does Varonis leverage metadata to raise context awareness?

Varonis uses metadata to identify risks, and in turn prevent the occurrence of data leaks. There are four types of metadata to be collected in a non-intrusive way:

  1. File system and permissions information – Allows the company to understand who has access to which data

  2. User and group information – Permits the company to understand the groups and users that have access to certain data

  3. Access activity – Tells a company who is interacting with/accessing its data, and what they are doing with it

  4. Sensitive content indicators – Helps a company to identify where its sensitive data is, where it is overexposed, and how it can be protected

All of the above can be used to gather actionable data governance information that can assist data owners in the generation of automatic entitlement reviews and allow them to play a role in the authorization of workflows.

The following five-step process is used by Varonis to reduce the risk of data leaks:

Risk Reduction Operational Plan

We recommend our clients use Varonis to protect and audit their data as a means to thwart impending security attacks (whether internal or external). Varonis bases their model on these three pillars:

  • Governance – Firms must monitor employee data access to constantly guarantee that the correct people have access to the right data. This will allow for these firms to clearly see when data privileges are being exploited.

  • Access/collaboration – Firms should use shared drives on existing servers to allow for file synchronization and management, mobile access, and a way to securely share information with a third party.

  • Retention – Firms must use information technology to optimize data disposition, archiving, and migration processes, utilizing metadata.

To learn more about Varonis Systems, visit www.varonis.com.

Varonis Logo

]]>
<![CDATA[A Step-By-Step Guide to Dealing with a Security Breach]]>http://www.eci.com/blog/437-a-step-by-step-guide-to-dealing-with-a-security-breach.htmlTue, 18 Jun 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=437 If your firm hasn’t had to cope with the aftermath of a security breach, you’re probably one of the lucky ones. According to an analysis conducted by Ponemon Institute and Symantec in 2013, human errors and system glitches caused nearly two-thirds of data breaches globally in 2012.

With the threat of security incidents at all all-time high, we want to ensure our clients and partners have a system in place to cope with any threats that may arise. Here is a step-by-step guide to follow in the event your firm suffers from a security breach.Panic Button

1. Establish an Incident Response Team.

Choose a select group of individuals to comprise your Incident Response Team (IRT). Assign each member a predefined role and set of responsibilities, which may in some cases, take precedence over normal duties. The IRT can be comprised of a variety of departments including Information Technology, Compliance and Human Resources.

2. Identify the type and extent of incident.

Before your IRT can alleviate any incidents, it must clearly assess the damage to determine the appropriate response. For example, if the incident is a computer virus that can be quickly and efficiently detected and removed (and no internal or external parties will be affected), the proper response may be to document the incident and keep it on file. This task could effectively be handled by the IT department.

If however, an incident occurs that affects multiple clients/investors/etc., the incident should be escalated to the IRT.

3. Escalate incidents as necessary.

Certain departments may be notified of select incidents, including the IT team and/or the client service team. These parties should use their discretion in escalating incidents to the IRT. Any event suspected as a result of sabotage or a targeted attack should be immediately escalated.

4. Notify affected parties and outside organizations.

One member of the IRT should be responsible for managing communication to affected parties. Depending on the severity of the incident, the IRT member will act as the liaison between the organization and law enforcement.

5. Gather evidence.

When appropriate and necessary, the IRT is responsible for identifying and gathering both physical and electronic evidence as part of the investigation.

6. Mitigate risk and exposure.

A technical member of the IRT should be responsible for monitoring the situation and ensuring any effects or damage created as a result of the incident are appropriately repaired and measures are taken to minimize future occurrences. The IRT will also need to define any necessary penalties as a result of the incident.

Here are a few more resources on hedge fund security you may find helpful:


Hedge Fund Security eBook

Source: 2013 Cost of Data Breach Study: Global Analysis, Ponemon Institute & Symantec

Photo Credit: Flickr

]]>
<![CDATA[The New CIO: From IT Manager to IT Innovator]]>http://www.eci.com/blog/436-the-new-cio-from-it-manager-to-it-innovator.htmlThu, 13 Jun 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=436 For years, the role of the chief information officer (CIO) has been to acquire and maintain cost-effective IT services for the organization. Technology was viewed as a basic necessity, so managing costs and ensuring systems were running smoothly were the primary areas of focus for corporate IT leaders.

Today, technology is much more than a commodity. In fact, for many investment management firms, it has evolved into a source of competitive advantage. This change, combined with stagnant IT budgets, has caused the role of the CIO to move away from basic IT management to become more of a forward-thinking innovator for the organization. Here are a few strategies to help ease this transition.

IT outsourcingRather than looking at your IT budget first, start with your employees.
How is your staff using technology to perform their jobs? Are there changes that could be made to help them become more efficient? If you have employees who travel frequently or telecommute, consider how they’re accessing critical systems and applications. If many members of your staff are working remotely or using smartphones, tablets or laptops on a regular basis, what changes can be made to make their experiences more seamless?

Think like a CMO.
A recent Gartner study found that CIOs are highly focused on efficiency and processes, while chief marketing officers (CMOs) are more concentrated on delivering strategic value and developing long-term relationships. Try examining your firm’s needs from the marketer’s perspective. How are your clients using technology to interact with the firm? What information are they seeking when doing so? Could these experiences be enhanced in any way to foster a stronger relationship? Also, consider speaking directly with your Sales and Marketing personnel to gain a better understanding of how they're seeing clients interface with the company and where IT can get involved to ensure smoother interactions.

Take a close look at new tools and trends.
For many investment firms, cloud-based infrastructures are proving highly beneficial, especially in helping to increase operational efficiency without major capital outlays. Another new trend to keep a close eye on is BYOD (Bring Your Own Device). Enabling employees to utilize their personal mobile devices and tablets for business purposes can result in cost savings and greater computing flexibility for the organization.

Consider outsourcing options.
You IT staff is likely over-worked, and increasing headcount is an expensive solution. To supplement your existing team, it may make sense to outsource some aspects of the IT and operational aspects of the firm. Outsourcing options abound, so you can offload as little or as much are you’re comfortable with. Hosted IT services are a major area where we’re seeing firms outsource, but there are many others as well, including:

  • Help desk support

  • Staffing

  • Application hosting

  • Colocation

  • FIX connectivity

  • Disaster recovery

  • Project management

For more information, be sure to check out our article on “Examining the Changing Role of the CTO,” or contact an Eze Castle Integration representative.

contact an eze castle integration representative

]]>
<![CDATA[What Not to Do When It Comes to Your IT]]>http://www.eci.com/blog/434-what-not-to-do-when-it-comes-to-your-it.htmlThu, 06 Jun 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=434 We spend a lot of time here on Hedge IT making suggestions about what hedge funds and investment firms should do when it comes to their technology. But today, we’re not going to tell you what you should do. In fact, these are things we definitely DON’T want you to do!

Plan your infrastructure only for the short-term.

A crucial mistake often made by funds is not planning for the future. Even at launch, you should be thinking about what your firm will look like and what technology you will require down the road. Planning out two to three years in advance is recommended in order to reap the most benefits when it comes to your infrastructure. Plus, if you don’t plan ahead, you may wind up incurring more costs if technology decisions need to be made unexpectedly.Stop

Ignore the importance of a business continuity plan.

It has become commonplace for hedge funds to employ disaster recovery strategies to protect mission-critical data and applications (due to a number of reasons including investor expectations, new regulations and the effect of unexpected natural disasters, e.g. Hurricane Sandy). But firms often overlook the equally important business continuity plan, which provides guidelines for what employees need to do in the event of a disaster. Yes, focusing on your infrastructure is essential to keeping your business afloat, but that business also cannot survive without its employees. Don’t forget to test that BCP plan once you’ve developed it – a good plan will only work if people know how to follow it.

Skimp on security.

This one is a no-brainer, right? There are times when firms think it’s okay to cut back on security, or they easily dismiss the idea that a firm could ever become the victim of a cyber-attack. Hackers have become more advanced over the past few years, and financial services firms are at the top of their list for targets. It’s worth investing in premium network security to ensure your firm does not become a victim, whether it’s at the hands of a professional hacker or a simple computer virus.

Fail to comply with industry regulations.

Regardless of whose jurisdiction your firm falls under, it’s essential you take the appropriate steps to ensure you’re meeting all necessary regulatory directives. Whether its system safeguards enacted through the Dodd-Frank Act or increased transparency requirements as a result of AIFMD, you can bet there’s some type of legislative requirement your firm is responsible for meeting. Can regulatory bodies like the SEC keep tabs on all hedge fund firms? Maybe not. But if the day comes when you receive an audit notice, you don’t want to be the firm who’s noncompliant.

Be opposed to change.

Just like the investment industry, technology is constantly evolving. Just a few years ago, firms were building out large Comm. Rooms to store massive servers and other equipment. That practice is fading today as firms rely on the cloud to meet their technology needs without unnecessary hardware purchases. Remember that just because you’ve always done something one way, it doesn’t mean it’s the only way. Learn to adapt with the changing industry and be open to trying new things. Who would have guessed just a few short years ago that we’d all be plugging into the cloud to do our day-to-day tasks?

Contact an Eze Castle representative

Photo credit: Flickr

]]>
<![CDATA[Data Protection Changes Coming to EU Firms]]>http://www.eci.com/blog/433-data-protection-changes-coming-to-eu-firms.htmlTue, 04 Jun 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=433 Big changes are coming in the form of European Union data protection mandates. In January 2012, the European Commission announced a proposal to reform the current European Union's data protection framework, currently known as the 1995 EU Data Protection Directive, to better protect the personal data of EU citizens and update the current legislation to fit in with the 21st century requirements and rapid evolution of technology (including the prevalence of social networking and smartphones).

The EU proposal will give individuals more control over their data while also serving to promote the importance of data protection in a globalised world. The European Commission expects the rules will go into effect two years after they have been adopted by the member countries - officially around 2014 or 2015. EU Compliance

While some of the current proposals will undoubtedly be amended over the course of this lengthy process, let’s look at some of the practical steps companies should be considering now.

Move towards compliance

One of the main recommendations of the proposed regulation would ensure that companies have only one regulatory authority that supervises their activities across all EU member states. Businesses with multiple offices across several European countries should therefore consider which regulatory authority would be its supervisor.

Right to be forgotten

The new directive will enforce a right to be forgotten, which will allow people to request firms to delete their data permanently. Companies faced with a request for deletion of data will have the responsibility to pass that request on to companies that have copies of that data.

This rule will certainly affect Internet platforms, which tend to never forget. For example, even if data is taken down from a social networking site, such as Facebook or Twitter, it is not completely gone and will remain within the Internet cache.

Don't delay, get ready

Given the timeframe, many firms may feel they have plenty of time to get ready for the new data protection framework in Europe, but that is not the case. The clock is ticking.

While there may be a lot of work that still needs to be done before the proposals are finalised, firms should not wait to start preparations. It is important that firms get their privacy policies, procedures and documentation in order and keep them up to date.

Best Practices to Start Employing Now Checklist

  • Appoint a data protection officer to act as the focal point for all data protection activities.
  • Take a closer look at your privacy policies. In some cases, they will likely need to be re-written (new guidance states they must be written in plain English).
  • Refresh your information asset register so it clearly identifies what data is held, where, how and why.
  • Write and employ processes and procedures to handle data subject and data deletion requests.
  • Review your technical and procedural controls around your data. A serious breach could cost your firm up to 2% of its global turnover.

]]>
<![CDATA[Psst. Are you in the know about SSD (aka Solid State Disk)?]]>http://www.eci.com/blog/432-psst-are-you-in-the-know-about-ssd-aka-solid-state-disk.htmlThu, 30 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=432 To quote PC World, “A high-end SSD is the pinnacle of computer storage today. Ditching your hard drive for one of the latest SSD models is like dumping your go-kart and hopping into a Formula One car.”

But what is SSD?

SSDSSD is a storage device that stores persistent data on solid-state flash memory, using integrated circuit assemblies as memory. SSD has no moving parts, which is one of many distinctions between SSD and traditional hard drives that have spinning disks.

SSD offers huge performance gains over other commonly used storage drives including SAS (serial attached SCSI) drives. For perspective, the typical enterprise spinning disk is a 15K SAS drive, which offers approximately 200 IOPS. Mainstream enterprise SSD on the other hand can offer 10,000-100,000 IOPS.

Why should I care?

Investment management firms are presented with an increasing amount of data, much of which holds the potential to uncover new investment opportunities. For some strategies (think high frequency trading and algo), the speed at which the data is processed is linked to the size of competitive gain.

This is where SSD comes in. The huge performance gains delivered by SSD have the ability to speed up large database applications and online transaction processing, which can be hugely impactful. Big-data analytics is another example of where SSD is appropriately suited.

Compliments of Wikipedia, here are some other advantages SSD provides:

SSD Comparison Chart

Is SSD Panacea?

SSD delivers numerous performance advances as outlined above, however, there is a price (literally) associated with these gains. The typical enterprise spinning disk is a 15K SAS drive, which costs about $0.50 per gig and offers approximately 200 IOPS each. Enterprise SSDs vary in cost and performance, but $3.00-5.00 per gig, and 10,000-100,000 IOPS covers most of the mainstream drives.

As the price comes down, you can expect to see SSD more widely deployed.



Source: Jon Jacobi. (May 13, 2013). The proper care and feeding for SSD storage. PC World

]]>
<![CDATA[Managing Your Applications in the Cloud: Webinar Recap & Replay]]>http://www.eci.com/blog/430-managing-your-applications-in-the-cloud-webinar-recap--replay.htmlThu, 23 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=430 We hosted a webinar earlier this week, App Hosting 101: Managing Your Essential Applications in the Cloud, in which Steve Schoener, Eze Castle Integration’s Vice President of Client Technology, and Martin Sreba, Senior Director at Advent Software, discussed topics such as industry trends in application hosting, key drivers of application solutions, common myths about the cloud, and the right time to put an application into effect. Continue reading for an overview of the webinar.

Industry Update: What’s Going On?

Increasing demands from hedge funds’ current and target investors are driving a variety of trends. Due diligence requirements are more advanced, as investors expect to see candid looks into a fund’s systems, disaster recovery capabilities and more. The increasing complexity of investments is also driving the need for more complex systems to handle these instruments.

Firms are starting smaller in today’s environment, with many starting with under $100mm in assets under management. Startup funds are looking for technology solutions to complement their size and give them the tools to efficiently run their businesses.

The Key Driver for Application Solutions? Managing Risk.

When it comes to implementing applications, there are many considerations to think about, some of which include addressing investor due diligence concerns, addressing regulatory requirements, and supporting client service demands. The most importance goal for many firms, however, is mitigating risk. There are three types of risk to manage:

  1. Operational. A firm without a system already in place has most likely used Excel. It is important to transfer spreadsheets into an application because these systems are made to support the direct investment decision process, and therefore all data must be correct. Cloud Computing

  2. Counterparty. Firms need to be able to connect with a multitude of third parties, including fund administrators and prime brokers. Clients now want to be more operative, and therefore use multi-prime environments in which counter-parties have different specializations utilized by the firm. Many more firms now foster these counter-party relationships, and therefore need a system to bring everything together into one holistic setting.

  3. Investment. Investment decision makers want to see accurate information. A research management system, for example, would allow a firm to track and save their investment research and choices for a possible audit.

Deploying Your Application: Top Considerations

When deploying an application, a firm must consider not only the up-front, short-term costs of supporting the application, but also the long-term costs. The firm must be sure that the overhead expense of the application is not too much of a burden on the business.

An application that is being deployed must be scalable. A firm may want to start with an application on a smaller scale, whose base can grow as the company does. The firm should be sure that the application being used will not force an arrangement that will limit its ability to scale up in the future.

Infrastructure Options: On-premise vs. Cloud

Deciding where to host your application is a major consideration. Many firms today are opting to host their apps in the cloud, an option that provides for more flexibility and cost-effectiveness. Beyond the on-premise vs. cloud debate is the decision about whether to utilize a public or private cloud.

Security continues to be the biggest concern in regards to the public cloud. Investors want to make sure that their data is as secure as possible because it is a fundamental part of the fund’s core. Access into private clouds is much more controlled, and there are fewer questions about the encryption of data at rest and the ability to access that data. A public cloud provider will make sure that its physical infrastructure is up and running, but will not necessarily be concerned about whether or not their clients’ applications are functional. Therefore, working with a smaller, niche provider may be better for many firms.

The Right Time to Implement an Application

Many more start-up funds are now bringing applications in on day one because they do not want to deal with the conversion and transfer of the data at a later date, and the cost is much more affordable from the get-go. However the firm philosophy also plays a part in the timing of an application’s implementation particularly depending on whether the firm is relying on outsourced application services or hosting their applications in-house. Budget may also play a large role here.

Application Provider Must-Haves

  1. People. The application and/or hosting provider must have a structure that allows for them to be available when needed (whether through a help desk, etc.), and must be able to comfortably adapt to changes in its clients’ businesses.

  2. Scalability. The provider must be able to be there for the long run, providing a system that handles the company’s growth without having to reinstall a new system and convert the data.

  3. Strong Ecosystem Support. Firms can turn to the experts and create trusted partnerships with counterparties and consultants who have worked with similar client types (which will allow for them to understand the products being provided).

  4. Ease of Use. This is not as important as the above three because most systems have the same functionality. A firm must survey the big picture when it comes to choosing a provider.

When it comes to evaluating which application vendor is right for your business, here are five key questions to ask:

  • Does your software work in hosted environment?

  • How is the application deployed? (e.g. via the Internet, Citrix, etc.)

  • Are there any limitations?

  • Do you have recommended hosting partners?

  • Will there be any changes to my Service Level Agreement?

If you would like to speak to an Eze Castle representative about application hosting at your firm, please contact us today!

Contact an Eze Castle representative
]]>
<![CDATA[A How-To on Appraising the Strengths and Weakness of a Hedge Fund Application]]>http://www.eci.com/blog/429-a-how-to-on-appraising-the-strengths-and-weakness-of-a-hedge-fund-application.htmlTue, 21 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=429 We were recently asked by a COOConnect member about the best sources for information about the strengths/weaknesses of the various hedge fund applications including front, middle and back office. Since we know many folks have this same question, today I am going to expand on the original answer given by our expert, Mark Coriaty.

Now the way a hedge fund uses an application will vary based on its investment strategy, and therefore the perceived strengths and weaknesses may vary as well. However, there are multiple ways to establish a baseline of strengths and weaknesses.

Service Provider Reports: Balancing Bias with Value

First up are free reports from hedge fund service providers such as Eze Castle Integration. Each year we publish a benchmark study that outlines top applications used in select front, middle and back office categories by hedge funds. This report will provide a baseline of the top three application vendors used in each category, but doesn’t dive into specific feature sets. The report can be downloaded HERE.

Vendor reports can be helpful in getting an initial understanding of the most frequently used applications and top features used by firms. You should always consider the source, as some vendor reports or whitepapers will be biased.

Industry Analyst Reports: Balancing Cost with Real Life

Next up are analyst groups, such as Aite Group, Celent and CEB TowerGroup, who regularly publish reports looking at hedge fund applications. Aite Group, for example, published a report titled “Buy-Side OMS Market Update 2013: Calm Before the Storm?” in March 2013. These reports can provide insight into the top application players in each market. It should be noted that some reports must be purchased, and free ones may be slightly biased if they are funded by an application vendor.

Here is a handy list of where to find reports published by these firms:

  • CEB TowerGroup: HERE
  • IDC Financial Insights: HERE

Phone a Friend

Finally, talking to hedge fund peers is extremely valuable in understanding the strengths and weaknesses of various applications. In addition to calling the references provided by the vendors (who you can assume are happy), try and find a few other users to speak with. Here are some questions to ask:

  • How long have you been using the application?

  • Did you receive any incentive for being a customer reference?

  • Why did you select this application?

  • Has the application met your expectations?

  • What are the most important features to your firm?

  • Did your firm customize the application? If so, what was that process like?

  • What features do you wish they would add to the application? Areas for improvement?

  • How responsive is customer support?

  • Is there anything you would have done differently as part of the selection or implementation process?

Happy App Searching!

P.S. Here is another link to our 2012 Hedge Fund Technology Benchmark Study.


Hedge Fund Application Benchmark Study



















]]>
<![CDATA[Corporate Essentials for Successful Hedge Fund Startups]]>http://www.eci.com/blog/427-corporate-essentials-for-successful-hedge-fund-startups.htmlTue, 14 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=427 Tomorrow, we are co-hosting an exciting seminar in New York City with our friends at KPMG on the topic of launching a hedge fund. The half-day event, Hedge Fund Launch 2.0: Navigating the New Environment, will feature expert panel sessions on variety of topics including technology, regulations, capital raising, application platforms and more.

One panel we’re particularly interested in – beyond the technology panels, of course – is Corporate Essentials, a program focused on the often forgotten-about aspects of launching a new business. These aspects include human resources, compensation, insurance and real estate. Here’s a sneak peek at some of the content our panelists will be discussing at tomorrow’s event:

Human Resources

  • Essential components of a human resources infrastructure

  • Front and back office staffing requirements

  • Employee benefits typically provided by hedge funds

Compensation

  • Typical compensation structures for front, middle and back office

  • Compensation trends in financial services

  • ‘Hot’ functions in terms of recruiting and compensation

Insurance

  • The types of insurance needed for a business, including professional liability, employment practices liability, and property & casualty

  • The right time to investigate insurance options for your hedge fund

  • The effect of the Affordable Care Act/Healthcare Reform on hedge fund insurance decision-making

Real Estate

Be sure to come back to the Hedge IT on Thursday for a recap of our Hedge Fund Launch 2.0 event! In the meantime, download our brand new Manager’s Guide to Establishing a Hedge Fund.

A Manager's Guide to Launching a Hedge Fund

]]>
<![CDATA[Recapping a Busy Week in Cyber Security Across the Globe]]>http://www.eci.com/blog/426-recapping-a-busy-week-in-cyber-security-across-the-globe.htmlThu, 09 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=426 In case you missed it, this week the Pentagon released its Annual Report to Congress looking at the military and security developments involving China. According to the New York Times, the report is virtually the first time “the Obama administration has explicitly accused China’s military of mounting attacks on American government computer systems and defense contractors, saying one motive could be to map 'military capabilities that could be exploited during a crisis.'"

The report states that cyberwarfare capabilities could serve Chinese military operations in three key areas.

  • First and foremost, they allow data collection for intelligence and computer network attack purposes.

  • Second, they can be employed to constrain an adversary’s actions or slow response time by targeting network-based logistics, communications, and commercial activities.

  • Third, they can serve as a force multiplier when coupled with kinetic attacks during times of crisis or conflict.

In other cyber security news, the UK is setting up a new £7.5 million government fund as part of the National Cyber-Security Strategy to create two research centers to combat the increasing threat of cyber-attacks.

And finally, this week Japan and the US held the first bilateral comprehensive dialogue on cyber security with the goal of establishing international rule and discussing countermeasures to cyber-attacks.

Here is a snapshot to recap this week in Cyber Security.

Cybersecurity headlines

Be sure to check out these helpful security articles:

Hedge Fund Security Guidebook









]]>
<![CDATA[What Do Hedge Fund Investors Ask About IT? A Technology DDQ cheat sheet]]>http://www.eci.com/blog/425-what-do-hedge-fund-investors-ask-about-it-a-technology-ddq-cheat-sheet.htmlTue, 07 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=425 Question markIt is becoming cliché to say, but the investor due diligence process has truly evolved from a ‘check the box’ activity to a detailed and analytical process. Today, hedge fund investors want to see a tested investment strategy coupled with institutional-grade business processes.

Here at Eze Castle Integration, each year we help more and more hedge fund clients complete the Technology portion of investor due diligence questionnaires (DDQ). So we thought it would be helpful to share some of the more common technology related questions we are seeing. Not surprisingly, you’ll see security and disaster recovery questions on the list.

As you consider your responses to these questions, keep in mind that in some cases investors are more concerned with your decision process as opposed to seeing the “right” answer. The reality is that often the “right” answer varies from firm to firm and depends on a number of factors, including investment strategy.

On to the questions…also, you can download our more extensive Technology DDQ list HERE – it includes questions on your company and processes.

The Questions

  • Provide an overview of your IT and telecom infrastructure. Please specify whether this solution is hosted onsite, outsourced to a cloud/hosting provider or whether you use a variety of approaches.

  • Where are your primary, secondary, business continuity and disaster recovery data centers located and what technology is located in each?

  • Who is responsible for IT support? Describe the service they provide.

  • Please list any outsourced technology service providers. Please give an overview of the providers and their credentials, as well as background of the relationship.

  • Describe your physical and application security protocols to protect building, office, hardware, and data accessibility.

  • Detail user login and password requirements for staff accessing systems while in the office as well as remotely.

  • Describe your process for application/system change management, including:

    • Who is responsible for authorizing changes,
    • Who has access to the development and production environments, and
    • The process to release code/changes into the production environment.
  • Describe the organization’s Business Continuity and Disaster Recovery philosophy and provisions, including any relationships with third-party providers.

  • Describe your provisions for data back-up, including the frequencies and methods of the back-up. How would data be restored in the event of a loss, and how long would this take? How would you operate in the meantime?

  • What would happen in the event that a key decision maker became incapacitated, for example the chief investment officer or portfolio management staff?

  • How often is the BCP/DR plan tested? What was the last test date and describe the results.

In addition to downloading our complete IT DDQ list, you can also check out these articles:

]]>
<![CDATA[Webinar Recap: What Investment Firms Need to Know about Social Media Compliance]]>http://www.eci.com/blog/424-webinar-recap-what-investment-firms-need-to-know-about-social-media-compliance.htmlThu, 02 May 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=424 Yesterday, we hosted a webinar, “Going Social: What Investment Firms Need to Know about Social Media Compliance” along with Global Relay, an Eze Castle Integration partner and provider of enterprise message archiving and monitoring services. Global Relay's vice president of sales, Bryan Young, and our own vice president of marketing, Mary Beth Hamilton, discussed a range of topics including the changing SEC guidance on social media, compliance requirements for hedge funds and key components of instituting a social media policy at an investment management firm. Read on for a recap of the event.

Bryan Young vice president of sales global relaySocial Media Trends

In recent years, social media usage has expanded rapidly in the business sector. Of the various social media offerings currently available, Twitter, Facebook and LinkedIn tend to be the most widely utilized within business settings. Reasons for connecting through various social networking websites range from a desire to keep in touch with friends and family to researching products and services and keeping up with news. Social networking comprises a huge portion of the time spent online, with 25% of all time on the Internet spent on these websites. Furthermore, not only do social media users access these platforms via their computers, but 40% also visit social media sites via mobile devices. Additionally, social media applications are now the third most utilized by smartphone owners, an essential statistic for companies to keep in mind when crafting their social media policies.

Social Media and the Investment Industry

In the past, the investment industry largely avoided social media. However, more recently, many firms have begun to embrace the various social media platforms. Earlier this year, the SEC released a guidance update on social media usage, as well as a statement indicating that social media platforms are acceptable vehicles for investment firms to use for communications with the public. Leading this move towards social media is Goldman Sachs, who created a Twitter page in 2012 which now has 44,000 followers. Today, up to 50% of financial advisors now use social media to communicate with clients and other stakeholders. However, the rules and regulations regarding social media usage by investment firms continue to be highly complex, causing some hedge funds to continue steering clear of these sites.

social media word cloud cube

Currently, only 1% of hedge funds are actively taking advantage of Twitter’s offerings. Despite this, firms' employees are increasingly using social media platforms on their own, which is why it's becoming more and more important for firms to develop a social media usage policy to govern these online communciations.

Here at Eze Castle, we're seeing hedge funds handling the changing regulatory landscape regarding social media in the following ways:

  1. A small percentage of firms take the approach of completely blocking all social media use by employees.

  2. Some firms take the approach of blocking just the communications side of social media sites in the workplace.

  3. A large number of firms do not limit social media usage at all.

How do regulators view social media?

In the eyes of regulators, social media is viewed in the same regard as other forms of electronic communication. The SEC has deemed social media a suitable platform for distributing public information, as long as the public is directed where to look for it. Specifically, social media falls under the existing “media-neutral” requirements, including the following:

  • Record Keeping. Firms must be able to capture and preserve all electronic business records.

  • Supervision. Firms must supervise and enforce supervisory policies.

  • Audit Readiness. Firms must consider their preparation for an audit when producing data for auditors.

  • Social Media Specific. Before engaging with social media, firms must be certain that they have the technology required to record and retain their communications.

However, there are also some key differences to be aware of when it comes to social media communications. These include:

  • Static Content. Static content is content that remains posted until changed by the firm or individual, and is accessible to all website visitors. This type of content -- including initial tweets, Facebook wall posts and LinkedIn network updates -- necessitates principal pre-approval.

  • Interactive Content. Interactive content is considered real-time communication and requires supervision after the fact, on a risk basis. This type of content ranges from emails, IMs and Facebook wall comments to LinkedIn network comments and retweets.

  • Linking to Third-Party Content. When linking to third-party content, firms are responsible for the content of linked sites and what reps endorse. It is vital to be aware of the fact that “linking” or endorsing can trigger entanglement principles. Examples of this include Facebook “likes,” Twitter “retweets” and LinkedIn “recommendations.”

Mary Beth Hamilton vice president of marketing eze castle integrationPersonal vs. Corporate Information

Even as some investment firms are still steering clear of social media, there is an increasingly indistinct boundary between the personal and professional realms of social media usage, especially with the rise of LinkedIn. Social media platforms such as LinkedIn also pose further challenges to firms because, unlike email, employees own and control most social media accounts. One way to handle this challenge is to require employees to opt in for social media archiving. To protect employee privacy, firms must ensure that employee passwords will not be shared. Also, firms must ensure that their social media compliance solution covers content originating from mobile devices, home computers and public computers.

Best Practices for Creating a Social Media Policy

When crafting a social media policy, investment firms should use the following three questions to frame their approach:

  1. Is it appropriate or necessary for employees to visit social media sites such as Facebook, LinkedIn or Twitter during the work day?

  2. Are employees considered to be representatives of the company in their online interactions?

  3. Is it the firm’s responsibility to limit or control what employees are able to access on the Internet while at work?

There are also a variety of other considerations that go into drafting a successful social media policy. These include:

  • Representation. Employees must not represent their opinions published through social media channels as those of the company. If an employee has chosen to document his or her relationship with the firm, he or she must take care to guarantee all online actions and opinions reflect those of the firm.

  • Defamation. Employees must not defame or post any type of abusive content online, under any circumstances. The firm policy should clarify that any such actions will result in disciplinary action for the offending employee.

  • Responsibility. Employees must exercise strong judgment whenever using the Internet, and should expect to be responsible for any liabilities that arise from their online interactions.

  • Time. Employees should be sure that their social media interactions do not become so time consuming that their work performance is negatively impacted.

  • Record Keeping. If employees choose to communicate through social networking sites, firms should implement social media archiving technology such as the solutions provided by Global Relay to ensure compliance.

  • Regulations. A company’s social media policy should reflect the current regulatory requirements.

For more information on social media compliance for investment firms, contact an Eze Castle Integration representative. In the meantime, check out the full replay from our webinar, “Going Social: What Investment Firms Need to Know about Social Media Compliance” featuring Global Relay.



contact an eze castle integration representative
]]>
<![CDATA[What to Look for at the 2013 SALT Conference]]>http://www.eci.com/blog/423-what-to-look-for-at-the-2013-salt-conference.htmlTue, 30 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=423 Next week – Tuesday, May 7 through Friday, May 10 to be exact – one of the largest annual gatherings of investment management professionals will be taking place at the beautiful Bellagio Las Vegas. The SALT Conference will feature over 100 expert speakers participating in 36 panel discussions, individual speeches and breakout seminars throughout the four-day event. The focus of this year’s conference is on macro-economic trends, the political environment and opportunities for alternative investment firms within the context of the global economy.

As in past years, the SALT Conference is sure to be a who’s who of industry professionals. Past keynote speakers have included such notable names as Bill Clinton, George W. Bush, Al Gore, Mitt Romney, Colin Powell and Tony Blair. Who is on the docket to speak this year? What will the specific discussions and hot topics be? Following are some highlights we’re looking forward to at next week’s event.

Our Favorite Topics

SALT Conference hot topics schedule

The A-List Speakers

SALT Conference featured speakers schedule

The Best (and most fun!) Networking Opportunities

On Wednesday, May 8 and Thursday, May 9, Eze Castle Integration is teaming up with Eze Software Group to host a Cabana Party at the Bellagio Pool! Stop by to meet our team members, talk tech, have a cocktail and enjoy the beautiful Las Vegas weather!

Here are a few other SALT-sponsored events we'd highly recommend checking out:

  • Fiesta Latina: A Poolside Party of Food, Drink & Entertainment (Wednesday, 8:00pm, Bellagio Pool)

  • Starry Night: A Night of Cocktails & Entertainment Featuring Grammy Award-Winning Band TRAIN (Thursday, 8:30pm Bellagio Ballroom)

For more information on next week’s SALT Conference, visit http://www.saltconference.com/. If you’re planning to attend this event, be sure to let us know, and stop by the Eze Cabana Party!

contact an eze castle integration representative
]]>
<![CDATA[Video Week Continues! Channel Partners 360° Puts the Spotlight on Eze]]>http://www.eci.com/blog/422-video-week-continues-channel-partners-360-puts-the-spotlight-on-eze.htmlThu, 25 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=422 We hope you're enjoying this week full of videos here on the Hedge IT blog! On Tuesday, we shared footage from our friends at Zerto featuring our vice president of client technology, Steve Schoener, who spoke about cloud disaster recovery during a recent webinar.

Today, we're excited to share with our readers a video spotlighting Eze Castle Integration that was produced by the team at Channel Partners Online. Recently, the group honored Eze with its Channel Partners 360° Award, which celebrates excellence in innovation, technology solutions and customer satisfaction.

Check out the video they created about our team, solutions and services. And, of course, a special thanks goes out to Channel Partners Online for their fantastic work!

]]>
<![CDATA[A Look at Liquidity Risk Management]]>http://www.eci.com/blog/420-a-look-at-liquidity-risk-management.htmlThu, 18 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=420 take risk? yes noIn the wake of the 2008 financial credit crisis, investment firms have recognized the need for more robust liquidity risk management tools and procedures. However, due to shifting regulations and detailed fund and investment structures, fund of funds, private equity firms, hedge funds, and institutional investors continue to grapple with liquidity management and reporting within their investment portfolios. The following is a high level overview of both the liquidity risk challenges facing firms today, and the ways in which some fund managers are overcoming these challenges.

What is liquidity risk, and how does it affect funds?
Liquidity is the extent to which an asset or security can be bought or sold in the market, while not impacting the asset’s price. The concept of liquidity is comprised of illiquid assets, which are the result of liquidity risk and cannot be instantly sold due to value uncertainty and lack of a market. Liquidity risk refers to the concept that an asset or security cannot be traded at the rate necessary to achieve returns and bypass losses. In the last several years, worldwide economic challenges including rising liquidity costs, a more uncertain market and lower levels of market assurance have contributed to the liquidity management challenges facing funds. Liquidity risk’s ability to negatively impact and compound other types of risk, such as credit risk, also has far reaching consequences for the financial markets. These consequences make it even more imperative for firms to get a handle on their liquidity risk management practices.

Hedge funds and fund of funds are directly impacted by liquidity risk. Hedge funds undergo both position and fund liquidity. Position liquidity refers to how quickly the instruments employed in the strategy can be converted to cash at a known value. On the other hand, fund liquidity refers to how fast the stated terms will allow an investor to exit a fund investment. Fund of funds typically offer superior liquidity in comparison to hedge funds. This is due to their investment strategy, which involves investing in groups of various unregistered hedge funds rather than stocks, bonds or other securities. Other types of fund of funds include private equity fund of funds, mutual fund of funds and investment trust fund of funds.

Data Management Challenges
Data management continues to be a serious challenge for many funds. This is the result of funds’ limited analytical capabilities and lack of a centralized, systematic approach to examining liquidity risk. Because liquidity has the ability to compound many other types of risk, it’s important for firms to take a centralized approach to analyzing liquidity. Employing a siloed approach prevents managers from fully understanding their liquidity position on a wider scale.

liquidity risk managementThe lack of efficient data management technologies prohibits firms from accurately predicting cash flows. However, many software solution providers are attacking this challenge head on by offering state-of-the-art financial automation platforms. One such company is our partner, Ledgex Systems, whose Ledgex Platform product suite simplifies the management of these complex requirements. According to the experts at Ledgex, there has been a recent shift in the investor/allocator community that calls for cutting-edge liquidity analysis capabilities. Using this advanced platform is one way that fund of funds are dealing with the stringent requirements.

How are firms dealing with liquidity risk management challenges?
Tools such as the Ledgex Platform are especially helpful when it comes to data management, which is directly linked to a firm’s liquidity management practices. In order to achieve the highest level of liquidity management efficiency, it’s vital for data to be collected, analyzed and conveyed at a variety of aggregate levels. Because many funds have not yet undertaken the necessary data management measures, they have incurred heavy and undesirable financial costs in addition to having their liquidity risk management procedures severely stalled. Software tools like Ledgex enable funds to gain a stronger understanding of their internal liquidity management practices and allow them to achieve a higher level of operational efficiency within their technology infrastructure. Specifically, the Ledgex Platform streamlines data management practices across all facets of the firm, clarifying its level of liquidity risk and enabling portfolio management, monitoring, reporting, and risk and compliance tasks to be run more effectively.

Of course, funds must also remained focus on compliance. Many liquidity issues have arisen as a result of poor or non-existent stress testing procedures. In light of the financial crisis that plagued 2008 and the newly imposed regulations which resulted from it, firms are now required to develop appropriate stress management procedures and consistently undergo testing. In addition, regulators are now looking for evidence that management has been deeply involved in the development of the stress testing procedures.

Following are some frequently asked questions regarding the challenging issue of liquidity risk management:

liquidity risk management frequently asked questions

For more information, or to speak with a liquidity management expert, contact an Eze Castle Integration representative, or visit the Ledgex Systems website.

contact an eze castle integration representative

Image credits: Google, Sungard

]]>
<![CDATA[Keeping Boston in Our Hearts]]>http://www.eci.com/blog/419-keeping-boston-in-our-hearts.htmlTue, 16 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=419 In the wake of the horrible tragedy that unfolded at yesterday's Boston Marathon, we'd like to express our deepest sympathies to the victims and everyone who was affected. We're keeping the great city of Boston in our hearts and thoughts, and we stand with you during this difficult time.

To honor those who lost their lives, those who were injured and those who are mourning for loved ones, we have compiled the following photo collage depicting just a few of the many instances of heroism, support and unity that were on display in Boston and around the world during and after the attacks.

Stay strong, Boston.

boston marathon thoughts and prayers
]]>
<![CDATA[Webinar Recap: BCP Tips - Are Your Employees Ready for a Disaster?]]>http://www.eci.com/blog/418-webinar-recap-bcp-tips---are-your-employees-ready-for-a-disaster.htmlThu, 11 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=418 Yesterday, we hosted a webinar on business continuity best practices, featuring Eze Castle Integration’s own business continuity experts: Lisa Smith, a Certified Business Continuity Planner and Manager of Business Continuity and Data Privacy, and Katharine Washburn, Business Continuity and Data Privacy Coordinator. The presentation covered everything from developing business continuity best practices to ensuring that a company’s employees are personally prepared. Read on for a quick recap of everything covered during the event.

Business Continuity Planning

Although many companies recognize the importance of crafting an effective business continuity plan, few actually feel that they have prepared one adequately. According to Continuity Compliance, while 70% of businesses have created a robust business continuity and emergency response plan, only 25% have also accounted for human resiliency. Furthermore, a recent survey commissioned by the Ad Council found that only 17% of the 60% of Americans that feel preparation for natural or manmade disasters is essential consider themselves to be very prepared for an emergency situation.

Business Impact Analysis

There are several areas companies should cover when developing a business continuity plan. The first step for putting together your plan is developing the Business Impact Analysis. This is the foundation of the business continuity plan and determines what the firm needs to focus on protecting. An essential component of the firm that needs to be protected is its employees. When looking at employees, consider:

  • How they are going to recover;

  • Where they are going to go; and

  • What resources they will need (applications, data, and what resources they can access at home).

Strategies

The second step is to analyze the strategies used by the company and its employees in order to identify the company’s risks and exposures. The plan must examine potential scenarios and decide the most effective way to react to them.

Communications

The third step is to identify the most effective way to provide information about particular scenarios to employees, internally and externally.

Employee Resources

In order to efficiently deal with a potential emergency incident, specific steps must be taken in order to ensure the safety of each employee. These include:

  • Ensuring employee specific documentation: Information contained in the business continuity plan is contained on Quick Reference Cards, Wallet Cards, or Regional Reference Guides.

  • Mapping out employee locations: It is essential to map out where employees are located in regards to the office, in order to recover most effectively during an emergency incident.

  • Developing manager guides: Develop manager guides in order to validate employee remote connectivity, redirect incoming calls, and secure contact information in case of an emergency.



Testing

One of the most important aspects of developing a successful business continuity plan is undergoing testing (we recommend at least twice per year). Every aspect of the plan needs to be tested, although it is not necessary for them all to be tested at once. Here are some tips to keep in mind when developing the plan:

  • Make the scenario real

  • Test it bi-annually

  • Ensure participation from all business units

  • Test on a slow day

  • Test each component of the plan

  • Document all issues, resolutions, and results

Preparing Your Employees

  • Critical Contacts: Ensure that critical contacts are available outside of the office. These include both critical people and businesses such as members of the household, insurance agents, schools, places of employment for family members, local hotels, and healthcare providers.

  • Build your Emergency Kit: Make sure that employees take care to build emergency kits and know where to access them inside and outside of the office. Suggested resources include a first aid kit, photo ID, cash, aspirin or tylenol, blankets, clothes, water, canned food, maps, battery-powered radio, pocket knife, flashlight, matches, and candles.

  • Considerations: Employees should take care to prepare for an emergecy if time allows, and consider if they have enough of the above resources to be prepared for an emergency. Preparing in advance will also alleviate stress during the incident. Other items to stock up on include gas for the car and fully charged electronic equipment. Employees may also want to consider investing in a Power Dome, which allows electronics to be charged even if there is a lack of power.

  • Recommendations: Employees should make sure that they are aware of where they can receive vital information at the time of an incident. Some of these places include emergency management agencies, local news, local hospitals, emergency radio stations and social media outlets.

To watch the complete replay of our BCP Tips webinar, click here or click the video below.

]]>
<![CDATA[What’s up at VMware? End-User Computing]]>http://www.eci.com/blog/417-whats-up-at-vmware-end-user-computing.htmlTue, 09 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=417 VMware, the original virtualization company, is continuing to evolve as virtualization technology heads towards the commodity department. The company’s newest push is around the concept of End-User Computing.

With its end-user computing products and strategy, VMware is aiming to give IT the tools and means to transform “siloed desktops, applications, and data into centrally managed IT services, delivered to end-users securely, on the device of their choice.” This means allowing IT to centrally set policies, encrypt data, ensure corporate governance is followed and do much more on all devices a user may use.

The products under VMware’s End-User Computing umbrella carry the moniker “Horizon” and include:

  • VMware Horizon View

  • VMware Horizon Mirage

  • VMware Horizon Workspace

  • VMware Horizon Suite

Here’s a quick video to hear VMware’s strategy straight from the proverbial horse’s mouth:



]]>
<![CDATA[BlackBerry Z10 Is Special, So Check With Your Friendly IT Expert]]>http://www.eci.com/blog/416-blackberry-z10-is-special-so-check-with-your-friendly-it-expert.htmlThu, 04 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=416 Mobile phoneIn honor of the mobile phone turning 40 years old this week, today’s post is on the BlackBerry Z10. (BTW: did you know the first mobile phone weighed 2.5 pounds and took 10 hours to charge?!)

Back to the topic at hand. In January, when the BlackBerry Z10 was just officially unveiled, we took a look at the bells and whistles available on the device (Read: BlackBerry’s Reinvention: A look at BlackBerry Z10). And now that the BlackBerry Z10 is available in over 35 countries, by all accounts it is just what the company needs if they have any hope of taking back market share from iPhone and Android makers.

As part of its promotional push, BlackBerry is even letting iPhone and Android users test drive the new operating system by pointing their mobile browsers to BlackBerry.com/glimpse.

Wait One Second!

While people are rushing out to purchase the new device, it is important to understand that the new device is quite different from previous versions, and I don’t mean from a look and feel perspective (well, that too.) The BlackBerry 10 operating system uses ActiveSync (think Android, iPhones and Windows Phones), which means that they cannot be managed from an existing Blackberry Enterprise Server (BES).

This has implications for corporate users and IT departments. Chances are your IT department already has a plan in place to support the new device, but it is important to check before purchasing the BlackBerry 10.

How is it Different?

Let’s get semi-technical here. The BlackBerry Z10 devices need to be managed from a BlackBerry Enterprise Service 10 server, which is an upgrade from BES 5. BlackBerry is allowing customers to trade up their existing licenses for the new BES 10 for free (learn how here).BlackBerry Z10

However, this new software cannot be installed on the same server as an existing BES version. Previous BlackBerry devices (software running 7, 6, 5) cannot be managed directly by BES 10, which means that an additional server may be required if there are users with new and old BlackBerry devices.

Now if your firm has already embraced the bring your own device (BYOD) trend and is using Androids/iPhones/Windows phones with a TMG/NetScaler, there is a good chance the BlackBerry 10 devices can be configured to send and receive email easily. To receive added functionality and security (like that of BES 5) a Blackberry Enterprise Service 10 – Enterprise Mobility Management is needed.

What Now?

Check with IT or your trusty service provider (Eze Castle Integration!) to discuss how you can start using the BlackBerry Z10.

]]>
<![CDATA[SEC’s Social Media Guidance Is Changing, Here's What You Need to Know]]>http://www.eci.com/blog/415-secs-social-media-guidance-is-changing-heres-what-you-need-to-know.htmlTue, 02 Apr 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=415 Historically, financial services firms have not been the most active group in the social media sphere. In a 2011 survey of hedge fund managers conducted by MHP Communications, only 1% of firms were active participants on Twitter, and none of the managers surveyed were active on Facebook. More recently, however, the tides have begun to change. Following Goldman Sachs’ entrance into the Twitterverse in May 2012, investment management firms and their employees have started to increase their social media participation. With this growing trend comes the added layer of social media compliance with industry legislation.

social media compliance for investment firmsThe Legal Perspective of Retaining Social Messages

According to the SEC’s Rule 17a-4(b), registered investment advisers and broker-dealers should archive (think Eze Archiving!) all business communications on social media for a minimum of three years. As the frequency of discovery audits continues to rise, firms should ensure these communications are easily searchable and can be recovered quickly in the event of an SEC inquiry.

Additionally, Section 24(b) of the Investment Company Act of 1940 requires investment firms to file all advertisements or other promotional materials to investors within 10 days of their release. A 2010 update to this regulation issued by FINRA declared that interactive content on social media platforms qualifies as advertising, and therefore falls under Section 24(b). The FINRA update also states that social media content falls under the jurisdiction of Rule 482 which requires firms to file registered investment company performance ads and promotional content.

New Guidance from the SEC

Since these FINRA updates were announced in 2010, little advancement has been made in the regulation of social media correspondence by investment organizations – until about two weeks ago.

SEC Social Media HeadlinesOn March 15th the SEC issued its first “Guidance Update,” which – according to the Commission’s press release – will be the first in a series of upcoming guidances designed to express its views on emerging technologies and issues. The goal is to “increase transparency and enhance compliance with the federal securities laws and regulations.” And then today, the SEC officially stated that social media is okay for company announcements as long as investors have been alerted about which social media will be used to disseminate such information.

This first SEC Guidance Update addresses the requirement of investment firms to archive content that is posted on real-time social media sites such as Facebook and Twitter. The SEC notes that many firms have been extremely thorough in their compliance efforts, and have been filing nearly all of their social media correspondences (well done, fund managers!) regardless of content or context.

The new Guidance Update indicates that investment companies can now relax this practice somewhat, and need not file ALL social media content. Instead, consider the content, context and presentation of the communications in order to determine whether they are within the jurisdiction of the pertinent SEC rules and regulations. For instance, firms do not need to file social media correspondence that is simply a response to a question or sharing of existing content from another source.

According to the legal experts at Bingham, the following types of online communications are examples of those which do not need to be filed according to the most recent guidance:

  • Content which only contains incidental mention of the fund’s name

  • Incidental use of the word “performance”

  • A factual statement including a hyperlink to a fund prospectus or to information already filed in accordance with SEC regulations

  • A factual statement not related to a discussion of the investment merits of a fund which includes a hyperlink to general financial information

  • Responses to another social media user’s inquiry in which “discrete factual information” is conveyed, and/or a hyperlink to sales literature is shared

Key Takeaways

This new SEC update is a sign that regulators are aware of the importance of social media communication in today’s business world. By clarifying the types of content that do and do not need to be filed, they’re paving the way for more real-time interaction between investment organizations and their online communities.

As your firm moves forward with incorporating social media into its business strategy, it’s important to develop a written social media usage policy to outline acceptable and unacceptable use of social media for employees. This is a highly recommended best practice for managing effective social media campaigns, especially given the uptick in discovery audits administered by the SEC.

Additionally, firms should utilize social media archiving tools such as Eze Archiving to ensure compliance with SEC regulations. As Twitter and Facebook become mainstream platforms for communication in the financial services industry, you’ll want to ensure your firm is always putting its best foot forward on all interactive social media sites.

To learn more about social media compliance for investment management firms, be sure to check out these helpful articles:

contact an eze castle integration representative
]]>
<![CDATA[Our 60-Second Answer to Why Go Eze Private Cloud?]]>http://www.eci.com/blog/414-our-60-second-answer-to-why-go-eze-private-cloud.htmlThu, 28 Mar 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=414 Cloud computing is becoming a standard IT deployment method for the investment management industry. In fact, our 2012 survey found that 8 in 10 investment management firms are either currently or planning to use a cloud service. So once a hedge fund or alternative investment firm decides to go cloud the next question is "Why go Eze Private Cloud?"

Well, we have the perfect answer to that, and you can have it in just 60-seconds. Watch our quick video and learn why Eze Private Cloud is the investment industry standard for cloud services.




Learn about Eze Private Cloud

]]>
<![CDATA[Recapping the 2013 London Hedge Fund Cloud Summit]]>http://www.eci.com/blog/413-recapping-the-2013-london-hedge-fund-cloud-summit.htmlTue, 26 Mar 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=413 On 19th March, the Eze Castle Integration team in London hosted their first-ever Hedge Fund Cloud Summit at the Prince Philip House.

Eze Castle Integration along with leading experts in the financial services industry - INDOS Financial Limited, Morgan Stanley Prime Brokerage, Bloomberg, Credit Suisse Prime Services, Lucidus Capital Partners LLP, Portman Square, LLP, eSentire, Global Relay, and Simmons & Simmons - came together to provide a half day educational seminar featuring a wealth of information on the cloud to over 100 hedge fund and alternative investments firms.

Technology has undergone tremendous change in the past five years, and many hedge funds and investment firms have started to look for ways to increase efficiencies while reducing costs.What is Cloud Computing?

The half day conference was spilt into three panel sessions covering the following topics:

Defining the Private and Public Clouds: This panel explored the key differences and advantages in cloud models and solutions, the considerations for migrating to the cloud, selecting the appropriate cloud solution or mix and the deployment expectations and long-term outlook.

The most common choice is moving into a private cloud, such as the Eze Private Cloud. Private clouds are typically better suited for the alternative investment industry which requires a great deal of sophistication, application integration and support.

Application Hosting: This panel explored the front, middle and back office systems, which can now be supported in a cloud environment. But how do you know when the cloud is a good fit for your applications? This panel included experts from companies that taut some of the leading hedge fund applications on the market and examined the pros and cons of hosting your key hedge fund applications in the cloud. The panellists on this panel covered:

  • The business case for moving apps to the cloud

  • What applications are ideally suited for a cloud environment?

  • Evaluating providers and putting SLAs in place

download the hedge fund cloud computing survey reportCloud Security: The last and most talked about topic was cloud security. Security still remains a top concern for firms when evaluating moving into the cloud.

Last year, Eze Castle Integration conducted a survey of 125 financial services firms to learn how hedge funds and investments firms are currently using cloud services, as well as to provide insight into the factors influencing this growing trend and the barriers to adopting the cloud. According to the survey, concerns about security was top followed by concerns about meeting regulatory or compliance requirements.

Find out more about the cloud! Check out the useful resources below:

Cloud Forum - 100% dedicated to the topic of cloud computing for hedge funds and investment firms, the Cloud Forum has a wealth of information available via articles, videos, whitepapers and much more.

Also, be sure to download our 2013 Guide to Cloud Computing in the Hedge Fund Industry. This comprehensive guidebook examines:

  • Why Are Firms Going to the Cloud?

  • Public and Private Clouds: Why Private?

  • What Are the Use Cases for the Cloud?

  • Secure Computing in the Cloud

  • Checklist Questions to Ask Cloud Providers

Guide to Cloud Computing
contact an eze castle integration representative]]>
<![CDATA[Best Practices for Managing Security Risks (Webinar Recap)]]>http://www.eci.com/blog/412-best-practices-for-managing-security-risks-webinar-recap.htmlThu, 21 Mar 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=412 Last week, we hosted a webinar with eSentire on best practices for managing security risks. eSentire is the leading managed security service vendor protecting 25% of the global hedge fund market by AuM. During the webinar, the company's director of marketing, Mark Sangster, and our own vice president of client technology, Steve Schoener, explored topics including the scope of cyber threats, the anatomy of a cyber attack, continuous security monitoring and security policies and procedures for hedge funds to consider. Read on for a full recap of the information covered during the event.

The Current Scope of Cyber Threats

mark sangster esentire headshot

In his March 12th address to congress, Director of National Intelligence James R. Clapper identified cyber attacks as the most immediate threat to global security. Clapper’s remarks emphasize the importance taking measures to prevent cyber attacks today. These intrusions can originate from a variety of sources, including:

  • criminal organizations

  • nation states

  • insiders

  • “hacktivist” groups such as Anonymous

It is widely believed that government support is making hacker groups more powerful than ever. Currently, one of the largest threats to cyber-security originates from a China-based group known as Unit 61389 of the People’s Liberation Army. According to a report produced by Mandiant, an information security company, the group is comprised of up to a thousand members, and has been responsible for stealing hundreds of terabytes of data from 141 companies in 20 industries. Groups similar to Unit 61389 have cropped up in other countries as well.

According to the 2012 Verizon Data Breach Investigations Report, an international study of cyber-security violations:

  • 70% of cyber attacks target large organizations (over 1,000 employees)

  • 50% of intrusions take several months or even years to be recognized by the victim organization

  • 75% of the time it takes several days to steal data from larger companies

So, what should you be aware of to help protect your firm from an intrusion? There are a variety of sources from which cyber attacks can originate, including:

  • Phishing scams: In these scenarios, a member of the organization receives a socially engineered email attempting to steal information. Upon opening the email, the employee allows the malware to infiltrate the network.

  • USB media devices: This is a very common source of attack that has been widely improved over the years. In this case, an infected USB drive is dropped or left unattended in a public space, intending to be picked by a well-meaning employee who will plug it into his or her computer to see who the device belongs to. Once plugged in, the device emits malware into the network.

  • Universal Plug & Play (UPnP): UPnP allows computers and other network-enabled devices to efficiently communicate with one another. Recently, however, these devices have come under harsh criticism due to a variety of security weaknesses such as programming flaws and a lack of required authentication, making the devices easy targets for viral attacks.

  • Malware via Drive-by Download: Drive-by downloads occur when a person downloads an infection, either knowingly or without understanding the consequences. The infection typically takes the form of a computer virus, spyware, malware or crimeware.

The Future of Cyber Security

steve schoener eze castle integration headshot

Increasingly, security threats threatening the investment management industry are low volume, high value (aka targeted) in nature. In these cases, the attacker possesses a great deal of knowledge regarding the value of the victimized company’s assets, and wants to steal this information for his or her own benefit. These attackers will employ intricate plots to gain access to the information. The problem with typical security protection programs such as anti-virus software and firewalls is that they are not preventative, and can only identify threats that have already occurred.The industry has been shifting from the use of managed security service provider (MSSP) to continuous monitoring as a service (CMaaS). The primary components of CMaaS are:

  • Sensor on the Network: Network sensors gather data.

  • Risk-Status Displays: Data is gathered from the sensors and used to develop reports.

  • Security Consulting: Security experts analyze the reports so that they can develop appropriate security measures.

  • Real-time Detection and Mitigation: Security firms such as eSentire have added this step due to the belief that security concerns need to be resolved immediately rather than after they have occurred.

Tips to Protect Your Firm Against Malware and Hacking

eSentire has developed a list of steps hedge funds should follow to protect themselves against security threats. The steps are based off the concept of the cyber kill chain, which states that the earlier a threat is recognized, the better.

  • Perform a vulnerability assessment. It is essential that companies authenticate firewall configuration and anti-virus patching, network device security and evidence of criminal activity. You'll want to know where vulnerabilities exist before implementing additional security measures.

  • Establish privileged access to core data. Companies should only designate access to necessary employees and place private data on password-backed servers.

  • Develop an Acceptable Usage Policy. Firms should ensure that their Acceptable Usage Policy provides guidelines for software downloads, personal mobile devices, cloud-based email and storage services as well as the access and distribution of privileged data.

  • Engage real-time intrusion detection/mitigation solutions. Be sure to track and observe all network actions to be aware of breaches, attacks or the access of sensitive information.

  • Establish legal safeguards. Companies should ensure that they utilize confidentiality, non-disclosure, non-competition and non-solicitation arrangements to protect intellectual property.

  • Know who you're hiring. Employers should screen employees pre-hire and conduct trainings to make all employees aware of appropriate and inappropriate conduct, contractual arrangements and firm policies and procedures.

  • Monitor and log network activity. Restrict electronic transfers, enforce password protection, encrypt computer systems, limit accessibility to core assets, and observe and track all network and email actions.

Policies & Procedures

in case of security breach...Here at Eze Castle, we recommend that all hedge funds employ multiple layers of security to reduce the amount of undesired traffic on the network, and thereby reduce the opportunities for a security breach. This is often called the Principle of Defense in Depth. Examples of defense layers may include having Windows protected by anti-virus software with up-to-date virus definitions and all Internet and DMZ facing hosts protected by OSSEC host-based intrusion detection.

In addition to these layers, we also recommend that investment firms employ the following policies and procedures to ensure their critical systems and data do not fall into the wrong hands.

  • Principle of Least Privilege: This involves restricting access to only those employees who need it. Keep access control lists on all applications and data and inbound/outbound internet access to keep track of who can gain access to what. Also, log the use of audited one-time passwords and minimum privilege shared accounts.

  • Secure User Authentication Protocols: Secure user authentication protocols include:

    • Assigning unique domain user IDs to each employee
    • Implementing strong domain password policies
    • Monitoring data security passwords and ensuring that they are kept in a secure location
    • Limiting access to only active users and active user accounts
  • Information Management Security Policy: Develop a plan that details how the firm will handle a security incident. The plan should outline who is in charge of managing a security incident, the required reporting and investigation procedures, communications policies for contacting clients and the post-incident remediation procedures.

  • Visitor/Contractor Premise Access Policy: It is essential that firms keep track of all people who have visited the site through the use of physical security checkpoints and surveillance.

  • Mobile Device Policy: Develop guidelines for use of personal mobile devices in the workplace, and train staff on mobile device security. Firms should employ security measures such as requiring passwords, having the ability to remotely wipe devices and employing encryption tools.

Having a high level of security in place at your investment firm helps to restore faith in investors who are undoubtedly hearing about cyber attacks regularly in the media. Following industry best practices and implementing the appropriate tools and policies demonstrates that the firm has planned in advance instead of scrambling to handle a security breach after it has occurred. This also ensures that costly disasters are averted and normal business operations can be restored efficiently in the event of a security breach.

replay webinar now

]]>
<![CDATA[Hedge Fund Infographic: You know you're a Private Cloud User if...]]>http://www.eci.com/blog/411-hedge-fund-infographic-you-know-youre-a-private-cloud-user-if.htmlTue, 19 Mar 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=411 Today, we're excited be hosting the 2013 London Hedge Fund Cloud Summit at the Prince Philip House in London. The event features a variety of industry experts participating in thought-provoking panel disccussions focused on the cloud adoption trends shaping the investment industry. Conversations will touch on everything from the differences between public and private clouds to cloud security and application hosting.

In honor of this event and to provide a visual to help encapsulate the many benefits that come from leveraging a private cloud, we have published a new infographic entitled “You Might be a Private Cloud User If…” Check it out to see the top 10 signs that you are likely a private cloud user. Also, be sure to look read the London Hedge Fund Summit event recap HERE!

you know you're a private cloud user if....infographic


Guide to cloud computing












]]>
<![CDATA[What are Investors Thinking...When it Comes to Hedge Fund IT?]]>http://www.eci.com/blog/410-what-are-investors-thinkingwhen-it-comes-to-hedge-fund-it.htmlThu, 14 Mar 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=410 Yesterday our VP of client technology, Steve Schoener, presented on a California Hedge Fund Association webinar about building an institutional infrastructure at today’s hedge funds. A lofty topic (so consider this a basic primer), Steve focused on four key discussion areas, which we’ll recap here. They were:

  • Investor Expectations of IT

  • On-premise & Cloud solutions: Which is right?

  • Security Risks & Best Practices

  • Disaster Recovery How-Tos

You can watch the 30-minute webinar now or keep reading below.



What are Investors Thinking?

Today’s investors grew up with technology and as a result are asking much more detailed questions (here is a handy list). Also, just having an answer is no longer enough. So what is the perfect answer? The reality is that there isn’t one perfect answer that is right for every firm. More than looking for a specific answer, investors want to see that your answer is well thought out and logically addresses your specific fund operations.

Take security, for example. Not every firm needs every layer of security, but you do need to be able to discuss why you made the security decisions you did when it comes to protecting the fund from threats.

Here are the key areas investors are asking about:

  • Annual assessment and audits

  • Access control policies

  • Network security policies

  • Physical security policies

  • Disaster recovery and business continuity plans

Going to the Clouds or Staying Firmly Planted on the Ground?

The question start up hedge funds regularly ask is, “should we go with on premise or in a private cloud?” Increasingly, the answer for new firms is the cloud. And when it comes to public versus private, we see very little adoption of public clouds in the hedge fund space for a number of reasons (service, integration with third-party applications, disaster recovery, etc).

Established hedge funds typically first enter the cloud through hosting of applications including, OMS, Risk and Accounting, or when it is time for a technology refresh. Additionally, we are increasingly seeing that hedge fund teams are small and looking for ways to leverage third-party services, such as the cloud, to streamline operations and outsource non-critical business functions.

A final note on selecting a cloud provider – be sure to have a conversation to understand how you can move your data off a cloud. With a reputable provider, migrating off a cloud should not be an arduous process (here are some handy cloud provider questions).

2013’s Hot Topic – Cyber Security

Security headlinesJust this week the US director of national intelligence, James Clapper, identified cyber security as the top global threat – even more treacherous than terrorism. So what is the anatomy of a cyber attack?

Many of the most successful attacks today are through malware that is delivered via email, drive-by or USB to an unsuspecting user. In the case of email malware, a user typically receives a message with a link to something that appears legitimate, such as an ADP paycheck. Clicking the link then infects the computer.

A high number of viruses are looking to take information. They want to get at financial information and other information they can sell. Basic security components that every hedge fund should already have in place include:

  • Anti-virus protection

  • Network firewall

  • Web filtering

  • Strong password policy

Thinking about securityWhen it comes to passwords it is important to note that changing passwords is essential. The longer a password is out there the more damage can occur. Some hackers may just watch your email to gather information and get ahead of you in trades, for example.

More advanced security components firms should consider are:

  • Intrusion detection

  • Advanced Password Policy

  • Multi-factor authentication

  • Policies & Procedures for Security Management

Four Steps to Disaster Recovery and Business Continuity Planning

There are many steps to creating a DR and BCP, however, here are four considerations to help frame your planning.

1. Identify critical systems

2. Identify design requirements

  • Look at all your systems and determine how old the data can be in the event of a disaster – this is your Recover Point Objective. When does a system need to be up and running? – this is your Recovery Time Objective.

3. Choose your DR method

  • This is a discussion of on-premise versus a cloud solution. With Cloud DR, the responsibility to manage everything is removed from the hedge fund. There can be trade-offs. For example, if your trades are based on proprietary algorithms you may prefer to own the physical servers. Also, if you have in-house IT, they may prefer to manage in-house.

4. Choose a data center location/facility

  • Investors are going to want to know about access controls and security at the data center.

  • Half the data centers in NY lost power during Sandy. Not all of them were able to get fuel. All Eze Castle Integration data centers stayed up because we conduct extensive due diligence on all our data centers before selecting one. Be sure to do thorough due diligence on your service providers.

Want to discuss technology further? Contact us or subscribe to our Hedge IT blog.

]]>
<![CDATA[Hackers are Watching: New security threats facing investment firms]]>http://www.eci.com/blog/409-hackers-are-watching-new-security-threats-facing-investment-firms.htmlTue, 12 Mar 2013 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=409 As you’re probably aware, the topic of cybersecurity has been splashed prominently across headlines lately. Earlier today, the US director of national intelligence, James Clapper, identified cybersecurity as the top global threat – even more treacherous than terrorism.

Security HeadlinesIn his testimony before the Senate Intelligence Committee, Clapper cited several attacks on banking websites where sensitive customer data was compromised, as well as a security breach at an oil company that resulted in the destruction of 30,000 computers. If hackers are capable of such large-scale, damaging attacks, could investment management firms be at risk? What should you be doing to better protect your firm’s critical systems and data?

The truth is both large, well-established hedge funds and smaller startups are equally at risk of intrusion. Hackers may target large firms because they see an opportunity to profit from their substantial asset pools. Additionally, they might be after the notoriety associated with successfully hacking a well-known fund’s critical systems, especially in cases that will likely garner media attention. For smaller funds, hackers are likely after intellectual property, namely business plans, market forecasts and investment strategies.

What new threats are out there and how can firms better protect themselves from a cybersecurity breach?

Hackers are always seeking new ways to gain access to protected systems and accomplish their goals. Antivirus and anti-malware developers are likewise on the hunt for ways to protect these systems and data from new intrusion methods. To increase protection, investment firms should employ a “defense in depth” strategy. This includes maintaining up-to-date antivirus and anti-malware software as well as network firewalls, deep inspection proxy and IDS/IPS to reduce the amount of traffic on the network. (Checkout: Malware Definitions & Security Tips.)

Unfortunately, even a network that’s equipped with the most recent O/S and fully upgraded applications with robust anti-malware tools in place can still be vulnerable to a cyber attack. This is because, in the ongoing Hackers v/s Anti-malware Developers Arms Race, hackers maintain the upper hand. They simply familiarize themselves with the most widely used antivirus tools, exploit software vulnerabilities that have not yet been acknowledged by the vendors and outsmart endpoint protection programs.

Chinese moneyThe Good News? It has historically been that the anti-malware developers have deeper pockets than hacker groups. However, it appears that this is beginning to change. One troubling new trend that has emerged recently is state-sponsored hacking. According to a recent New York Times report, the Chinese government has been accused of fostering the efforts of hackers targeting organizations in the US and around the world to gain access to sensitive information. Similar stories have begun to surface from Russia and other nations as well. With sponsorship from national governments or other large resource pools, hackers are going to get more sophisticated and more difficult to detect.

So, what should you do to protect your fund? First, be sure to have all of the defense layers in place that we mentioned earlier, such as antivirus and antimalware tools and firewalls. You may also want to consider a more robust, comprehensive intrusion detection systems such as the one provided by our friends at eSentire, which can mitigate a potential threat before irreparable damage is done.

Once these tools are in place, fund managers should educate their employees on potential security risks and train them on best practices for mitigating those threats. Policies should be in place around:

  • Access Control

  • Acceptable Use

  • Information Security Incident Management

  • Personal Communications/Mobile Device Management

Often times, staff members don’t realize the extent of the risk to the organization if a cybersecurity attack occurs or sensitive company data is compromised. Employees who understand security threats and how to thwart them will serve as your fund’s best asset for keeping systems and information secure. Read more about Security Policies in this article.

Hedge Fund Security Guidebook]]>
<![CDATA[Is the Asia Hedge Fund Market Going Cloud? A Q&A with Serge Bukhar]]>http://www.eci.com/blog/408-is-the-asia-hedge-fund-market-going-cloud-a-qa-with-serge-bukhar.htmlThu, 07 Mar 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=408 Last year, Eze Castle Integration expanded their award winning Eze Private Cloud services to Asia. The Eze Private Cloud is used by more than 2,000 hedge fund professionals worldwide to simplify operations, minimise upfront capital costs and gain a highly resilient, enterprise-grade IT infrastructure on par with billion-dollar funds.

I recently sat down with Serge Bukhar, Executive Director of International Operations at Eze Castle Integration, to talk about the hedge fund market in Asia, and the attitude and adoption of cloud computing.Serge Bukhar

What is the current state of the hedge fund industry in Asia?

Singapore and Hong Kong are the hedge fund capitals in Asia. We have seen a contrast between the status of large and small hedge funds in Asia. Many larger funds are struggling, with some shutting down, while smaller funds are increasingly doing well and delivering positive results to their investors. Both groups, however, are looking for ways to increase efficiencies and reduce costs.

Has Asia adopted the cloud?

There is a tremendous opportunity for private cloud services in Asia, however, cloud adoption in the region has yet to reach its full potential. The regulatory landscape in the UK and US, and the varying market maturity levels have fragmented the adoption of cloud computing. Many hedge funds and the alternative investment industry are still taking a measured approach to cloud computing, as the industry awaits further clarity on cloud computing regulations and better articulation of business benefits by IT vendors.

What are the barriers to cloud adoption?

Asia is a tough market to tap into, especially with increasing regulations both in the UK and US. The Alternative Investment Fund Directive (AIFMD), for example, can be one of the reasons why it could be difficult for many hedge fund managers to attract investor capital. Many managers in Asia are less inclined than their US or UK peers to make significant capital expenditures in technology on day one. Data privacy and lack of knowledge and understanding of the cloud are some of the obstacles preventing firms from benefiting from this technology.

The attitudes in Asia towards cloud computing are similar to those we had seen in the UK a few years back when cloud computing was the buzz word, but no-one really knew what the cloud was and the benefits it could bring.

What is the future for cloud computing in Asia?

There is a future for hedge funds and investment firms to adopt cloud computing in Asia. Asia offers the tallest buildings, which do not have air conditioning 24/7, so it is very difficult for firms to build out their own communications rooms on premise, and the cost of real estate, especially in Hong Kong is expensive, so the alternative for hedge fund managers is to host their infrastructure with a trusted private cloud service provider.

The cloud provides many benefits such as:

  • To increase the speed of technology deployment

  • To simplify IT management and support

  • To improve IT flexibility and scalability of on-demand resources

  • To take advantage of built-in disaster recovery and business continuity features and functionality

View our market survey on hedge funds and investment firms’ adopting the cloud. The 18-page report includes details on:

  • Current & Future Adoption of Cloud Services

  • Investment Firms' First Cloud Initiatives

  • Cloud Deployment Models (Public vs. Private vs. Hybrid)

  • Factors Influencing the Decision to Use the Cloud

  • Barriers to Cloud Adoption

  • Evaluation of Cloud Services Providers












contact an eze castle representative

]]>
<![CDATA[AIFMD’s Impact on US Hedge Funds: An Expert's View]]>http://www.eci.com/blog/407-aifmds-impact-on-us-hedge-funds-an-experts-view.htmlTue, 05 Mar 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=407 Last week, we hosted a webinar covering AIFMD’s impact on US based hedge funds. The event featured Bill Prew, Founder of INDOS Financial Limited, and provided a high level overview of the changes that AIFMD will potentially bring to the alternative investment industry. Prew specifically focused on how US based managers will be impacted by this legislation. Read on for a summary of the main topics covered during the event, including an overview of AIFMD and the considerations and upcoming changes for US managers.

About the Expert
Bill Prew is the founder of INDOS Financial Limited. Before founding INDOS, he was the chief operating officer at James Caird Asset Management, a hedge fund with offices in London and New York. He has also served in various senior roles at Barclays Global Investors and PricewaterhouseCoopers. Following a summary of the information presented by Mr. Prew during our recent webinar.

Overview of AIFMD
Beginning on July 22nd, 2013, The Alternative Investment Fund Directive, also known as AIFMD, will go into full effect throughout all 27 EU member states. AIFMD is an EU regulation of alternative investment fund managers and alternative investment fund (AIF) such as hedge funds and private equity funds that are either managed or based within the EU or marketed to EU investors. The directive places them under the jurisdiction of an EU regulatory agency. With some exceptions noted below it will be challenging for any fund to fall outside the scope of AIFMD and not be considered an AIF, regardless of their legal form. The directive encompasses many key tenets, described below:

  • An AIF is broadly defined as any non UCITS vehicle that raises capital from a variety of investors. The majority of hedge funds, fund of hedge funds, private equity funds, real estate funds, infrastructure funds, and commodity funds will be considered AIFs.

  • There will be exemptions for certain funds, such as single investor funds or managed accounts (both subject to certain conditions), as well as family offices.

  • The majority of Cayman Island hedge funds, whether master or feeder or in corporate or limited partnership form will be designated as AIF. This is important to consider because several US managers manage Cayman funds in order to target their marketing efforts towards European investors.

  • Each AIF must be assigned an individual alternative investment fund manager (AIFM). An AIFM is considered any business that delivers portfolio management and risk management services to one or more AIFs. The designation stands regardless of where the business is located.

  • AIFMs do not have to be EU managers to be considered AIFMs. If a US manager is providing an AIF with portfolio management services or risk management services, they will be considered a non-EU AIFM. Every AIF must possess a single AIFM.

  • US based firms that are only engaging in US business will be designated as non-EU AIFMs under the AIFMD.

  • It is essential that US entities with EU affiliates examine which entity will be considered the AIFM, due to the fact that the regulations governing EU AIFMs are significantly more burdensome.

  • The decision regarding which entity will be considered the AIFM should largely be founded on the degree to which investment management functions (defined by the directive as being portfolio management and risk management) are performed in either the US or by an EU affiliate.

  • US firms managing an EU-based AIF or marketing a non-EU based AIF to EU investors will be caught by AIFMD.

Which US Managers are within Scope?
AIFMD US Impact WebinarThe level to which US managers are impacted depends on whether they manage EU AIFs or market non-EU AIFs to European investors. If US managers are not marketing their funds to EU investors, then they should fall outside the scope of AIFMD and will not be impacted by the regulations. When determining whether your firm and funds are within scope, keep the following in mind:

  • According to the AIFMD, marketing is defined as a “direct or indirect offering or placement at the initiative of the AIFM, or by another firm acting on behalf of the AIFM.

  • Another key area to look out for is passive marketing, also known as reverse solicitation. In this case, investors contact the manager directly to express interest in the AIF. Reverse solicitation is considered outside of the scope of AIFMD. Managers who engage in this type of marketing should have clear practices and controls in place to ensure their efforts are not viewed as active marketing.

  • US managers not marketing their non-EU or EU funds to EU investors should not be subject to the AIFMD regulations even if EU investors occupy the funds.

  • EU countries employ different laws governing direct marketing to professional investors through national private placement regimes (NPPR). This will be the only route to actively market to EU investors, at least until 2015. Also, in many European countries private placement is not allowed, so it’s essential that managers are familiar with the rules of the particular EU country in which they intend to market.

What Will Change?
With the onset of AIFMD, managers can anticipate a variety of changes that will characterize the alternative investment industry. Beginning on July 22nd, 2013, US managers marketing an EU AIF or a non-EU AIF in an EU state under NPPR must satisfy certain transparency and reporting requirements. These include:

  • Making disclosures to their investors pre investment;

  • Publishing an annual report for the pertinent AIF and;

  • Reporting to national regulators in the countries that AIF is being marketed into.


The Future

  • From July 2015, there is a possibility that EU managers will be able to access the pan-European marketing passport subject to becoming authorized under the AIFMD and complying with the full requirements of the directive.

  • From 2015 onwards, non-EU AIFMs managing EU AIFs may also be required by the AIFMD to become authorized. In this case, they would also be able to access the EU marketing passport.

  • From July 2018 onwards, there is the potential that the existing NPPR may cease altogether. In this case, managers with the desire to market an AIF within the EU would need to be authorized under AIFMD in order to access the EU marketing passport.

The AIFMD is a complex regulation and US managers should consult their professional advisors for further specific advice as to how it will impact their business.

For more on hedge fund regulations and AIFMD, check out these articles:

Subscribe to Hedge IT



]]>
<![CDATA[We've Reached 300 Posts! It's time for the Hedge IT Blog Awards!]]>http://www.eci.com/blog/406-weve-reached-300-posts-its-time-for-the-hedge-it-blog-awards.htmlThu, 28 Feb 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=406 It's hard to believe it, but we have officially reached the 300th post here on the Hedge IT blog!

To commemorate this special occasion, we're bringing back the Hedge IT blog awards honoring the best articles, topics and trends from the past year as a way of saying "thanks" to all of our loyal readers. We look forward to continuing this tradition of sharing valuable, thought provoking content with you again this year. Here's to the next 100 posts!

Enjoy! (And be sure to click into the presentation to experince our winners.)


subscribe to the Hedge IT blog

]]>
<![CDATA[Sneak Peek: Hedge Fund Manager's Guide to IT Security]]>http://www.eci.com/blog/405-sneak-peek-hedge-fund-managers-guide-to-it-security.htmlTue, 26 Feb 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=405 Today we released our Best Practices for Managing IT Security Risks: A Hedge Fund Manager’s Guide, which we developed with eSentire. Following is a sneak peek of the guidance included in the 10-page guidebook. Assuming we have whet your appetite, you can download the entire guidebook here or attend our upcoming webinar on the topic (register here).

Managing Security Threats Facing Hedge Funds

Most successful cybersecurity attacks in today’s environment occur via three different methods: malware via email, malware via a website download (drive-by download or man-in-the-middle) and transfer via USB. In most cases, an employee will download an unsuspecting virus or open an unsuspecting email, triggering a malware attack that could open the door for further intrusion. Alternatively, a trend becoming more common is the threat of employees transferring information onto USB drives (whether knowingly or unknowingly), resulting in an internal security breach. Externally –and regardless of the intrusion method – attacks typically follow a similar path from start to finish. Global security firm Lockheed Martin has identified steps to what they call the “cyber kill chain.”

  • Reconnaissance: Collecting information and learning about the internal structure of the host organization

  • Weaponization: How the attacker packages the threat for delivery

  • Delivery: The actual delivery of the threat (via email, web, USB, etc.)

  • Exploitation: Once the host is compromised, the attacker can take advantage and conduct further attacks

  • Installation: Installing the actual malware, for example

  • Command & Control: Setting up controls so the attacker can have future access to the host’s network

  • Actions or Objections: The attacker meets his/her goal (e.g. stealing information, gaining elevated privileges or damaging the host completely)

While these steps may seem well thought-out and can be easily executed by an attacker, the benefit to understanding the cyber kill chain is that it gives the host a chance to counteract. The sooner into the cyber kill chain the host can identify the threat, the better chance it has of thwarting it. And there are several options for thwarting attacks, depending on the stage in which the attack is identified.

Mitigation activities on the host’s part can include: detection, denial, disruption, degradation, deception and destruction. Creating a course of action based on various scenarios and a firm’s current abilities to thwart attacks can gauge effectiveness against such intrusions and provide areas for improvement in a firm’s defense strategy. As part of an overall strategy, firms should also look to implement the following simple best practices to help prevent costly attacks:

  • Enforce strong passwords and (at least) two-factor authentication

  • Remove local administrative privileges when possible

  • Keep patches up-to-date for Microsoft, Adobe, Java Runtime and browsers (the most common threats originate here)

  • Restrict executable downloads and installations

In addition to implementing technical measures to protect their infrastructures, firms must also employ operational policies and procedures to document incidents and provide transparency to investors and auditors.

Mobile Device Security: Navigating the BYOD Trend

By allowing employees to supply their own devices, an organization inherently loses control over the hardware, how it is used and must ask the question how the company can be affected. Governing the fine line between personal and professional use on the same device can be challenging. But without clearly defined policies in place companies are making themselves vulnerable to a number of security risks.

For instance, 48% of respondents in a recent InformationWeek survey indicated that employees within their organizations had their mobile devices lost or stolen in the past year, with 12% of those cases requiring public disclosure, causing inevitable harm to the business. If proper security measures are not in place, the information contained on that device could become accessible to unauthorized parties and the company's reputation may suffer irreparable damage.

Additionally, there are many security risks involved in using one’s personal device for business purposes that most users may not even be aware of. Many popular smartphone apps, such as public file transfer services, could allow sensitive information to be easily intercepted. Other common activities that could result in leakage of sensitive data include using personal devices to automatically forward work emails to public webmail services and using smartphones to create open Wi-Fi hotspots. Both of these practices make a company’s data extremely vulnerable to hackers.

But there are steps you can take to protect your firm from BYOD security threats – we outline these in our Best Practices for Managing IT Security Risks Guide.

Additional topics covered in the Guide include:

  • Working with Service Providers

  • Hedge Fund Cloud Security Checklist (See how Eze Castle Integration fared on this test HERE)

  • Looking Ahead

Hedge Fund Security Guidebook

]]>
<![CDATA[Be our Social Media Valentine…for a Good Cause!]]>http://www.eci.com/blog/402-be-our-social-media-valentinefor-a-good-cause.htmlThu, 14 Feb 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=402 Today, as you know, is Valentine’s Day. So, for the third consecutive year, we’re taking this opportunity to spread the love.

This year, we’re dedicating our efforts to support School on Wheels, an organization focused on increasing the educational opportunities available to the more than 1.6 million homeless children in the United States. The group’s mission is based on these three fundamental premises:

  • Every child deserves the right to a quality education.

  • Education is the key to unlocking a brighter future and breaking the cycle of homelessness.

  • Community support is vital in helping achieve the goal of providing academic stability and hope for all children who have no permanent home.

School on Wheels achieves these goals through a variety of programs, most notably its volunteer tutor program, which trains and matches tutors to homeless students in the community. Tutors are trained and paired with one student in order to ensure a sense of stability, and assist students with not only school related projects but also confidence building exercises. Volunteers also work with the students to help them stay on track in school and reach their educational goals, which include attending college. Through its High School Plus Program, School on Wheels of MA has already helped 15 homeless students reach college.

To support this worthy organization, Eze Castle is hosting a social media fundraiser during which we pledge to donate $1.00 to School on Wheels (up to $1,000) for every new “like” we receive on our Facebook page and every new Twitter follower obtained between February 14, 2013 and March 14, 2013.

Please take a moment and “like” us on Facebook or follow us on Twitter to help us support this amazing cause. In addition to the good karma you’ll earn, you’ll also have the added benefit of enjoying innovative hedge fund technology insights and news directly on your Facebook and Twitter feeds!

2013 Facebook Twitter charity promotion image

]]>
<![CDATA[Hedge Fund Industry Outlook: What can you expect in 2013?]]>http://www.eci.com/blog/399-hedge-fund-industry-outlook-what-can-you-expect-in-2013.htmlTue, 05 Feb 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=399

Last week, we hosted a webinar on the Hedge Fund Industry Outlook for 2013 with speakers Deborah Prutzman, CEO of the Regulatory Fundamentals Group, and Mary Beth Hamilton of Eze Castle Integration. Following is a recap of the key topics discussed around operational due diligence, regulations and technology trends.

Insights from Deborah Prutzman, Regulatory Fundamentals Group

2012 was a year marked with significant regulatory changes in the world of investment management. So far, we’re expecting to see more of the same in 2013. This time, the direction and manner of change will likely be more predictable. Some important themes we expect will permeate throughout the year include:

  • A need for trust

  • A focus on governance

  • Pensions searching for yield

  • Central counterparty risks

  • An arms race between regulators

  • A need to focus on supervisory processes around marketing

External Factors Driving Change in 2013
As always, investors are hungry for yield, but they are smarter now thanks to lessons learned in the post-Madoff era. This year, the “typical” investor that invests in alternatives is changing. We expect the importance of institutional investors to increase, while pension funds and endowments start to seek greater allocations.

So, what does this mean? First and foremost, we’ll see an increased focus on operational due diligence amongst hedge funds. Additionally, this will raise the stakes for asset managers. If word gets out to the media that a high net worth individual lost money in a questionable investment scenario, the media and the public will not see this favorably. But, if a teachers union or group of nurses loses pension funds, there will likely be far greater backlash.

Major Changes to Look For
2013 is likely going to be the year of regulatory enforcement in the alternatives industry. We’re seeing that the regulatory bodies that govern this space are especially invigorated right now. The SEC has a new Asset Management Unit in place, and is changing its approach to focus more on conflicts, human motivation and deep knowledge of the industry. We expect much of the same at the CFTC as well. Other US regulators, such as the FERC (Federal Energy Regulatory Committee) and state governance groups will start to play a more influential role this year as well.

Another change to look for is the tendency for regulators to focus on the personal liability of firms’ senior management. The media is applying pressure to the industry to hold these executives accountable for the inner workings of their funds, and popular belief is they should be taking a more supervisory role going forward.

In 2012, we began to see increased litigation coming from the investor base and we believe this will continue to grow, especially as the “whistleblower” phenomenon gains momentum. Last year, the SEC received 3,000 tips from whistleblowers (about 8 per day) – a number that is expected to increase in 2013.

What Adjustments Should You Make?
Develop an enterprise-wide understanding of needs as they pertain to the firm’s strategy, governance, operations and technology. Requirements should be innately built into the firm, using clear governance and strong policies. As a best practice, we recommend the following framework for governance:

  1. Perform a comprehensive risk assessment.

  2. Implement a process for initiating business changes and new activities.

  3. Implement a process for monitoring for external environmental changes (such as taxes, laws, best practices, etc.)

  4. Ensure your staff has a clear understanding of expectations.

This will result in a more mature, agile fund that is in a better position to navigate the tough competitive environment and upcoming regulatory changes.

Insights from Mary Beth Hamilton, VP of Marketing, Eze Castle Integration

DR & BCP In the Spotlight
Recent events have tested the preparedness of firms across the United States and internationally. From the London Olympics and summer power failures to Hurricane Sandy and the recent flu season concerns, the need for well thought out DR and BCP is pretty clear.

It is important to note that each of the scenarios above impact a business in different ways and, highlight the importance of conducting thorough risk analysis and scenario planning when developing a disaster recovery and business continuity plan. It is important to think through the different types of scenarios that can impact your firm.

Movement to the Cloud
Adoption of cloud services by hedge funds and alternative investment firms continues to increase at a rapid rate. Eze Castle estimates that 40% of our clients are using some sort of cloud service. A 2012 independent cloud market survey found that nearly 8 in 10 hedge funds & investment management firms are using the cloud for at least some of their IT infrastructure or application needs.

  • The key reasons firms are moving to the cloud are:

  • To reduce IT infrastructure investment/costs (transfer from CapEx to OpEx)

  • To increase the speed of technology deployment

  • To simplify IT management and support

  • To improve IT flexibility and scalability of on-demand resources

  • To take advantage of built-in disaster recovery and business continuity features and functionality

Navigating the BYOD Trend
Today, the acronym BYOD is becoming common place amongst professionals responsible for overseeing a firm’s IT functions. After resisting it for years, firms are starting to recognize that by allowing employees to bring their own devices they can experience potential cost savings, productivity increases and make some employees a little bit happier.

A survey by Good Technology found that 90% of financial organizations support the use of personal mobile devices at work. It also found that the most popular model for BYOD at financial institutions is for employees to purchase and pay for their own device with the company offering support in the form of access to corporate systems. The next-most popular is a model where the enterprise reimburses users for "eligible expenses" up to a point

The prevalence of employees bringing their own devices also has implications on corporate security and policies. Hedge funds need to be thoughtful about their policies and ensure employees are knowledgeable about responsible practices.

More Resources
Here are some additional sources of (free!) information to help you stay up-to-date on the latest in hedge fund regulations:

To hear the complete presentation, be sure to view the webinar, Hedge Fund Industry Outlook: Trending Topics for 2013 (below)!

]]>
<![CDATA[BlackBerry's Reinvention: A Look at the BlackBerry Z10]]>http://www.eci.com/blog/398-blackberrys-reinvention-a-look-at-the-blackberry-z10.htmlThu, 31 Jan 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=398 BlackBerry has finally unveiled the long awaited BlackBerry Z10 in hopes that this will bring them level with Android and Apple who have taken a large chunk of the market share.

With the new Z10, BlackBerry has moved away from their traditional screen and keyboard approach to a total touch screen experience. The new device is bigger and thicker at 130mm x 65.6mm x 9mm than an iPhone but has almost everything diehard BlackBerry fans have been waiting for: a sleek, modern, and professional touch-screen with an up-to-date OS to match and 4G LTE support. But what else is new? Here at Eze Castle we have done our research and bring you all the information you need.

Interface

BlackBerry has merged home-screens, widgets, app lists and a unified inbox into one slick interface, offering up an easy-to-navigate user experience. The main home-screen comprises of 'Active Frames' (mini-applications), which gives you an overview of information from a particular app and launch the full version when tapped. Users can select up to eight of these active frames, which arrange themselves in order of most recently used, with the latest app appearing in the top left position.

BlackBerry Hub, Flow and Peek

The new operating system features a string of new additions to the BlackBerry to equip it to compete with modern smartphones. The new system will have features called the BlackBerry Hub, Flow, and Peek, which make it easier for users to move between apps, emails and social media platforms.

BlackBerryKeyboard

The BlackBerry Z10 has a touch screen keyboard, which includes a ‘gesture typing’ feature that allows users to ping predicated words into their messages. The new touchscreen keyboard aims to provides an effortless typing experience. It learns your writing style and suggests words to help you type faster, more accurately and with the least amount of effort.

BlackBerry Messenger (BBM)

The popular BlackBerry Messenger app has also been updated to include a video facility allowing users to chat face-to-face as well as a picture editing feature. This new picture editing feature allows the user to pinpoint and adjust elements of their picture to get the photo they want.

Camera

The new ‘Time Shift’ feature captures milliseconds before and after your photo—so you can scroll back on the dial to open and create the perfect picture. For example; open one friend’s eyes and then forward to catch your other friend smiling, before combining it all to create that picture perfect moment.

Applications

More than 70,000 apps will be available to download, including Skype, Kindle, WhatsApp and Angry Birds, however, this is still a far cry from the iPhone's nearly 750,000 apps.

Pre-loaded Apps: BlackBerry Hub, Contacts, Browser, Calendar, BBM, Text Messages, BlackBerry World, BlackBerry Remember, Docs To Go, Pictures, Music, Videos, Story Maker, Facebook, Twitter, LinkedIn, Foursquare, BlackBerry Maps, Games, YouTube , BlackBerry Newsstand, Voice Control, Weather, Clock, Calculator, Compass, File Manager, Box, BlackBerry Connect for Dropbox, Print To Go, Smart Tags, Settings, Adobe® Reader, Phone, Camera/Video Camera/Time Shift, Setup, Help, SIM Toolkit and Search.

Our Assessment?

Overall the BlackBerry Z10 delivers the must have features that will allow it to compete with the iPhone, however, many are wondering if it is too little to late to effectively capture market share from its strong competitors. We'll just have to wait and see user reactions. It is now available for sale in the UK, however, US users will have to wait unti March 2013 to give it a test spin.

Check out a Product Demo HERE and decide for yourself.

Subscribe to the Hedge IT Blog to stay up-to-date with the latest trends in technology.

Contact an Eze Castle representative

Photo credit: http://uk.blackberry.com/


]]>
<![CDATA[A Snapshot of Financial Regulation in 2013]]>http://www.eci.com/blog/396-a-snapshot-of-financial-regulation-in-2013.htmlThu, 24 Jan 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=396 As 2013 begins, managers of hedge funds and other financial services firms should be aware of upcoming changes within the regulatory environment. Investment firms in the US can expect to be impacted by stricter controls, laws and more detailed investigations imposed by the SEC and other governing agencies. Here’s a high level overview of some of the most important regulations to keep your eye on this year:

The JOBS Act
JOBS ActThe Jumpstart Our Business Startups Act, also known as the JOBS Act, was signed into law by President Obama on April 5th, 2012. It’s intended to assist eligible companies in seeking initial public offerings by simplifying the procedure for going public. This legislation eases federal regulations and allows for crowd funding – enabling individuals to become investors. As a result of the JOBS Act, small business startups will be able to collect money from private individuals without making an IPO.

There are many predictions regarding how the JOBS Act will impact hedge funds. Some believe it will likely result in a wider investor base and higher net inflows to the industry. The act will also affect the ways in which firms market themselves in the coming years by encouraging funds to make more detailed information accessible to their investors. In theory, this should make it much easier for investors to compare managers on a number of criteria.

There are conflicting opinions as to whether the JOBS Act will actually increase the number of companies seeking IPOs. One point of contention is the newly permitted confidential filing process, which allows new companies to privately submit draft registration statements to the SEC. Arguments focus on whether the confidential filing process will, in fact, result in a lack of transparency for investors when advising clients.

Although the JOBS Act was signed into law in April, some tenants of the bill have yet to go into effect, including the lift of the solicitation ban that prohibits hedge funds from advertising to potential individual investors. The ban was intended to be lifted in August, but the rule was not finalized because the SEC missed the July 4 deadline, in part due to former SEC Chairwoman Mary Schapiro’s departure and alleged opposition to lifting the ban. While there is no clear date set for when the JOBS Act will take full effect, there is discussion that more investor protections need to be added.

SEC’s Asset Management Unit Directives
In 2013, hedge funds can also expect continued vigilance by the SEC through several initiatives imposed by the Asset Management Unit (AMU) of its Division of Enforcement. The AMU is tasked specifically with preventing fraud in the hedge fund industry. The hedge fund managers and private equity analysts who comprise this unit help provide a more transparent overview of the inner workings of these firms, and aid in developing policies, investigations, exams and trainings. Although in the past, hedge funds and private equity firms were lightly regulated by the SEC, in 2013 managers can expect to see a much stronger SEC presence and a higher level of regulation within their firms. Additionally, expect a higher level of in-person investigations focused on specific workings of the firm. The AMU’s new focus will center on investor/client relationships and aim to prevent hedge fund managers from giving out any recommendations to potential clients that are not well intentioned.

The Dodd-Frank Act
In 2013, hedge fund managers can expect to see the SEC advance with the rulemaking required by the Dodd-Frank Act. Although the Dodd-Frank Act has been passed for some time, there are aspects of this legislation that will be taking effect this year. For instance, there will be a much higher level of onsite risk-based presence exams, during which SEC staff will investigate high risk areas of the fund. The SEC’s continued emphasis on hedge fund regulations requires that a high level of detail and focus is placed on risk and compliance initiatives within these firms.

Some of the Dodd-Frank updates that will be occurring this year include finalizing the Volcker Rule, which bans proprietary trading by banks (expected in early 2013) as well as the development of a new regulation that will allow for greater supervision of foreign banks’ US operations. The rule will require foreign banks with substantial US operations to uphold stronger capital and liquidity positions in the US as well as create an intermediary holding company over its US subsidiaries. In 2013, the Consumer Financial Protection Bureau (CFPB) will also examine crucial issues surrounding fair lending. Reports indicate that the CFPB is developing new rules in order to reinforce regulation surrounding fair lending practices. These rules are connected to the Truth in Lending Act, Equal Credit Opportunity Act and Home Mortgage Disclosure Act.

Hedge fund regulations knowledge centerFor more information, be sure to check out our collection of complimentary resources on helping your firm navigate the complex regulatory environment, or contact an Eze Castle Integration representative.

]]>
<![CDATA[Eze App Cloud Debuts, Delivers ONE Cloud Platform]]>http://www.eci.com/blog/395-eze-app-cloud-debuts-delivers-one-cloud-platform.htmlTue, 22 Jan 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=395 Eze App Cloud for Hedge FundsHave we mentioned we dig the cloud? Well we do and we are happy to introduce you to the newest addition to our cloud family – Eze App Cloud.

Weighing in at 60+ applications, Eze App Cloud comes to us from the Eze Private Cloud and is tailor made for application vendors servicing hedge fund and investment management firms.

The App Cloud has been a long time in the making and aims to address many challenges, including the need for a central, consolidated cloud platform to run all hedge fund applications and IT services. With adoption of cloud services growing, there are many disparate cloud platforms with varying degrees of quality and customization. We are increasingly seeing clients challenged to integrate applications (i.e. OMS, Risk, CRM) all running on different cloud platforms and networks. The cloud is supposed to simplify operations, not make them more difficult.

Eze App Cloud is prepared (and designed) to be the ONE cloud platform for everything a hedge fund needs.

Application Providers: Here's what the Eze App Cloud has for you.

Combine your proven software with our premier cloud infrastructure to give clients a complete, cost-effective package that speeds time to value. A few benefits of using our Eze App Cloud are:

  • Meet the market’s growing preference for cloud

  • Use our Private Network which serves as the communications gateway to more than 400 buy-side firms and offers direct connectivity to key trading counterparties

  • Breakdown international deployment barriers – the Eze Private Cloud spans three continents

Client (i.e. the VIPs) Benefits

  • Gain cost-effective access to an enterprise-grade infrastructure that is highly available and professionally managed and monitored

  • Focus on business priorities and core competencies rather than application and IT management

  • Transfer technology costs from capital expenditures to operating expenses, and eliminate the need to purchase, maintain and refresh equipment

Watch & Learn: Eze Private Cloud Overview



contact an eze castle representative
]]>
<![CDATA[It's Flu Season: 10 Tips to Keep Your Hedge Fund Safe (Video)]]>http://www.eci.com/blog/394-its-flu-season-10-tips-to-keep-your-hedge-fund-safe-video.htmlThu, 17 Jan 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=394 The Center for Disease Control (CDC) has reported high activity levels of Flu cases in 24 states including New York, Massachusetts, New Jersey, Illinois, Minnesota and Pennsylvania. The illness is spreading at a much more rapid rate this year than in previous winters. To date, over 750 cases of the Flu have been reported in Boston. New York state has reported 20,000 cases of the Flu thus far this season. By comparison, only 4,400 cases of the Flu were reported in New York state for the entirety of the 2011-2012 Flu season.

So, what does this mean for investment firms? It is now more important than ever to ensure your firm can and will remain functional if it is affected by this outbreak or, worse, a pandemic. Business leaders must be mindful of the repercussions of the virus, as a decrease in staff could cause a great strain on the firm and potentially costly downtime.

We asked our Business Continuity Planning experts to give 10 tips on keeping your firm up and operational during flu season. Watch and learn or download our handy 10 Tips Article.


You can also download our Preparing Your Firm for Flu Season article, which outlines tips for keeping your hedge fund up and running during Flu season and advice on pandemic planning.

Our BCP experts are also always available to assist with planning.

contact an eze castle integration representative

]]>
<![CDATA[New Year, New Goals: Resolutions for 2013]]>http://www.eci.com/blog/390-new-year-new-goals-resolutions-for-2013.htmlThu, 03 Jan 2013 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=390 0Happy New Year everyone!

2013 is off and running, and the time has come to look ahead and set goals for your investment firm to ensure a successful and prosperous year. Many of the resolutions we recommended last year still hold true, including testing your disaster recovery system, reviewing and evaluating all telcom contracts, ensuring your business continuity plan is SEC-compliant and performing a comprehensive IT systems audit.

This year, it’s time to take those resolutions to the next level. We asked some of our internal experts here at Eze Castle to share some important resolutions hedge funds could consider making for 2013. Here’s what they had to say:

Jason Nolan, Product Manager: Perform comprehensive evaluations before selecting a cloud service provider.

Last year at this time, we were encouraging our clients to learn more about the cloud and consider moving to a cloud-based IT infrastructure to take advantage of cost benefits and increased operational efficiencies. Today, the hedge fund industry has a much deeper understanding of this technology and is ready to take the cloud discussion to a deeper level. Our big push for 2013 is to encourage investment firms to thoroughly vet potential cloud providers on a number of key areas including backup and retention procedures, security and monitoring practices in place at data centers, Service Level Agreements (SLAs), SSAE 16 certifications and more. Also, be sure to gain an understanding of the service provider’s internal policies as they relate to data access and security procedures.

Lisa Smith, Business Continuity & Data Privacy Manager: Review and enhance your BCP and communicate it well.

visit the disaster recovery and business continuity planning knowledge centerIf there is one thing we learned from Hurricane Sandy, it’s that, for alternative investment firms, having a comprehensive and robust business continuity plan in place is crucial to achieving success. Of course, this is not new information, and most firms already have plans in place to protect their businesses from these types of events. However, simply having a plan in place is not enough. We encourage our clients to review and discuss their BCPs on an ongoing, regular basis to ensure they continue to evolve as business needs, key personnel and other factors change over time. In addition, it’s important to effectively communicate these plans to all employees within the organization, as well as any pertinent third parties (clients, vendors, investors, etc.), so that everyone understands what to do in the event of a disaster or outage. Keep in mind communicating the details of your company’s BCP can be done through training sessions, information sessions and testing. These are the most effective ways to ensure your employees know what to do during a disaster.

Bob Guilbert, Managing Director: Don’t overlook the importance of security.

In 2013, security will be one of the most discussed topics in the world of hedge fund technology. While we’ve been preaching strong security practices for quite some time, this year will bring a host of new challenges in this arena, especially in the areas of mobility, cyber-attacks and internal breaches. Firms should develop a strategy to combat these security threats, including implementing best practices such as enforcing strong passwords and multi-factor authentication, keeping patches up-to-date for Microsoft, Adobe and the like, restricting executable downloads and creating a mobile computing policy that addresses both company-issued devices and BYOD management.

Marc Gold, Director of New York Client Service: Be prepared for an operational due diligence questionnaire.

It’s no surprise that the hedge fund industry has become increasingly competitive. Investors’ expectations are on the rise, and they’re looking for funds that display the highest levels in operational excellence. At the same time, new regulations are aimed at increasing transparency. As a result, operational due diligence has become a hot topic amongst alternative investment firms. Now, more than ever, it’s critical to ensure your firm meets these high standards by preparing for – or completing in advance – a due diligence questionnaire (DDQ). Operational DDQs cover a wide range of topics, including the fund’s IT infrastructure and the accompanying security procedures. At Eze Castle, our client service team regularly assists funds in completing DDQs. Be sure to download our sample DDQ for hedge funds to help you get started.

contact an eze castle integration representative

Photo credit: gotgame.com

]]>
<![CDATA[Best of the Year Blog Posts: A Look Back at Hedge IT in 2012]]>http://www.eci.com/blog/389-best-of-the-year-blog-posts-a-look-back-at-hedge-it-in-2012.htmlThu, 27 Dec 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=389 Here we are again – at the end of another year and recapping some of the best and most popular posts from the Hedge IT Blog in 2012. This year, we spent a lot of time talking about cloud computing, security, and disaster recovery, among other topics.

As always, we welcome your feedback and would love to hear your suggestions for future articles on Hedge IT. In the meantime, we’ll continue to bring you new and interesting posts related to all of your favorite hedge fund technology topics.

At last, here is a recap of our most popular blog articles of 2012:

Cloud Adoption Survey Results Revealed: Part 1

This year, we undertook a research study surveying 130 hedge funds and alternative investment firms in regards to their adoption of cloud technology. The results revealed that more than eight out of ten investment firms are either currently using or planning to use cloud computing services in the near future. This shift towards the cloud signifies a major trend in the financial services space as firms look to move away from costly on-premise technology infrastructures. You can download the complete survey report here.Happy New Year

Hedge Fund Cybersecurity: Preparing Your Firm For an Intrusion

In 2012, we announced a strategic partnership with eSentire, a leader in managed security services for hedge funds. The partnership comes at a time when firms are on high alert regarding security concerns and are shoring up their businesses to mitigate future threats. In a live webinar, eSentire’s CTO reviewed internal and external security threats to hedge funds and strategies for thwarting such attacks.

Operational Due Diligence: Common DDQ Questions

As competition for investors continues to increase, firms are looking for ways to stay ahead of the crowd. The investor due diligence process has become much more thorough as investors have become savvier about operations and technology matters. Here is a list of common due diligence questions your firm may be asked as part of the DDQ process.

Examining the Changing Role of the Hedge Fund CTO

One of the panels at our first annual Hedge Fund Cloud Summit this year took a look at how the role of the head of technology at an investment firm is changing, particularly with increasing regulatory demands and reporting requirements from investors. Find out more about the new responsibilities hedge fund CTOs are undertaking and where the future of the role is headed.

Why Outsource? The Advantages of Using a Third-Party Help Desk

Earlier in 2012, Eze Castle was awarded with the prestigious Help Desk Institute (HDI) Team Excellence Award. Go, Eze! The win was great validation for our 24x7x365 outsourced help desk, which works with our clients day in and day out to resolve their issues and meet their immediate technology needs. This article takes you through some of the key advantages of using a help desk service like ours.

Take a Tour of Eze Castle's Data Centers (New Video!)

One of our favorite videos of the year was an inside look at our colocation facilities. Take a tour with this short video to see where our data centers are located worldwide and how our technology team works to keep your data and infrastructure safe and sound.

Hedge Fund Tech Compliance: Archiving, Security & Mobile Device Management

Our most popular webinar of the year focused on hedge fund compliance directives and covered everything from Form PF to message archiving and mobile device management. The regulatory requirements for hedge funds continue to mount, so read on to find out which directives your firm needs to comply with.

What Hedge Funds Can Learn from Hurricane Sandy

One of the most significant and devastating events of 2012 was Hurricane Sandy. The superstorm affected countless businesses and residences up and down the East Coast. Many of our clients were directly affected, and hence, we learned a lot through the course of the storm and in the aftermath. Disaster recovery and business continuity planning are essential to all firms, and Hurricane Sandy was another reason why firms should work diligently to prepare for unexpected events like these in the future.

From all of us here at Eze Castle Integration, we wish you a Happy New Year and look forward to seeing you in 2013!

Contact an Eze Castle representative

]]>
<![CDATA[Happy Holidays from Eze Castle Integration!]]>http://www.eci.com/blog/388-happy-holidays-from-eze-castle-integration.htmlThu, 20 Dec 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=388 The holiday season is upon us, and we'd like to wish our clients, partners, colleagues and friends a happy and healthy new year. Looking forward to a successful 2013 for all!

Click here to view our 2012 Holiday e-Card!

Happy Holidays from Eze Castle Integration
]]>
<![CDATA[What’s the Word on Windows 8?]]>http://www.eci.com/blog/387-whats-the-word-on-windows-8.htmlTue, 18 Dec 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=387 A few months ago, we took our readers on a tour of the newly released Microsoft Office Suite. This updated version of such tools as Word, PowerPoint, Excel and Outlook made it easier for users to take advantage of tablet and mobile computing devices. Now, with the recent release of its new Windows 8 operating system, Microsoft is continuing its foray into the mobile computing environment.

We’ve been receiving questions on Windows 8 from several clients and other industry professionals (What new features are included? What’s changed since previous versions?), so we’ve done some research and tapped our internal experts to provide you with an overview of Microsoft’s newest release.

What’s New?

The Windows operating system has been around for years, but there are now new players within the computing industry. Competitive offerings such as the Android and iOS platforms are rapidly gaining popularity as iPhones, iPads and Droid phones become more common. As a result, Microsoft is introducing significant changes with this new release, primarily aimed at enhancing users' experience when accessing the platform on tablets and mobile devices and taking advantage of new and emerging technologies.

Compatibility with Mobile Devices

Windows 8 is optimized for use on touch screens as well as traditional mouse-and-keyboard systems. Microsoft has also improved the start screen, now called the “Modern UI,” featuring a full-screen tile display of real time, customizable information. Users can install apps from the new Windows Store in order to quickly access news, weather updates, tweets and other timely information in a single tap. Additionally, a new function allows users to multitask by grabbing and swiping several apps at a time – a feature we haven’t yet seen perfected by competing operating systems.

Here is an example of what the Windows 8 start screen looks like:

microsoft windows 8 start screen image

Note: You may be hearing references to Windows RT in addition to Windows 8. To clarify, these two platforms are virtually the same, however RT refers to the version which runs on tablets. It contains nearly all of the same features, and users can navigate it the same way they would operate its counterpart on a desktop PC.

Increased Security

One important change in Windows 8 is a significant improvement in security features. Users can lock their devices and choose to protect them with either a traditional password or a “picture password” which involves drawing gestures on the screen with a finger (for touchscreens) or a mouse. Also, only the first account that is created on each device has administrative privileges. This means that only one person is able to install/remove most programs and access is limited for secondary users.

Windows 8 also boasts better malware protection than previous versions, increased protection for core files and a new system for memory management that is much more robust. Most individual apps are isolated, and can only access information from one another if you choose to allow it. This helps to quarantine malware and prevent it from spreading from one app to the next. For added security, users can add the Microsoft Defender app which decreases the chances of acquiring a virus.

Improved Searching and Navigation

Another new feature of note is the Charms bar. This appears when a user swipes his or her finger from the right edge of the screen or hovers the cursor over either the top or bottom corners on the right side of the screen. When the Charms bar is activated, it provides easy access to buttons that allow users to search, return to the home screen, switch to the most recent app that was used or adjust settings. You can also swipe up from the bottom of the screen to quickly reveal a list of all apps installed on the device.

Mousing Around Windows 8

So you may be wondering what it is like to navigate Windows 8 with a mouse. We've heard mixed reviews, but here are some handy shortcuts The Verge magazine recently published:

  • Windows + H = Opens the Share charmWindows 8 Start Image

  • Windows + I = Opens the Settings charm

  • Windows + K = Opens the Devices charm

  • Windows + Q = Search for apps

  • Windows + F = Search for files

  • Windows + W = Search for Windows settings

  • Windows + X = Access common admin tools

  • Windows + E = Launches File Explorer in the desktop environment

  • Windows + O = lock screen orientation

  • Windows + R = Opens a Run dialog

  • Windows + L = Lock the computer

  • Windows + Print Screen = Saves a screenshot to your Pictures > Screenshots folder

  • Windows + any of 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 = Launches the corresponding program pinned to the taskbar

  • Ctrl + Shift + Esc = Open Task Manager

Conclusion

Many analysts are calling Windows 8 the most drastically different operating system Microsoft has developed since Windows 95. For those of you who are used to the older platforms, this may require some getting used to. However, as we all know the world is moving away from the desktop and onto the touchscreen, and Windows 8 has the makings of a very solid operating system for this new age of computing. Keep an eye on this product – we expect to see a number of enhancements and add-ons in the coming year that could be very useful for business users.

Looking for more information on current trends in technology? Don't miss our recent article on what to look for in 2013. And of course subscribe to the Hedge IT blog!

Photo Credits: thetechstuff.com & PC Advisor

]]>
<![CDATA[Ready for Liftoff? Launching a Hedge Fund in 2013]]>http://www.eci.com/blog/386-ready-for-liftoff-launching-a-hedge-fund-in-2013.htmlThu, 13 Dec 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=386 We’ve said it before, and we’ll say it again. Starting a hedge fund is a thoughtful and time-consuming process that requires skillful considerations and supportive collaborations to drive success. But with the changes that have swept through the industry of late, now seems like as good a time as any to launch a new fund.

We recently hosted a webinar with KPMG to examine the current hedge fund landscape for startups and determine whether 2013 is the right time to begin the launch process. Below is a short summary of the topics discussed. To watch the full event replay, click here.

Forming a Hedge Fund

There is a wealth to consider when launching your first (or second or third) hedge fund. From organizational and personnel matters to grappling with regulatory and compliance requirements and infrastructure needs, the list seems to never end. With the help of experienced prime brokers and service providers, however, managing these tasks has never been easier.

Some areas to consider:

  • Where will your fund be based? Are there tax implications based on which geography you select?

  • Will you be required to register on a state and/or federal level?

  • What type of governance model should you employ?Launching a Hedge Fund

  • What are your investors’ expectations? (re: compliance, infrastructure, reporting, etc.)

The decision to outsource or take internal control over certain functions will also weigh heavily on your business. The functionality of a CCO or CFO is one that is often up for debate, and there are firms who will provide staff to fill these roles and assist with SEC and CFTC compliance requirements, registration forms and other needs. Be sure to consider what your investors’ perceptions of an outsourced CCO/CFO would be, though. Do they expect you to have someone on staff full-time? If the idea of outsourcing such an important role makes them uncomfortable, you may want to retain someone in-house.

For services and functions you do choose to outsource, it’s important to remember that managing those relationships is essential to success. The one function you cannot outsource is vendor relationship management, so taking the time to properly vet and communicate with your service providers will serve you well as you launch your business. Some vendors you will likely work with during the course of your launch include a fund administrator, attorney, audit or tax firm, prime broker and technology provider.

The Technology Shift

Fifteen years ago, hedge fund firms followed a “traditional” path, managing their IT in-house and making significant investments in technology infrastructure. They likely had Comm. Rooms directly in their office space and rarely relied on outsourced service providers. Fast forward to present day, and you’ll see that times have changed dramatically.

Disaster situations such as Hurricane Sandy and the global adoption of new technologies (read: cloud computing) have prompted hedge funds, particularly startups, to re-evaluate their technology strategies and leverage outsourcing.

On the cloud front, most firms seems to understand what it is and how it works. But the reality is that every cloud is not created equal, and all hedge funds should do their due diligence before settling on a cloud platform. Performing a SWOT analysis should give you a good indication of how cloud providers stack up against one another. One area to examine closely is cloud security. Again, not every cloud is secured in the same way or employs the same security measures. A reputable cloud vendor should provide you with clear documentation defining the technology infrastructure and security layers as well as the policies and procedures in place to manage the security of the cloud (and of your data). Security is one area where you don’t want to take shortcuts, so be thorough in your evaluation and selection process.

The technology infrastructure you choose (cloud computing vs. on-premise hardware) may very well be influenced by your real estate situation. Are you working from a home office? Sub-leasing a space in the city? Operating out of a hedge fund hotel? Your situation may affect if you have the ability to manage IT in-house or build out a Comm. Room, or perhaps it makes more sense to utilize the cloud. As you investigate real estate options, be sure to consider your location and accessibility to clients, any future expansion of your firm and, of course, economics.

A few other technology areas you’ll want to put some thought into:

Eze Castle Integration has helped over 2,000 hedge funds launch and is adept at working with firms throughout the entire launch process and beyond. If you’d like to speak with one of our experts to talk through your options, please contact us.

]]>
<![CDATA[What's Trendy in Technology? Predictions for 2013]]>http://www.eci.com/blog/385-whats-trendy-in-technology-predictions-for-2013.htmlTue, 11 Dec 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=385 It’s that time of year again: time to take a look ahead and make predictions for the top technology trends of 2013. I don’t think any of these trends will come as a surprise to you, but let’s take a closer look.

Mobility

I know - we had this topic on last year’s list, too. But it’s so important, it deserves another nod. Smartphones and tablets have invaded the enterprise world like never before, and we’re seeing companies work more diligently to manage the use of these devices. Strategies such as Bring Your Own Device (BYOD) give firms the ability to allow employees to use personal devices for work purposes. While this provides employees with flexibility in terms of which devices they can use (and eliminates the need to carry more than one), it also highlights the importance of enhancing security measures to protect sensitive company information from getting into the wrong hands. Speaking of security…Tech Trends for 2013

Security

It’s another repeat topic from 2012, but who can deny that it will still be one of the most talked about topics next year, too? In addition to focusing on BYOD challenges, firms will continue to grapple with the range of security issues facing hedge funds today. These include cyber-attacks and intrusions as well as internal security breaches and threats.

Whether your firm is relying on on-premise infrastructure or cloud services to support your operations, you will surely be expected to perform regular security checks and implement policies and procedures to thwart future issues. Examples of important security policies to employ include Acceptable Use, Access Control and Security Incident Management policies.

Big Data

One of the biggest phrases of 2012 was “big data.” Have you figured out what it is yet? If not, read up on it in a previous HedgeIT post. We expect the big data trend to continue into next year as, concurrently, the amount of data continues to grow. Firms will continue looking to harness the power of big data through management and analytical tools, and we may even see big data go mainstream.

Crowdsourcing

One final tech trend for 2013 is the idea of crowdsourcing – outsourcing tasks or seeking the input of a group of people. While technically, this process can occur offline too, it seems to have found its home on the Internet. Specialty sites like Quora and even more mainstream outlets such as Facebook, LinkedIn and Twitter allow individuals to reach out to large groups of people for assistance, advice or feedback. These forums are expected to continue to grow, nurturing the conversation process and allowing for the continued sharing of information across the globe.

So tell us…

Which of these trends do you think will be the hottest in 2013?


Contact an Eze Castle representative

]]>
<![CDATA['Tis the Season for Giving Back: A Great Year for Hedge Funds Care]]>http://www.eci.com/blog/384-tis-the-season-for-giving-back-a-great-year-for-hedge-funds-care.htmlThu, 06 Dec 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=384 With the holiday season just around the corner, we’re reminded to take a moment to appreciate what we have, and give back to those who may not be quite as lucky this year.

In keeping with the spirit of the season, we’d like to take this opportunity to recognize the amazing work of one of our favorite nonprofit organizations, Hedge Funds Care. This group is committed to preventing and treating child abuse by raising money to fund programs that support victims in their local communities around the world. These noble efforts are made possible by the generous support of individuals and companies throughout the hedge fund industry. We encourage you to learn more and consider becoming a supporter by visiting the Hedge Funds Care website.

After a highly successful year, the Eze Castle London team is honored to be joining Hedge Funds Care at the 7th Annual London Benefit Gala at the Science Museum this evening. As we join other investment professionals to celebrate a great fundraising year and prepare to kick off 2013, we also have a very special announcement to make: our managing director, Vinod Paul, has been named to the Hedge Funds Care Board of Directors! We’re beyond proud to have a member of our team joining the ranks of this fantastic organization and helping to lead the way toward a brighter future for children in need.

Check out the pictures below of the Eze Castle team participating in several Hedge Funds Care events:

hedge funds care events collage
contact an eze castle integration representative

]]>
<![CDATA[Eze Castle Gives Thanks]]>http://www.eci.com/blog/380-eze-castle-gives-thanks.htmlTue, 20 Nov 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=380 This week marks the unofficial kickoff of the 2012 holiday season. With Thanksgiving just around the corner, we've been thinking about what we’re truly thankful for this year.

As you might recall, we've had a lot to be thankful for the past few years. In 2010 we acknowledged our thanks to some of our favorite charitable organizations such as Hedge Funds Care and Big Brothers Big Sisters. We also shared our gratitude for our awesome network of partners and clients around the world.

Last year, we asked our employees what they were thankful for and videotaped their responses. Since that was a such a big hit, we thought we'd ask some other employees that same question this year. Take a look at what they had to say:

what we're thankful for - eze castle employee collage

]]>
<![CDATA[What's Happening in Asia? Hedge Fund Industry Update & Cloud Expansion]]>http://www.eci.com/blog/379-whats-happening-in-asia-hedge-fund-industry-update--cloud-expansion.htmlThu, 15 Nov 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=379 Hedge funds and investment firms are making the move to Asia, evidenced by the industry’s expansion to a record number of funds in Q3 2012 (according to Hedge Fund Research). With a healthy flow of both new startup funds and existing firms expanding their presence to the region, the Asian hedge fund market has quickly become the go-to locale for financial services.

Asia can be a challenging market to tap into, however, particularly as regulations take center stage. In addition to local regulations, Asian funds also need to keep an eye on what’s happening in the U.S. and Europe. According to HFMWeek, legislation handed down by the EU’s Alternative Investment Fund Managers Directive (AIFMD) “could make it very difficult for Asian managers to access European capital, affecting diverse facets of a fund’s operations including remuneration, leverage and custody.”Hong Kong

Technology is also on the minds of regulators – and investors too. HFMWeek states that “investors and regulators have shown little tolerance for allowing a fund’s infrastructure to ramp up over time, instead insisting that they feature best practice systems and processes at launch.” So if funds need to have a robust technology in place from day one, what are their options?

With costly real estate in financial hubs like Hong Kong (some of the most expensive square footage in the world), many Asian cities make it challenging for firms to build out their own technology infrastructures on-site. The answer for many firms, therefore, has been the cloud. Keeping in line with their US and UK counterparts, many Asian funds are leveraging private cloud services to help ramp up their operations quickly and cost-effectively.

With the growing demand for cloud services in Asia, Eze Castle Integration proudly announced this week the expansion of our Eze Private Cloud to Singapore and Hong Kong. Supporting more than 2,000 users and spanning three continents now, the Eze Private Cloud is the preferred private cloud for hedge funds on a global scale. Our expansion is further validated by two recent award wins, including #1 cloud computing provider (Hedge Funds Review) and best cloud computing/outsourced IT services provider (HFMWeek).

Read our complete announcement here.

The award-winning Eze Private Cloud provides hedge funds with seamless access to the technology and applications they require to effectively and efficiently run their businesses. With the Eze Private Cloud, hedge funds simplify operations, minimize upfront capital costs and gain a highly resilient, enterprise-grade IT infrastructure on par with billion-dollar funds. To learn more, click here.

Download the Cloud Survey Report

]]>
<![CDATA[A Guide to Hedge Fund Technology: 2012 Benchmark Study Results]]>http://www.eci.com/blog/375-a-guide-to-hedge-fund-technology-2012-benchmark-study-results.htmlThu, 01 Nov 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=375 Last week, we revealed the results of our 2012 Hedge Fund Operations & Technology Benchmark Study, which surveyed over 300 buy-side firms about their front, middle and back office technology and vendor preferences. This year’s findings underscore the need for investment firms to employ robust systems to support trading operations and meeting increasing regulatory and investor demands.

Below is a summary, but you can download the full report here.

Respondent Profile

Within the financial services industry, Eze Castle surveyed 320 firms including hedge funds (61%), investment managers or investment banks (12%), private equity firms (7%), fund of hedge funds (4%), broker/dealers (2%), and venture capital firms (1%). Additional firms included in an ‘Other’ category include family office, legal, real estate, endowment, quant, biotech and insurance brokerage.

Firms surveyed fell into three asset classes: 30 percent reported their AUM as $100 million and under; 32 percent fell between $101 and $500 million; and 38 percent reported over $500 million in assets under management.

The most popular investment strategy among firms is Equity Long/Short (37%); multi-strategy approaches are also common and employed by 23 percent of firms. The top five prime brokers employed by firms are Goldman Sachs, Morgan Stanley, JP Morgan, Credit Suisse and UBS.

Front Office

  • OMS: Firms use order and execution management systems to support trading, operations, compliance and portfolio management; therefore, they require a robust and efficient solution to meet their growing needs. Our survey found that the majority of firms rely on ConvergEx Group’s Eze OMS solution (32%) or Bloomberg’s AIM (23%). Other market OMS systems include Advent’s Moxy, RediPlus, and Charles River.Order Management System - Hedge Fund Benchmark Study

  • Market Data: Bloomberg is, by far, the leading provider of market data services in the financial industry, as evidenced by its use by 90 percent of survey respondents. Thomson Reuters is the second most commonly used solution; however, 80 percent of firms using Thomson Reuters are also using Bloomberg.

  • Market Analytics: This year’s survey showed respondents’ inclination for bundled solutions, which makes it understandable that Bloomberg is also the leader in market analytics (73%). Other market analytic solutions in the marketplace include Thomson Reuters, Capital IQ, and Factset.

  • Research & Document Management: Most firms are not currently using research management systems (54%) to manage the influx of data and information flowing into their firms. For those who are, popular systems include Advent’s Tamale (22%), Code Red (14%) and Microsoft SharePoint (12%).

Middle Office

  • Portfolio Accounting: With the ability to automate trade capture, allocation and lifecycle management, a portfolio accounting platform is essential to any investment firm. Advent holds the market share, according to our survey, with their APX (20%) and Geneva (17%) products used by many of our respondents.

  • Risk Management: As hedge fund investors demand greater transparency, firms are implementing strategic risk management systems to mitigate threats. Adoption is slow – 60 percent of firms are not using risk management systems currently – but market solutions in use include Advent, SunGard, RiskMetrics and Calypso. We expect many firms are outsourcing risk management functions to third-party administrators.

  • Outsourced Administration: Speaking of administrators, the most common admins according to our survey include Citco, Goldman Sachs, SS&C GlobeOp and State Street. State Street recently purchases Goldman’s administration practice, and we expect them to play a larger role next year.

  • CRM Solution: Of firms currently using customer relationship management tools, most are using Petrac (17%), Salesforce (17%), Backstop (13%) or Netage (13%). CRM tools may gain traction in the near future as firms look to do more advertising as a result of the JOBS Act.Message Archiving - Hedge Fund Benchmark Study

  • Message Archiving: Email and IM communications are required to be archived under Dodd-Frank. Global Relay and Eze Archive are the most popular solutions for investment managers, with 50 percent of respondents using one or the other. Less frequently used vendors include Smarsh, FrontBridge, Postini and Rackspace.

  • Mobile Technology: While many firms are still using BlackBerry to support their operations, the adoption of the BYOD trend has shifted companies toward Apple devices. Last year, only 10 percent of firms were using iPhones and iPads; in 2012, approximately 30 percent of firms are using Apple-powered devices for business.

Looking Forward

We expect to see continued adoption of crucial applications, including OMS and PMS systems, particularly as these applications can easily be supported in the cloud. Beyond cloud computing, there is sure to be an increased focus on hedge fund regulation in the future, and this will affect the systems and vendors firms choose. Investors, also, are becoming more technologically savvy and therefore require that investment firms do their due diligence and implement robust and secure infrastructures to support operations and mitigate risk. These trends will continue to play important roles that shape the technology and operational choices investment firms make. We hope our Benchmark Study will serve as a guide and assist firms in making these critical decisions.

Eze Castle Integration is well-versed in the understandings of the alternative investment market and provides consultation to hedge funds looking for advice on various hardware and software platforms. For more information on how we can help your firm make critical operations and technology decisions, please contact us.

Download Hedge Fund Tech Benchmark Study

]]>
<![CDATA[Apple's 'mini' Additions to Your Christmas List?]]>http://www.eci.com/blog/373-apples-mini-additions-to-your-christmas-list.htmlThu, 25 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=373 Earlier this week, Tim Cook led Apple's latest keynote and announced product upgrades across the board. New additions here and spec upgrades there are prompting users around the globe to update their holiday shopping lists and hope for steep discounts on Black Friday. In-between what were many foreseeable announcements, Apple also threw in a few surprises.

Here are the big ones:

The new new iPad. In what might have been the biggest surprise, Apple announced it is phasing out the new iPad (released only a few months ago) and replacing it with a newer one (due out next month). Same look. Same price. Less issues. In simplest terms, they fixed all the complaints. There is now more LTE support (including Sprint in the US and local providers in the UK), a faster processor, faster WiFi and some better camera features. Oh and with the help of a new power adapter, quicker charging too. No major changes, but it does help to know you are getting your money’s worth and that the company you are buying from really listens to users’ input.

Comparing Apple iPad vs iPad mini

The iPad mini. Users want small. Technology has always been about making devices smaller; even the iPhone 5, with its bigger screen, has smaller components and a smaller weight. And now your iPad can be smaller too. Just as powerful as the current $399 model, the iPad mini has more features (Siri and LTE just to list a few) and a lower price (starts at $329). At over $250, many users might not make the jump away from their Kindle Fire HD or Nexus 7, but for users considering Apple and for users who want small, I wish them short lines in the store and quick initial shipments.

13" MacBook Pro with Retina Display. Powerful. Beautiful. Small. Expensive. Four words to perfectly describe the newest addition to Apple's killer line of laptops. It perfectly complements its 15" big brother. With a screen that dominates every other laptop (except for the 15” version released a few months ago) this machine is beautiful. And with specs that are great for any laptop, it'll be great for anyone who wants to multitask, edit pictures or play video games all night. If I could afford it, it would already be in my shopping cart.

Mac mini. In keeping with Apple's theme of minis, they upgraded their everyday desktop computer. It's not their most well known product, but anybody trying to replace an older computer who wants to switch to a Mac, here is their gateway drug. It's just as powerful as any of the other entry-level machines out there, and it has an adapter that can be used with any nice monitor (or TV) you might already own. Plug in a keyboard and mouse (or buy them from Apple), and you are good to go. It’s simple, small and just as powerful as any of their laptops available at twice the price.

Apple iMac mini

And my favorite announcement...

The 27" (and 21") iMac. Ultrasleek and ultrapowerful. And at points only 5mm thick (and at others over 20" long). This machine is ridiculous. Shipping in December (November for the 21"), this machine has already made it to the top of my holiday list. And I have a version that's only two years old! Apple took their last model (which was very powerful for an all-in-one computer), cut the size and upped the specs. Simply put, it’s an ideal announcement. How exactly the edges are 5mm is beyond me (and don't worry -as soon as they are on display in Grand Central, ill find out), but until then just "wow". For those intensive users (and big time gamers), here’s a machine capable of it all. I bet it even runs Windows smoothly.

Finally, the Fusion Drive. Available as an upgrade on the Mac mini and iMac, this is Apple's take on a hybrid drive, but bigger in specs, not physical size. Although details are still slim, the Fusion Drive has 128GB of solid state storage and up to 3TB of typical hard drive storage. Coming from someone who made the switch to solid state drive (SSD) a few months ago and has only looked back to wonder why it took so long to do so, this sounds like exactly what I want in my computer: storage space to make my apps run fast and tons of space to store my music and files. But Apple says they've taken it one step further.

In a typical hybrid drive, the solid state storage is used as a cache - a temporary quick-to-access spot to store copies of what you are running/accessing often. Apple's software beyond their hybrid drive eliminates this need for redundancy. The files and applications you need and access a lot are automatically shifted in the background to solid state. And this will dynamically change over time. Promises of boot speeds and access speeds that near that of full SSD solutions means the potential for what will seem like over 3TB of solid state storage. This will either be one big gimmick or one huge spec jump. We all know what I'm hoping for when I put one in my iMac configuration on my holiday list.

To read more about Apple technology innovations, check out these blog posts:

Photo Credits: Apple, PC Mag

]]>
<![CDATA[Infographic: What Technology Do Hedge Funds Prefer?]]>http://www.eci.com/blog/372-infographic-what-technology-do-hedge-funds-prefer.htmlThu, 25 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=372 Yesterday we unveiled our 2012 Hedge Fund Benchmark Study, which looks at the technology preferences of 300+ hedge funds and alternative investment firms. Since a picture is worth a thousand words (or about 4,000 in the case of our report), we decided to publish this handy little infographic on our findings.

For you lovers of words, you can download the complete report here.


Hedge Fund Tech Infographic.



]]>
<![CDATA[SAS 70, SSAE 16 & SOC: Understanding Audit Terminology]]>http://www.eci.com/blog/371-sas-70-ssae-16--soc-understanding-audit-terminology.htmlTue, 23 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=371 When assessing technology options and evaluating outsourced IT providers, there are a number of questions hedge fund managers should be asking in order to make the best decision for their firms.

As we talk with investment managers – especially those whose firms are considering a move to the cloud – we’re hearing many of these great questions on an increasingly regular basis. One particular area where there tends to be some confusion, however, is the topic of audit standards which govern service organizations and the data centers they manage on behalf of client firms. To help you navigate through the evaluation process, we’ve pulled together a guide to understanding audit terminology and industry standards.

Audit Terminology Defined

You’ve probably heard several different audit-related terms being used to assess service organizations and data center quality. Here are some of the most important terms to be familiar with:

SAS 70
This stands for the Statement on Auditing Standards No. 70, which was developed over 20 years ago by the American Institute of CPAs (AICPA) primarily to report on the financial controls of service organizations. It was later adapted (inconsistently – more on that later) in an attempt to report on non-financial controls. Clients and end users often request to see the results of a provider’s SAS 70 audit, as this was believed to demonstrate that the provider has undergone a comprehensive examination of its financial controls and related processes.

aicpa service organization control reports logoThe issue with a SAS 70 audit is that it simply verifies that a data center manager has certain controls and processes in place. There’s no benchmark to which providers are held accountable. Therefore, a data center with very robust data protection measures could achieve the same level of audit as one with relatively weak controls in place. The only true way these differences are expressed is within the lengthy SAS 70 audit report which is time consuming to read and complex to decipher.

Last year, the AICPA acknowledged the deficiencies of the SAS 70 standard in its abilities to provide in-depth information on a service organization’s non-financial controls or enable user organizations to effectively compare service providers. As a result, the group elected to replace SAS 70 with new standards which better reflect the quality of these providers.

SSAE 16
As of June 15, 2011, SSAE 16 (Statement on Standards for Attestation Engagements No. 16) effectively replaced SAS 70 as the authoritative guidance for reporting on controls at a service organization. According to CPA firm Feeley & Driscoll, this new audit standard better accommodates international businesses, as it is on par with similar global standards such as ISAE 3402. Additionally, a SSAE 16 audit provides much more detailed and accurate information for all stakeholders of service organizations.

SOC 1
According to the updated standards, an audit that is conducted under SSAE 16 results in a SOC 1, or Service Organization Control No. 1 report. This report is focused on the internal financial controls of the service provider. SOC 1 reports are intended for use only by existing data center clients and are not recommended for prospective customers or the general public.

SOC 2
SOC 2 provides much more stringent guidelines than SAS 70 or SSAE 16, and is specifically designed to assess the quality of data centers and service organizations. SOC 2 and SOC 3 combined provide a benchmark against which two data center audits can be compared using the same set of relevant criteria – a major enhancement to previous audit standards.

Specifically, SOC 2 reports focus on the service provider’s non-financial controls which are referred to as Trust Service Principles: Security, Availability, Processing Integrity, Confidentiality and Privacy. An organization is not required to meet all five of these principles in a SOC 2 engagement, but they do provide a more comprehensive evaluation of the provider and its data centers.

SOC 3
SOC 3 is similar to SOC 2 in that it provides a similar level of assurance regarding the five Trust Service Principles. The primary difference is that a SOC 3 report is intended to be released publicly. As such, it contains a less detailed summary opinion provided by the auditor which gives an overview of the effectiveness of the controls that the data center or service organization has deployed.

Conclusion

The transition from SAS 70 to new audit standards is a welcome change for the outsourced technology industry. SOC reports provide data center operators and service organizations with a more comprehensive set of guidelines on which to base their controls and policies. They also benefit clients and end users, as they provide better assurance that providers are meeting high standards when it comes to security, availability, processing integrity, confidentiality and data privacy. Essentially, these new audit standards have raised the bar, leading to what is sure to be a more effective and efficient future for data center technologies.

For more information on data centers and outsourced technology options, be sure to check out these articles and resources, or explore Eze Castle's cloud computing services:

explore eze cloud solutions


Image Credit: http://www.probenefits.com/About_ProBenefits/SSAE-16.html

]]>
<![CDATA[Public vs. Private Clouds: There's a Time and Place for Each]]>http://www.eci.com/blog/370-public-vs-private-clouds-theres-a-time-and-place-for-each.htmlThu, 18 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=370 It’s no secret that hedge funds and investment firms have been divided over the use of public and private clouds for some time. We’ve discussed it in depth here on the Hedge IT Blog, explaining the differences between the two and why most funds are choosing to go with a private cloud solution.

A case can be made, however, that there’s a time and a place for each cloud platform and both offer their own advantages for hedge funds. We’ve taken a look at some of the key areas firms will consider when looking at public and private clouds and identified who we think takes the cake.

Service & Support

Public versus Private cloudInvestment firms demand uptime to ensure operational efficiency and profitability. Public cloud providers, however, do not offer hedge fund-specific IT support and rather have limited customer service representatives troubleshooting the most basic of email and desktop support issues. In the event of a crisis situation or an outage, hundreds of thousands of users will be trying to reach a limited number of support personnel, creating additional problems and highlighting a severe lack of customer support. As we’ve seen in recent years, many public cloud providers (such as Google and Amazon) have had outages last hours or even days at a time – situations that prove costly to any investment firm. With a hedge fund-specific private cloud platform, funds often have access to 24x7x365 engineering support that is tailored to meet the demands of their unique business.

Edge: Private Cloud

Scalability & Application Integration

While a public cloud offering may entice small start-up firms in particular, it is likely these firms will soon outgrow these services and be forced to migrate their data and infrastructure to a larger, more tailored platform. For example, traditional public cloud services do not offer or support vertical-specific application integration; as a firm grows to require a portfolio accounting platform or order management system, they will find that these applications are incompatible with their current cloud offering. On top of that, currently no public cloud providers will support any form of custom application integration or hosting of any hardware dedicated specifically to the fund.

With a private cloud solution, firms can easily grow and scale upwards as well as incorporate financial-specific and custom applications. Hedge fund private clouds are building up their lists of hosted applications (Eze Castle’s cloud currently hosts over 65 applications), allowing firms to reduce hardware costs and scale upwards by adding new users.

Public vs Private CloudsEdge: Private Cloud

Testing & Development

One area where the public cloud shines for many is for purposes of testing and development. Traditionally, test and dev environments have required dedicated infrastructures and significant resources, putting pressure on firms to invest in additional costly hardware. Unfortunately, testing environments can also fall by the wayside, deeming these investments wasteful. According to a report from Cognizant in March 2011, “test labs in companies typically sit idle for longer periods of time, consuming capital, power and space. Approximately 50% to 70% of the technology infrastructure earmarked for testing is underutilized.” With the public cloud, firms can easily and cost-effectively set up testing and development environments without the fear of overspending or underutilization.

Edge: Public Cloud

Security & Compliance

From a security perspective, a lot remains unknown. Public cloud security likely varies from provider to provider, but overall, is limited in its scope. Additionally, there is less transparency on the security front, and firms using the public cloud are less likely to be provided with deep knowledge around the infrastructure and security controls maintaining their data and assets.

Larger, public sites such as the Googles and Amazons of the world are inherently more susceptible to viruses, cybersecurity attacks and intrusions. Experienced hackers are much more likely to target a large, public enterprise that has greater potential for a breach – and greater potential for headlines. Private cloud providers are much more likely to employ strict access controls and implement security practices that will prevent and detect intrusions and maintain the safety of firms’ data and infrastructure.

On the compliance front, there are a number of demands placed on hedge funds and investment firms. Currently, the SEC advises funds to retain all internal and external email and instant message communications that are business-related. Many private cloud solutions offer firms message archiving services, which will allow firms to store communications for the designated period of time and recover any necessary communications in the event of an SEC inquiry. Some public clouds, however, are unclear on whether they offer such a service.

Edge: Private Cloud

Cost

The low-cost option of public cloud computing platforms is seriously appealing to many firms; who wouldn’t want a service priced at $20-$30 per user? Behind the low cost, however, remain a lot of questions. The amenities and services included with a public cloud platform can be limited (see previous sections above), and therefore, warrant a closer look by investment firms. While cost is and should be a significant factor in the decision-making process, it should not be the only factor and should be weighed in accordance with other considerations, many of which we’ve highlighted in this article.

Edge: There’s no real winner here. The reality is you get what you pay for regardless of which option you choose.

To dig a little deeper into public vs. private clouds, check out our other Hedge IT articles:

Visit the Cloud Computing Knowledge Center

]]>
<![CDATA[Safeguards for Trade Malfunctions: As Much About People as Technology]]>http://www.eci.com/blog/369-safeguards-for-trade-malfunctions-as-much-about-people-as-technology.htmlTue, 16 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=369 On Tuesday, October 2, the SEC held a roundtable discussion in Washington D.C. focused on technology use within the investment management sector. The following article from our guest blogger, Deborah Prutzman of the Regulatory Fundamentals Group, offers some highlights and insights from that meeting.

The 2010 Flash Crash, the securities and exchange commission logoKnight Capital incident, the Facebook IPO and the BATS IPO were all rooted in technological failures. An SEC roundtable held on October 2, 2012 at the SEC headquarters in Washington discussed ways to prevent future incidents like these from occurring again.

The roundtable gave a “thumbs up” to the adoption of a “kill switch” and focused on a number of best practices that are likely to find their way into managers’ procedures and investors’ due diligence questionnaires. Perhaps the most important takeaway, however, is that the role of the technology team, and that of the CTO, will continue to grow in importance.

A related development—that indicates safeguards for trade malfunctions are as much about people as technology—was the emphasis placed on enterprise-wide training and communication. Panelists noted that the Knight Capital incident was actually the result of two problems—a technology malfunction and the failure to respond effectively to that malfunction. Any system that notifies a firm of a trading error, or even halts trading, will only be effective if the firm has a process in place to implement once the issue has been identified.

Those attending the SEC program discussed the need to have two well-coordinated crisis management teams:

  1. One composed of IT experts to address the technical issues; and

  2. Another made up of senior management (that includes compliance) to guide the overall process and address internal and external communications, including contact with regulators and investors.

In addition, participants discussed how clarity about underlying business processes and related documentation set the stage for more effective and efficient system design, the creation of targeted testing protocols and highly effective crisis planning and management. The topic of kill switches received extensive attention. Many participants expressed skepticism about a fully automated kill switch mechanism that takes too much control away from a trading firm and various exchanges.

Roundtable participants concurred that this objection can be mitigated by setting warning thresholds prior to triggering a kill switch in order to give market participants the opportunity to have human consultation and intervention before an automated kill switch would be activated.

Key Meeting Theme

Technology is great, and robust technological solutions are needed for trading systems. But in the end, an experienced and trained staff is both the first and the last line of defense.

hedge fund regulations knowledge centerIf you are interested in learning more about the SEC Roundtable on Technology and Trading, please send a request to: information@RFG.com.

Also, for more information on regulations affecting the investment management industry, check out the Hedge Fund Regulations Knowledge Center and don't miss these recent Hedge IT articles:

]]>
<![CDATA[iPhone 5: New Features Review]]>http://www.eci.com/blog/358-iphone-5-new-features-review.htmlThu, 04 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=358 The new iPhone 5 – what do you think?

Anyone who has picked up a newspaper or read the Internet over the past two weeks since the iPhone 5's much anticipated release knows it has issues. The black model scuffs too much. Pictures look too purple. The Maps app is horrible. Everyone seems to have an issue with at least some new feature of the iPhone 5.

But in my observations, there is one thing that stands out among all those articles and negative reviews - everyone has an iPhone 5, and nobody can stop talking about it. And that's rightfully so!

The iPhone 5 comes preloaded with all the new features of the latest iOS, and it rocks. Below I've highlighted a few that you may find most intriguing. I know I've left a lot out (a review of 200 features would keep you here all weekend!), but I’ve tried to highlight some of the most significant changes.


line at the apple store in new york cityMail

The mail app is just as simple as before and just as reliable. It’s quicker than previous versions simply because the entire device is quicker, but now Mail has a few cool features to make email that much better. First up, VIP. This allows for a list of people of your choosing whose emails always get filtered to a special folder so you never miss one. The best part is, it works. The worst part? I have no excuse for missing one of my boss's emails.

There's also now a whole "right-click" menu. You can click on a word and highlight it to bold/underline/italicize and even define. You can also easily insert pictures and videos. It seems like a basic feature, and it is, but the new method for doing so makes it simple and quicker and thus makes me more efficient!

My favorite feature is the ability to create separate signatures for each email account. Now my friends can see my personal quote, and my clients can see my professional company signature. It sounds silly, but it definitely makes quite the difference.

Safari

It took Apple a little while, but since Google released the Chrome app for iOS, Safari has been truly lacking. With iOS 6, they seem to be running neck and neck. Safari's reading list feature from iOS 5 - the feature that allowed you to bookmark webpages - now allows for entire webpages to be cached for viewing later. For those that take the subway, use this! You can open our Hedge IT blog, cache it, and read it on the subway every day!

iCloud Tabs is a really cool feature, too. This is a feature similar to what Google does for Chrome. It essentially allows you to see what tabs you have open in Safari on your other devices and sync them via the iCloud. Beautiful. Start reading at your desk and continue reading on your iPhone when you get on the train. This makes life simpler - something Apple seems to be very good at.

Siri

The personal assistant you can talk to is still in beta, but she can do a lot more. Apple kept her personality (which I actually enjoy) and gave her access to a multitude of new databases. She can answer questions now spanning from sports scores for your favorite team to movie times at your local theater. And my favorite new task - Siri can make reservations for dinner, so I don't get caught off guard and yelled at for forgetting. Overall, she’s simple, elegant and even more useful.

Phone

Ironically, most people forget that the real purpose of the iPhone is to make and receive calls. It’s something we all do but never pay attention to. It’s also something Apple seems to have neglected and hardly updated over the past few years. Until now. Here’s a look at a few new features:

  • First up, users now have the ability to ignore a call and auto-reply with a text. This is a great feature. With just two clicks, I can ignore a call and let the caller know I’ll call back later. Brilliant!

  • Call reminders are another cool way to deny incoming calls. Click the button, and the phone will remind you later, at a more convenient time, that your mom called so you don't forget and make her angry by not calling back.

  • You can also put your phone in “do not disturb mode” at night so it doesn't wake you. Simple. Smart. But there's more, of course. What if you want the ability to answer important calls only? Set certain contacts to bypass this feature. What if work calls me? Do I want my boss to wake me up? I can tell my phone that if it's important and he calls me twice, my phone should ring the second time. That's spectacular.

Miscellaneous

Like I said, there are over 200 new iPhone 5 features, and I know I haven't begun to scratch the service. From more Facebook integration for the addicts like myself to the new camera features, there are plenty more for you to love. So ignore the bad press and remember: nothing’s perfect. With millions of owners, you need to expect a few unhappy ones out there.

contact an eze castle representative

*Image credit: Bloomberg Tech Blog

]]>
<![CDATA[Hedge Fund Cybersecurity: Preparing Your Firm For an Intrusion]]>http://www.eci.com/blog/357-hedge-fund-cybersecurity-preparing-your-firm-for-an-intrusion.htmlTue, 02 Oct 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=357 We hosted a webinar on hedge fund security and the internal and external threats firms should be aware of. Following is a short recap of the material presented by Eldon Sprickerhoff of eSentire – a leader in the managed security services space.

For hedge funds and their investors, the reality of cybersecurity threats is a serious one and one that must be proactively and consistently monitored. Investors today expect firms to take steps to thwart potential security threats, which means using vulnerability assessments and penetration tests to identify possible risks.

The truth is that most successful cybersecurity attacks in today’s environment occur via three different methods: malware via email, malware via download and transfer via USB. In most cases, an employee will download an unsuspecting virus or open an unsuspecting email, triggering a malware attack that could open the door for further intrusion. Alternatively, a trend becoming more common is the threat of employees transferring information onto USB drives (whether knowingly or unknowingly), resulting in an internal security breach.Lockheed Martin's Cyber Kill Chain

Externally – and regardless of the intrusion method – attacks typically follow a similar path from start to finish. Global security firm Lockheed Martin has identified steps to what they call the “cyber kill chain.”

  1. Reconnaissance: Collecting information and learning about the internal structure of the host organization

  2. Weaponization: How the attacker packages the threat for delivery

  3. Delivery: The actual delivery of the threat (via email, web, USB, etc.)

  4. Exploitation: Once the host is compromised, the attacker can take advantage and conduct further attacks

  5. Installation: Installing the actual malware, for example

  6. Command & Control: Setting up controls so the attacker can have future access to the host’s network

  7. Actions or Objections: The attacker meets his/her goal (e.g. stealing information, gaining elevated privileges or damaging the host completely)

While the steps may seem well thought-out and can be easily executed by an attacker, the benefit to understanding the cyber kill chain is that it gives the host a chance to counteract. The sooner into the cyber kill chain the host can identify the threat, the better chance it has of thwarting it.

And there are several options for thwarting attacks, depending on the stage in which the attack is identified. Mitigation activities on the host’s part can include: detection, denial, disruption, degradation, deception and destruction. Creating a course of action based on various scenarios and a firm’s current abilities to thwart attacks can gauge effectiveness against such intrusions and provide areas for improvement in a firm’s defense strategy.

As part of an overall strategy, firms should also look to implement the following simple best practices to help prevent costly attacks:

  • Enforce strong passwords and (at least) two-factor authentication

  • Remove local admin privileges when possible

  • Keep patches up-to-date for Microsoft, Adobe, Java Runtime and browsers (the most common threats originate here)

  • Restrict executable downloads and installations

Watch below for a full replay of the webinar: Turning Hedge Fund Security Inside-Out!

Be sure to come back to Hedge IT on Thursday for Part 2 of our webinar recap featuring an overview of essential policies and procedures to support technology and operations management as well as a look at mobile device management!

Visit our Knowledge Center: Hedge Fund Security

Photo Credit: eSentire

]]>
<![CDATA[iPhone 5 and iOS 6: First Impressions]]>http://www.eci.com/blog/355-iphone-5-and-ios-6-first-impressions.htmlTue, 25 Sep 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=355 Five a.m. on September 21, 2012. Do you remember where you were? (C’mon, it was only last week!)

For millions around the world, they were eagerly anticipating the new iPhone 5. Be it in line outside a store (like yours truly) or at their doorstep waiting for the UPS/FedEx drop-off (like those who plan ahead), over 2 million people anxiously waited for the next iPhone to hit the streets. And they didn't just do it because the Kool-Aid tastes good.iPhone 5

The iPhone 5 is bigger and faster. The screen is bigger, yet the entire phone weighs less - big perk. And its tech specs, for my fellow geeks out there, are faster across the board. Everything from the processor to memory to cellular connection is a step up. Pretty much the same phone we've all come to love but faster. No down side there!

But specs alone aren't enough to impress people, and that's where the Apple Operating System, iOS, comes in to play. Every year Apple releases a new iOS with 200+ new features. This go-around is no different. From the little things (like new emoticons or a new share menu) to the big things (a revamped Mail app and better Facebook integration), Apple has kept the feel and made it better in iOS 6.

As has become custom with each new iOS announcement, Apple is getting a lot of backlash. With all the lawsuits going on and fighting between companies, Apple has been cutting ties with a lot of partners. Because of this, Apple has removed both the original YouTube and Maps apps from iOS 6 and the new iPhone 5. Many users are unhappy with the changes. Apple has developed its own Maps app for the new iOS, but according to many, it is subpar to Google’s. There is no replacement for the YouTube app, but Google has released one which users can download. Change is good, but too much appears to be a bad thing.

So what’s the verdict? I haven't had enough time to play around just yet, but I look forward to updating you soon after I review these new features and apps. Stay tuned for future posts to hear more about the good, the bad and the iMazing.

Contact an Eze Castle representative

Photo Source: PC Mag

]]>
<![CDATA[What's Hot: Social Media Compliance and Archiving for Investment Advisers]]>http://www.eci.com/blog/354-whats-hot-social-media-compliance-and-archiving-for-investment-advisers.htmlThu, 20 Sep 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=354 When it comes to compliance, hedge funds and investment management firms have a lot to think about. Dodd-Frank, registration, Form PF, oh my! And these days they can add one more thing to their plates: social media.

Social media, in the mainstream, may be a tool for chatting, researching or staying up-to-date on current events. But for investment firms, social media can be a great marketing opportunity and a way to spread their message. It must also be closely monitored, though, particularly as regulators seek to address its prevalence with archiving requirements.

A History of Social Media in the Financial World

Earlier this year, Goldman Sachs – one of the largest investment banks in the world – joined Twitter. It was a remarkable day, and with 132 characters (barely within the 140-character limit!), Goldman announced that it would be posting updates in the future about its work and its employees. You’re probably thinking “why so remarkable?” The reality is that the financial services industry has traditionally steered clear of social media, worried that it would only pose problems and concerned about bodies such as the SEC reacting in an unfavorable way.

Social Media ComplianceIn 2011, MHP Communications surveyed 77 hedge fund managers about their social media activity and found that only 1 percent of firms were actively on Twitter and none were active on Facebook. According to MHP, “the findings did not surprise us. Historically, hedge fund managers have deliberately kept a low profile and managed their reputations accordingly. They are also concerned about the regulatory implications of social media. As such, adoption of social media is extremely low.”

The Legal Requirements

We all know that emails and instant messages are required by the SEC to be archived for five to seven years. But where do they stand on social media content? According to SEC Rule 17a-4(b), registered investment advisers and broker-dealers should archive all business communications on social media for at least three years. With discovery audits on the rise, firms should ensure these communications can be easily searched and recovered in the event of an SEC inquiry.

Despite the requirements, social media is still a hot topic among registered investment advisers. According to the seventh annual Investment Management Compliance Testing Survey, released earlier this year, social media was the “hottest” compliance topic for firms, with 80 percent of RIAs stating they have adopted formal social media policies (up from 64 percent in 2011 and 43% in 2010). However, 54 percent of firms reported that their firms have prohibited the use of social media – another indication that full-scale adoption and acceptance has not yet arrived.

What’s Next for Social Media Compliance?

As investment firms continue to introduce social media into their business strategies, they must also develop written social media policies to ensure proper procedures are outlined for employees relative to acceptable and unacceptable use of social media. This will be a firm’s best defense for managing an effective social media campaign. Firms will also continue to implement social media archiving tools – such as those from Global Relay, Smarsh and Hootsuite – to comply with SEC regulations, particularly as the SEC begins to administer discovery audits. The reality is that social media sites such as Twitter, Facebook and LinkedIn have become mainstream avenues for business communication (even in financial services), and therefore, firms must work diligently and carefully to ensure they put their best foot forward whether it be via status update or tweet.

Learn more about social media and compliance:

Contact an Eze Castle representative

Photo Credit: Global Relay

]]>
<![CDATA[Big Data and Storage: What's the Breaking Point?]]>http://www.eci.com/blog/352-big-data-and-storage-whats-the-breaking-point.htmlThu, 13 Sep 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=352 Last week we explored what big data is and what its implications are on the hedge fund industry. Diving a little deeper, today we are looking at the storage considerations for the endlessly growing amounts of data with which companies must cope.

We create 2.5 quintillion(!) bytes of data every day, so not surprisingly, big data is breaking today’s storage infrastructure barriers and creating new challenges for companies. NetApp has pinpointed three areas where storage is faltering – complexity, speed and volume.

  • Complexity. Data is no longer just about text and numbers; it's about real-time events and shared infrastructure. The information is now linked; it is high fidelity, and it consists of multiple data types. Applying normal algorithms for search, storage, and categorization is becoming much more complex and inefficient.

  • Speed. How fast is the data coming in? High-definition video, streaming media over the Internet to player devices, slow-motion video for surveillance – all of these have very high ingestion rates. Businesses have to keep up with the data flow to make the information useful. They also have to keep up with ingestion rates to drive faster business outcomes – or in the military, to save lives.

  • Volume. All collected data must be stored in a location that is secure and always available. With such high volumes of data, IT teams have to make decisions about what is “too much data.” For example, they might flush all data each week and start all over the following week. But for many applications this is not an option, so more data must be stored for longer periods of time – without increasing the operational complexity. This can cause the infrastructure to quickly break on the axis of volume.

The Solution?

Not surprisingly, NetApp also has a solution to the hurdles big data is creating for companies. Coined the ‘ABCs’ of big data solutions, it focuses on addressing challenges in three key areas – analytics, bandwidth and content.

  • Analytics. Analytics is about gaining insight, taking advantage of the data explosion, and turning data into high-quality information that allows for deeper business insights and better decision-making. In order to do this, companies should look for storage solutions that improve response times for ad-hoc and real-time inquiries as well as deliver overall storage performance increases.

  • Bandwidth. To leverage big data, companies need to obtain better performance for very fast workloads and high-bandwidth financial applications. Large financial database applications process and analyze large amounts of data in real-time. In order to execute these real-time, intense processes, high-bandwidth storage must be available.

  • Content. This focuses on the need to provide boundless, secure, scalable data storage. Content solutions must enable the storage of virtually unlimited amounts of data, so that companies can store as much data as necessary and have the ability to find it when they need it.

]]>
<![CDATA[Beyond Financial Services: How Cloud Apps are Evolving]]>http://www.eci.com/blog/351-beyond-financial-services-how-cloud-apps-are-evolving.htmlTue, 11 Sep 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=351 Cloud computing is without doubt a term most of us have already heard and read about. However, the boom of its characteristics - richer user experience, immediate response to user actions, and offline mode compared to web applications or programs installed in user devices or PCs - makes this platform very convenient and even a necessity.

Recently more software developers have gone beyond using the cloud just for business purposes to create more entertaining experiences, ensuring cloud services rule the personal lives of consumers too.

The Evolution of Consumption

In our daily business and leisure activities we utilize multiple devices to consume and produce data that go from PCs and laptops to smartphones and tablets. The main function of cloud services is to allow us to centralize and sync our content across those devices.

Consumer cloud apps provide functions that go over and above simple storage or sharing, and do not need to be installed on a PC or smartphone. It offers the best of both worlds - applications for both personal and professional use.

The Battle of the Clouds

You’ve probably heard or even currently utilize some of the market’s most popular consumer cloud apps: Apple’s iCloud, Google’s Docs and Calendar applications, Microsoft’s SkyDrive and its Windows Live products, as well as Amazon’s Cloud Drive. A very recognized cloud service for Apple customers is CloudApp, powered by Heroku, which is available to Mac OS and iOS users. This application has built its own ecosystem around it. Users can easily store files and objects within the app and, in exchange, it produces a Uniform Resource Identifier (URI), which is copied to the clipboard for the user to share and have future instant access.cloud apps

The above listed cloud platforms are generally free or have a very low monthly fee for more features. This is one of many reasons why people are utilizing their convenient features for personal purposes. Nowadays. however, it has become apparent to businesses and individuals who use the cloud that it is not always safe to share information without ensuring certain security standards are in place.

A recent incident happened to reporter Mat Honan whose entire digital presence was hacked via a loophole in AppleCare. He probably thought that no one would want to access his family pictures or music library, but hackers are usually looking for weak spots that lead to sensitive personal information. Therefore, it’s important that users do their due diligence around security best practices and ensure they are careful in what personal information they store via cloud applications.

Optimizing Cooperation

Other popular consumer cloud apps include those that serve as “collaboration platforms”. Their main purpose is enabling the sharing and exchange of documents among groups of people. These include Beanstalk, Dropbox, Evernote, and GitHub.

For personal work and organization many users have tried Evernote (mostly preferred by students), which collects clips of data from various sites you're reading or the applications you're using and gathers them into categories that can be synced in the cloud and accessed from multiple devices.

The Salesforce app Do.com includes the level and ease of functionality for file sharing and collaboration that enterprises may have already attached to Outlook by way of add-ons, but which aren't available for everyday Outlook users.

Another example, Joukuu, is a storage maintenance service with a based console that displays the contents of files stored to Google Docs, Box.net, and Dropbox. When you work with many colleagues on a project, and they all subscribe to different services, Joukuu is a true timesaver. And the drag-and-drop functionality of its outside-the-browser app saves you as many as one thousand clicks per day.

Optimizing Organization

Among the most loved cloud applications by music fans is Spotify which offers access via free or paid subscriptions to its music library. This application’s success has developed into a premium mobile service as well as a radio desktop app.

Another favorite is Audiobox.fm, a streaming service that works two ways: by enabling users to store the music they own in the cloud (at the cost of $3.99 for 11 GB) and also play that music from any device using the service's own media player. And let’s not forget services like Last.fm and Pandora, which for many users, are more convenient than music ownership and more interesting than traditional radio.

It’s clear that businesses and personal users alike have many reasons to use the cloud. Not only are cloud consumer apps fun and user-friendly, but they also optimize our daily activities to make life just a little bit easier.

Our Eze Private Cloud may not offer music services, but it is definitely the go-to destination for hedge funds and investment firms looking to reduce costs and benefit from a fully functioning managed service. To learn more about the Eze Private Cloud, click here.

contact an Eze Castke Representative

Photo Source: Google

]]>
<![CDATA[What is Big Data? And What Does it Mean to Hedge Funds?]]>http://www.eci.com/blog/350-what-is-big-data-and-what-does-it-mean-to-hedge-funds.htmlThu, 06 Sep 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=350 The phrase ‘Big Data’ is the rising star of industry buzzwords, but what exactly does it mean? In this article we’ll aim to define big data and potentially more importantly, discuss the implications of big data on the hedge fund market.

Wikipedia defines big data as a “collection of data sets so large and complex that it becomes awkward to work with using on-hand database management tools.” As a result, the top software companies (i.e Oracle, Microsoft, HP) as well as financial application vendors are investing heavily in building systems to help companies harness the power of big data.

And big data just keeps getting bigger. According to IBM, each day we create 2.5 quintillion bytes of data from everyday activities including social media, digital pictures and videos, online transactions, GPS signals and more. Highlighting the explosion of data, it is estimated that 90% of the data in the world today was created in the last two years alone.

What is the Significance of Big Data?

Hello Big Data ImageIf big data can be harnessed, it provides the opportunity to spot trends, find new insights or trading ideas and answer questions that were previously considered outside of reach.

Signaling the importance of big data, the World Economic Forum released a report earlier this year outlining the significant impact big data will have on international development. According to the report, “researchers and policymakers are beginning to realize the potential for channeling these torrents of data into actionable information that can be used to identify needs and provide services for the benefit of low-income populations.”

But harnessing the data is easier said than done. A report last year by the McKinsey Global Institute, the research arm of the consulting firm, projected that to capitalize on big data the United States needs 140,000 to 190,000 more workers with “deep analytical” expertise and 1.5 million more data-literate managers, whether retrained or hired.

Big Data and Wall Street

Quantitative hedge funds and investment strategies are the most obvious application for big data. In a recent Forbes.com article, David Leinweber explains that “many of the ideas from quant investing make sense in [big data] context; histories are huge, and experimentation is easy. There’s an underlying behavioral model, plus, you know your counter-parties. The large volume and variety of data allows use of new “data voracious” statistical and machine learning methods that, in finance, are useful for high-frequency trading, but are worthless on daily or monthly market data.”

Most large Wall Street banks are also looking at better ways to capitalize on large datasets. Bank of America Merrill Lynch, for example, is using Hadoop, which is an open source framework that allows for the distributed processing of large data sets. With Hadoop, Bank of America Merrill Lynch is applying big data strategies to manage petabytes of data for regulatory compliance and advanced analytics.

Bigger and Bigger and Bigger

We can expect both the amount of data as well as the market touting big data solutions to just keep increasing. Just as cloud computing has gone mainstream, so too will big data. The question is how long will it take for the solutions to become viable options for traditional hedge funds.

]]>
<![CDATA[September Preview: Hedge Fund Security Awareness Month!]]>http://www.eci.com/blog/349-september-preview-hedge-fund-security-awareness-month.htmlTue, 04 Sep 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=349 We’ve talked about it a lot recently. Security, I mean. We’ve written countless articles (on everything from cloud security to network security) and even put together a fun video busting some common cloud security myths.

But we always have more to share, and that’s why we’ve dubbed September Hedge Fund Security Awareness Month – to bring you more content, reveal more expert advice and generate more education on the importance of keeping your business safe.

Here’s a look at what’s coming up during Security Awareness Month:Security Awareness Month - September 2012


September 13, Live Seminar (New York)
It’s no secret that security and data protection are hot topics for hedge funds and investment firms, but how does your firm know where to start when it comes to protecting your assets? Our panel of experts will examine the ins and outs of security and data protection and provide knowledge to attendees around:

  • The legal ramifications of cloud computing and data protection strategies;

  • Security best practices for maintaining a protected environment; and

  • Disaster recovery and data protection how-tos and technology recommendations.

If you’re a hedge fund in the New York area and would like to register for this event, click here.

September 25, Live Webinar
In addition to proactively preparing for external breaches and security threats, firms must also realize that there’s a chance their businesses are already compromised. “How did we not notice?” you might ask. “And what do we do about it?” Our experts will share their guidance for treating these sensitive situations.

To pre-register for this live webinar, contact Kaleigh Alessandro at kalessandro@eci.com.

As always, we’ll be recapping these events here on the Hedge IT blog so even if you can’t attend, you won’t miss a thing!

In the meantime, read up on some of our other great security-related content:

Contact an Eze Castle representative

]]>
<![CDATA[Microsoft Office 2013: What Can You Expect?]]>http://www.eci.com/blog/346-microsoft-office-2013-what-can-you-expect.htmlTue, 28 Aug 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=346 Last month, Microsoft released a preview of its new Office 2013 package to the public so that users could get a feel for the updated versions of Word, PowerPoint, Excel, Outlook and OneNote. As technology lovers and avid tech trendwatchers, we couldn’t help but explore what CEO Steve Ballmer has called the “biggest, most ambitious Office” to date, and share our thoughts with our loyal Hedge IT readers.

What's changed?

microsoft office 2013

You are likely very familiar with earlier versions of the Microsoft Office package, so the basics of each program won’t be a major surprise. However, there are some changes and new features that are being incorporated into this new release.

  • Embracing the mobile and tablet computing trend: Office 2013 is designed to be touchscreen-friendly in order to create a more seamless computing experience for mobile device and tablet users. Many of the same touch features that Apple users are accustomed to will be applied, including swiping a finger to scroll or turn pages, pinching to zoom and writing with a finger or stylus. The goal here is to ultimately smooth out the user experience by unifying the desktop applications with the Windows Phone 8 smartphones and Microsoft Surface tablets.

  • Incorporating cloud capabilities: In order to capitalize on the unification of these various computing platforms, Office 2013 is cloud-ready, so that users can easily synch their PCs, laptops, smartphones and tablets in order to access documents on any of these devices. This new capability signifies Microsoft’s move into the cloud services arena. Office 2013 will be deeply integrated with the company’s SkyDrive cloud platform, enabling easy collaboration via Skype (a recent Microsoft acquisition). Documents can now be saved to SkyDrive by default, making the collaboration process even smoother.

  • A new user interface: The Office 2013 user interface isn't drastically different from Office 2010, but some minor updates have been made. The “ribbon” toolbar design remains, but the icons inside it are slightly larger and more spread apart to take advantage of large monitors. This design is carried across Word, Excel, PowerPoint and all other applications within the suite. Another minor change to look for is the addition of your name and Microsoft account photo in the upper-right-hand corner of the screen in all Office programs, a reminder that the cloud now permeates the entire package.

  • Going social: While social connectors are not new to the Office programs, they will become a focus area within the new suite. Users can now link their Facebook and LinkedIn accounts just as they can on Windows Phone 8 with feeds streaming in. Microsoft also plans to open up the API for developers so that they can incorporate other social network content in as well.

So far, no official launch date for the full version of Office 2013 has been set. Industry experts believe Microsoft will make it available in time for the launch of Windows 8, which Steve Ballmer has indicated will take place later this year.

Here is a CNET video so you can see Office 2013 in action.


Stay tuned to the Hedge IT blog for the latest tech industry news and updates!

contact an eze castle integration representative

]]>
<![CDATA[Cost vs. Location Considerations: A Look at London Hedge Fund Real Estate]]>http://www.eci.com/blog/342-cost-vs-location-considerations-a-look-at-london-hedge-fund-real-estate.htmlTue, 14 Aug 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=342 mayfair neighbourhood londonLast week, we took a closer look at the current state of the New York City hedge fund real estate market. Today, we're crossing the pond to provide some updates on new developments in the UK real estate arena.

London remains Europe's number one destination for hedge funds and private equity managers, with Mayfair and St. James's being the most-preferred neighbourhoods. But have mounting economic pressures and increased interest from overseas for property pushed funds away from these areas? How are these factors affecting the popular "hedge fund alley" section of Curzon Street and Berkeley Square in Mayfair?

As of the last quarter of 2011, 51% of hedge funds and investment management firms based in London's West End area were operating in office space in Mayfair and St. James's. This figure is down significantly from five years ago, when 69% of those shops were located in those same areas, according to property consulting firm Cushman & Wakefield. This shows that London-based hedge funds are increasingly moving away from the traditional core areas, as they have quickly become the city's most expensive office neighbourhoods. In fact, after Hong Kong, rental prices in London's Mayfair and St James’s districts south of Oxford Street and West of Regent Street are now the second highest in the world.

So, where are all the funds moving to?


the shard building londonTo avoid paying exorbitant leases, many investment firms are seeking out the more manageable rental figures per square foot on and around Oxford Street. Additionally, there are a growing number of hedge funds setting up shop in areas such as Victoria and the district immediately north of Oxford Street. Rents for premier properties in these neighbourhoods are currently averaging around £65 per square foot, a stark contrast to the £100+ rates we're seeing in Mayfair and St. James's right now. Iconic buildings such as the Shard at London Bridge or the Heron Tower in the City are also becoming more and more attractive to hedge fund managers. Office space in the Shard is about 30% cheaper than comparable buildings in Mayfair.

Well-established investment firms are in a better position to move away from Mayfair right now, since they have an existing base of investors and other stakeholders that are familiar with them and willing to venture outside of this core real estate area in order to meet with them. That said, there are still many firms who are willing to pay top dollar for this premier location in the heart of London’s most sought after area for the hedge fund industry. Despite these costs, most start-up funds also prefer to be located in or near Mayfair to give them a better opportunity to create awareness amongst time-pressed investors who are unlikely to travel far between meetings, especially for firms with whom they are not yet very familiar.

To learn more about real estate options for hedge funds and alternative investment firms, don't miss these Hedge IT articles:

Photo Credits: Google

]]>
<![CDATA[Hedge Fund Real Estate Update: Is Midtown Still the NYC Hot Spot?]]>http://www.eci.com/blog/341-hedge-fund-real-estate-update-is-midtown-still-the-nyc-hot-spot.htmlThu, 09 Aug 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=341 In the land of U.S. commercial real estate for financial services companies, Midtown Manhattan has always been the spot. But as the market has evolved, so too have the needs of hedge funds and investment firms – even when it comes to their office space.

Midtown Manhattan has long held the title of most expensive neighborhood for office rents, and this trend continues into 2012. According to a Q2 2012 report published by Newmark Grubb Knight Frank, the average asking price for office rentals in Midtown is $63.54 per square foot, which is significantly higher than the overall Manhattan average of $51.93.Trendy Office Space for Lease

The rising popularity of areas such as Midtown South (generally found between 30th and Canal Streets) has left the traditional Midtown area with more vacancies than in typical years. Companies, including financial services firms, are often opting for trendier neighborhoods within the city, including Chelsea and SoHo, as well as Midtown South. The latter of these areas is averaging just $40.21 per square foot, nearly on par with costs in downtown Manhattan ($40.20) and significantly less than the prestigious Midtown section.

Companies particularly interested in the Midtown South area are technology and media firms, which has earned the area the nickname “Silicon Alley.” And these technology companies are popping up everywhere around the city. According to brokerage firm Cushman & Wakefield, “technology, media and information firms that gravitate to the area took more Manhattan office space than financial companies this year for the first time.”

One explanation for this trend may be that financial services firms are trying to operate more efficiently with less real estate. While employment has risen in the investment industry (including 25,000 jobs since 2010), office vacancies have stayed stagnant, indicating firms are doing more with less.

And yet there are other firms in New York who don’t rely on commercial real estate at all. Some funds prefer a managed office space through which they can leverage office and business support and technology services. Eze Castle Integration’s hedge fund hotel in Midtown remains a hot spot for hedge funds and investment firms looking to leverage the prestigious Midtown address and the benefits of a managed service, including administrative and office personnel and support, telecommunications and the proximity of a first-class team of certified engineers. To learn more about Eze Castle’s hedge fund hotel or to schedule a tour, please contact us.

Be sure to come back next week when we take a look at the office real estate market in Europe’s most expensive city: London!

Contact an Eze Castle representative

Sources: Crain’s New York, Newmark Grubb Knight Frank, and Bloomberg

Photo Credit: Flickr

]]>
<![CDATA[Hedge Fund Tech Compliance Update]]>http://www.eci.com/blog/337-hedge-fund-tech-compliance-update.htmlThu, 26 Jul 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=337 On Tuesday, we began our webinar recap by looking at Form PF requirements and recommendations and other essentials for maintaining an effective compliance program. The second half of our webinar focused on technology compliance, specifically around message archiving, email security and mobile device management. Let’s take a closer look at some of the content that was covered. If video is more your style, you can watch a replay of the webinar here.

Record Retention & Message Archiving

The SEC currently requires investment advisers to retain all internal and external electronic business communications. Rule 204-2 mentions the following specific measures:

  • In order to meet the requirements of the SEC, firms must retain and archive more than just email. Instant messages, Bloomberg and Thomson Reuters messages and other electronic communications are also considered required archival material.

  • Messages typically need to be archived for 5 to 7 years.

  • The regulation is very specific in stating that archived data cannot be modified, for obvious reasons. Common practice is to store your archived data in a WORM (Write Once, Read Many) format.

  • Data should be backed up to a remote off-site location to safeguard against local disaster scenarios.Archiving

  • One important aspect of the regulation stipulates that investment firms must be able to ‘promptly’ respond to an SEC request for information. This means firms must have the ability to efficiently search and index their data to access records in a timely manner.

Email Security

Email security is an often overlooked area of important for hedge funds and investment firms, particularly as most assume that standard security practices are in place with any given solution. And while that may be the case oftentimes, it should not be assumed. Four key features to look for in an email security solution are:

  • Outbound Email Encryption: This encryption ensures that every outbound email message that contains sensitive or confidential information is encrypted. The technology behind this service scans messages for pre-defined filters or compliance rules and will encrypt the appropriate messages before delivering to the recipient.

  • Spam Filtering & Anti-virus Protection: Inbound email messages are inspected for unwanted junk email and viruses. These solutions are often referred to as inbound email protection solutions and are typically standard deployments across an organization.

  • Data Loss Prevention: The goal of DLP is to interrogate outgoing email for confidential information that should not leave the company’s network. Some DLP solutions may leverage similar logic to that of outbound encryption solutions, however the goal is different. Rather than encrypting data to be sent, DLP solutions actually prevent outgoing messages from being sent if they are shown to contain sensitive material.

Mobile Device Management

In addition to protecting and archiving your hedge fund's emails and other electronic messages, you should also take a look at solutions for mobile device management to protect your data. As enterprise data moves to smartphones and tablets and companies continue to support BYOD practices, extra care must be taken to ensure sensitive company information is protected while on mobile devices.

Look for a mobile device management solution with the following:

  • Support of various devices, including Apple, Android and BlackBerry;

  • Ability to restrict and monitor application downloads;

  • Content management, including encryption and password protection for company-sensitive materials; and

  • Analysis of user activity including behavioral patterns.

Here are a few more resources on technology compliance to keep you up-to-speed:

Contact an Eze Castle representative

Photo Credit: iStock

]]>
<![CDATA[Hedge Fund Form PF: Getting the compliance basics right]]>http://www.eci.com/blog/336-hedge-fund-form-pf-getting-the-compliance-basics-right.htmlTue, 24 Jul 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=336 Is your hedge fund registered with the SEC? Do you manage one or more private funds with assets of at least $150 million?

If you said yes to these questions, then you have some homework to do. Under SEC regulations, your firm is required to file Form PF.

During a recent webinar, we asked ACA Compliance Group to talk us through the requirements and recommendations for filing Form PF as well as some additional compliance program recommendations. Below is a short recap of ACA’s presentation. To listen to the full replay of our event, click here.

Form PF: Requirements & Recommendations

Depending on your firm’s fund type and assets under management (AUM), the deadline for your Form PF filing may be sooner rather than later. Larger funds - including hedge fund managers, liquidity managers and private equity managers - will need to file sooner, while the majority of registered investment advisers won’t need to file until early next year [see chart]. All filers are required to complete Section 1 of Form PF, and additional sections may be required for those larger funds with assets upwards of $1.5 billion. Looking ahead, the large hedge fund and liquidity managers will be required to file their reports quarterly; all others will file on an annual basis.

Form PF Filing DeadlinesThe challenge with Form PF lies in the fact that firms must aggregate a wide array of data to complete the filing properly. So in addition to being able to successfully interpret the form, these investment firms must also work to meet the inherent information technology challenges – particularly for firms required to file Sections 2, 3 and 4.

Preparing a test filing is a great way to properly ready your firm for the time when the deadline approaches. For Section 1 only filers – whose deadline is not until April 2013 – there is plenty of time to test their internal systems and processes and determine the best method for collecting data and completing Form PF. This is going to give your firm the best indication of how prepared it is to meet these SEC demands and how long the process is going to take.

Compliance & Technology Webinar: Listen NowInstead of relying on strictly internal personnel to complete Form PF, you should also reach out to your service providers to determine if they can help you in any way. Many prime brokers and fund administrators are working with their clients to assist them with the filing process.

It’s important to point out that the SEC will likely use Form PF as a first step in visits with registered investment advisers. Submissions will undoubtedly drive the examination process down the road.


Maintaining an Effective Compliance Program

While Form PF encompasses an essential set of requirements for SEC registered investment firms, your firm should also look to maintain an internal compliance program to effectively and efficiently maintain your business and reputation.

Consider reviewing emails sent and received by internal parties for suspicious correspondence with competitors, government agents, or other conflicts of interest. Keep an eye out for emails sent with attachments to personal email accounts and other outbound messages of a suspicious nature.

Document your firm’s email reviews and decide in advance how to respond to findings that appear serious. Hopefully, as words spreads throughout your firm that you’re investigating, changes in appropriate email behavior will take place.

Finally, be mindful of your firm’s requirements from a record retention perspective. Under a variety of regulations, many firms are required to retain and archive email and other electronic communications for up to seven years.

Record retention is an important topic all on its own, so we’re going to take a closer look at message archiving and other technology compliance requirements in Part 2 of our webinar recap coming up on Thursday. Be sure to check it out!

In the meantime, here are some other helpful resources:

Contact an Eze Castle representative

]]>
<![CDATA[Trends, Hot Topics & the Future of Social Media]]>http://www.eci.com/blog/335-trends-hot-topics--the-future-of-social-media.htmlThu, 19 Jul 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=335 Social networking and blogging dominate Americans’ time online, now accounting for almost 25% of total time spent on the Internet. Additionally, four out of five Internet users visit social networks and blogs, a number that has increased drastically over the past two years. Facebook, YouTube and Twitter all rank among the top 20 most visited US sites, as do the popular blogging platforms BlogSpot and WordPress.

It’s clear from these numbers that social media participation is growing at a rapid pace. So, why is everyone flocking to these sites? Some of the top drivers of social media usage among social networkers include: keeping in touch with friends and family (the strongest driver by a longshot), finding new friends, researching products and services, reading and contributing to product reviews, seeking entertainment and seeking an outlet for creativity. While there are certainly other reasons to participate in social networking, the majority of users cite reasons that fit into these general bucket areas.

Now that we’ve taken a look at some current social media figures and trends, let’s dive into what to expect in the future of the ever-changing world of social networking.

New platforms: Foursquare, Pinterest, Tumblr

  • foursquare app mobile deviceFourSquare: This is an app which allows users to “check-in” at various locations via a smartphone or tablet. This tool, as with other location-based apps, lets users share their current location with their followers. For example, if I were to check-in here at the Eze Castle Boston office, I could share that with my Twitter followers and Facebook friends. If a coworker and I check-in here together we can share this experience with both of our sets of followers. This is where FourSquare and similar apps are gaining popularity – the social aspect of visiting a new or interesting place with friends and being able to share that information instantly with one’s online community.

    Another aspect of location-based services that is rapidly gaining popularity is the ability to discover nearby locations via your smartphone’s GPS system. What is perhaps even more valuable is the incorporation of personalized recommendations which are made based off of a user’s recent check-ins and preferences, as well as those of his or her followers.

  • Pinterest: This site is best described as an online pinboard, where users can “pin” content from any Internet site onto boards which they create, title and categorize themselves. Users pin everything from recipes and quotes to personal photos and art. Upon signing into his or her account, a user can view everything that has recently been pinned by everyone he or she follows. Additionally, users can “re-pin” content they find interesting onto their own boards, which are then likewise shared with their followers. Pinterest is currently one of the fastest-growing online social networks. Earlier this year, it crossed the 10 million unique monthly visitors mark and is now the third most visited social networking site behind Facebook and Twitter.

  • Tumblr: This is a social networking site on which users can create a page to share just about any form of content that is available on the Internet. Tumblrs share everything from text and photos to videos and links with their followers in a format that is often described as a cross between Twitter and a blog. While posts are not limited in terms of characters like tweets are, Tumblr posts tend to be brief and include a combination of different types of media. When a user signs on, he or she can view posts from all followers in a feed that looks similar to a Twitter stream. Tumblr is more customizable than traditional blog platforms, which is a major factor contributing to its popularity. The site has nearly tripled its unique visitors in the US over the course of the past year. It currently gets about 16.5 million page views per month and is the eighth largest site in the US social networks and blogging arena.

What’s next in the world of social media?

So, we’ve taken you through the current state of social media, as well as a look at some hot topics and trends we see unfolding as we speak. Let’s now discuss what’s coming next in the ever-changing world of social networking.

  • Social media becomes mass media. A few years ago, experts questioned the relevancy of blogging and social platforms. They were often considered too informal to be taken seriously. Now the importance of these sites has become evident, and their relevance is only gaining momentum. More and more people are turning to blogs, Facebook newsfeeds, and Twitter streams as their primary sources for news and other content. However, as social networking transitions to mainstream media, it’s becoming increasingly important to recognize what is quality content and what is not. For businesses, this means using social media as a means of engaging in conversations, as opposed to pushing products through a megaphone. For individuals, this means seeking out quality sources of information and not believing everything you read online.

  • Mobile gains traction. Tsocial media iconsoday, more than half of Facebook's 900 million users access the site through mobile devices. Globally, mobile Internet users are set to overtake desktop users by 2015. But despite this growth, social media on mobile devices remains in its early stages. Just migrating desktop features onto phones and tablets isn’t enough. What's coming is improved location-awareness, better video and audio, and integration with third-party apps. Look for these improvements in the near future as mobile social networking begins to take off.

  • Social media embraces the open platform format. Why has Facebook seen so much continued success, while Google+ has struggled to compete for our time? The answer lies in the way Facebook has been established as an open platform, in which outside vendors can contribute to the user’s online experience. Third-party apps, such as the popular Zynga games, enhance a Facebooker’s experience, causing them to remain on the site longer and feel a greater sense of engagement. Similarly, companies such as TweetDeck and HootSuite have benefitted from Twitter’s open layout. Sites that are closed to outside vendors do not have this added layer of entertainment, and therefore lose the interest of their users much more quickly.

  • Crowdsourcing takes over. Crowdsourcing refers to outsourcing the creation of content and ideas to groups of people, instead of tackling these tasks in-house. The most well-known example of this is Wikipedia, which is an encyclopedia developed entirely by contributions from the online masses. Since people tend to trust their friends and other people they know more than corporations, everything from how to bake a cake to which store to shop at for a new pair of jeans will be determined through crowdsourcing. Sites such as Pinterest, Tumblr, Wikipedia and virtual message boards are leading the way in this arena.

  • The personalization vs. privacy debate heats up. Online retailers and social media sites are constantly collecting information about us. They log our likes and dislikes, our interests and the interests of the people with whom we interact online. Soon, users will no longer need to search for information, as the majority of information we seek will find us based on the virtual profiles that are being created as we speak. The negative side of this is the potential invasion of privacy which is already becoming an issue. Not only have government regulators begun to increase scrutiny, but users themselves are becoming more sensitive to how their personal information is being shared. With Facebook going public and shareholders demanding results, the pressure to mine user information will only continue grow. Walking this fine line between personalization and individual privacy is going to be an interesting trend to follow going forward.

For more information on the world of social media, don't miss these Hedge IT articles:

]]>
<![CDATA[Hedge Fund Primer: Securities Class Action Settlement Recovery]]>http://www.eci.com/blog/334-hedge-fund-primer-securities-class-action-settlement-recovery.htmlTue, 17 Jul 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=334 Battea LogoInvestor protection and fiduciary responsibility are fundamental principles to the successful operation of the US securities markets. Securities class action lawsuits are a last resort by shareholders and institutional investors to remedy breaches of these principles. For hedge funds, gaining an understanding of the legal process, trends and key concepts of these legal actions is relevant considering the size and scope of these settlements.

Securities Class Action Litigation Process

The securities class action litigation process is complex and lengthy. A multitude of stages and legal procedures can require three to seven years until a single award is distributed. Very few cases actually go to trial due to juries having a history of awarding overly generous settlements to plaintiffs. Consequently, for cases that are not dismissed, the plaintiff and defense typically negotiate a settlement which is then approved by the court. A Plan of Allocation is published which specifies how damages will be calculated and who is eligible to receive a prorated portion of the settlement. A claims administrator is hired to validate claims and disburse settlement awards to the eligible claimants.

Recognized Loss, Proration and Complex Filing Considerations

The Plan of Allocation in a settlement details what is called a Recognized Loss. This is NOT a loss in the real world; the Recognized Loss is the amount calculated by applying the rules of a settlement to determine what a claim is worth. It rarely corresponds to an out-of-pocket loss, and frequently exists despite real-world profits. The recognized loss figure is important because claimants need to be able to confirm the loss number that represents their portion of the settlement fund with the Claims Administrator prior to distribution to ensure settlement awards are accurate. Accurately calculating recognized loss and fund proration is complex as there are many considerations that come into play including: accounts versus subaccounts, netted versus transactional summing, market loss treatment, FIFO versus LIFO, overlapping rules, derivatives, splits, options, IPOs, merger activity and commissions, among others.

Perception versus Reality: the Value of Claims

In order for an investor to recover his/her share of the settlement, a claim must be filed with the appointed claims administrator. Many investors receive class action settlement notices at home and, more likely than not, disregard them as a poor investment of their time. Admittedly, as an individual investor, it may not be worth the time, but institutional investors may be eligible for significant awards and have a fiduciary responsibility to file for their customers. Despite the potential windfall from such settlements and the fiduciary obligation to file, the process of actually recovering awards can be a complex and confounding task. Whether done in-house or by a third-party filing vendor, each institutional investor must evaluate the most efficient means by which they can address their responsibility for filing claims and maximize collection of the awards for which they are eligible.

Outsourcing Class Action Recovery

With securities class action settlements often in the news and an increased scrutiny within the hedge fund marketplace, more hedge fund firms are taking action and attempting to manage the settlement recovery process in-house. Most hedge funds operate with very lean staffing and the task of claims recovery is one of many piled on the Chief Operating Officer or General Counsel. Battea employs a team of 25 professionals to track and manage all securities class action litigation activity for over 300 financial institutions around the globe.

One Battea client was filing claims in-house and, due to resourcing, the firm chose to file claims in well publicized cases where they knew they held a position. They had received some settlement monies, but after talking to Battea, were convinced that they were missing out on settlements by not having a comprehensive securities class action recovery program with mechanisms in place to ensure that no eligible settlement funds are missed. Battea analyzed the firm’s 10+ year trading history and discovered 60 settlements for which they were eligible. Battea filed the claims on their behalf, working closely with claims administrators and in some cases, were even able to recover monies for settlements for which the deadline had already passed. Ultimately, Battea recovered over $6 million for the client.

Fiduciary Responsibility

For firms not filing securities class action claims at all, there is a significant opportunity to not only achieve fiduciary compliance, but to potentially add alpha to their bottom line. One Battea client, a $500 million long short equity hedge fund who had been filing class action settlement claims on their own, had several of their claims rejected by the claims administrators. The fund engaged Battea to analyze their historical trade data and audit their existing filings. Battea identified several issues, determining that their trade data had been formatted incorrectly, rendering their claims inaccurate. After correctly processing the data, Battea identified several missed cases, and after submitting their corrected filings, recovered over $2 million in awards for the client. With a pay-for-performance model, clients only pay for Battea’s recovery services when actual settlement monies are delivered.

Technology & Data Security

Today’s investment advisors have billions of trading transactions, all of which must be processed and compared to the universe of existing securities class action settlements in order to collect all eligible settlement dollars. In addition to significant technological horsepower necessary to process and handle that data, client data is extremely sensitive and must be subject to the highest standards of security.

About Battea – Class Action Services

Battea – Class Action Services, LLC is the leading securities class action settlement recovery firm for institutional investors and counts over 300 institutions among its clients, the majority of which are hedge funds. Through its proprietary technology platform, The Claims Engine®, Battea provides a comprehensive and transparent class action settlement award recovery solution across all asset classes, from calculating recognized loss for every claim through the confirmation, receipt and delivery of settlement payouts. Battea has been recovering funds for clients since 2001.

]]>
<![CDATA[Five Simple Security Practices to Keep Your Hedge Fund's Cloud Safe]]>http://www.eci.com/blog/332-five-simple-security-practices-to-keep-your-hedge-funds-cloud-safe.htmlTue, 10 Jul 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=332 Feeling like you don’t have any control over security in the cloud? Think again. The truth is whether you’re managing your IT in-house or working with a third-party cloud services provider, there are a number of steps you can take to ensure your data and information remains safe in a cloud environment.

And I’m not talking about architecting an advanced cloud infrastructure. Here are five simple security practices you can employ to keep your firm’s information protected.Cloud Security Practices

  1. Patch applications such as Adobe PDF viewer, Adobe Flash Player, Microsoft Office and Java. Using the latest versions of these applications – and patching within two days – will help to prevent high-risk vulnerabilities. The same goes for your operating system.

  1. Minimize the number of users with domain or local administrative privileges. Such users should use a separate unprivileged account for email and web browsing.

  1. Employ application white-listing to help prevent malicious software and other unapproved programs from running. Examples are Microsoft Software Restriction Policies or AppLocker.

  1. Use a host-based intrusion detection/prevention system to identify anomalous behavior, such as process injection, keystroke logging, driver loading and call hooking.

  1. Provide user education regarding Internet threats and spear phishing socially engineered emails. Avoid using weak passwords, password re-use, exposing email addresses, and use of unapproved USB devices.

To learn more about cloud security, revisit these Hedge IT articles:

Contact an Eze Castle representative

Photo Credit: Alphabyte]]>
<![CDATA[Happy Fourth of July from Eze Castle Integration!]]>http://www.eci.com/blog/330-happy-fourth-of-july-from-eze-castle-integration.htmlTue, 03 Jul 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=330 On behalf of the entire team here at Eze Castle Integration, we would like to wish all of our readers, clients, partners and friends a very happy and safe Independence Day holiday. Enjoy!

happy fourth of july from eze castle integration
]]>
<![CDATA[Brand Equity: What Is It and Why Does It Matter?]]>http://www.eci.com/blog/309-brand-equity-what-is-it-and-why-does-it-matter.htmlThu, 21 Jun 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=309 Brand Equity. It sounds important. It sounds like you should have it. But what exactly is it? And why does it matter? We recently conducted an internal training to talk about just that, and we thought we’d share some of our insights and tips with our Hedge IT audience!

Eze Castle Integration Website

Brand equity is commonly defined as "a set of assets linked to a brand’s name and symbol that adds to the value provided by a product or service to a firm and/or its customers1." Traditionally, branding elements include a company’s name, logo, images and perceptions.

For example, Eze Castle’s brand can be seen throughout our corporate website (pictured here) in the logo, colors and fonts we use.

So why does brand equity matter? We’ve narrowed it down to 8 key reasons.

  1. Drives buying decisions

  2. Builds customer loyalty

  3. Grows market share

  4. Defends market share

  5. Supports pricing premiums

  6. Creates a halo effect

  7. Helps business expansion

  8. Increases market value

In addition to understanding the importance of your company’s brand, you should also be thinking about your personal brand. Particularly as social networking sites become such important parts of our daily lives, our personal branding becomes even more important.

Photos

First impressions are important, in real life and also on social networking sites. Our eyes are naturally drawn to someone’s photo before their posts and ‘about me’ information. But what does your online headshot or profile picture say about you? Best practice here suggests you should be mindful of who you’re connected to on various sites (your Facebook friends likely differ from your LinkedIn connections), and use a photo that best represents the message you want to send to that audience.

Social Content

After someone notices your profile photo, they are going to start taking in the rest of your content. Status updates, photos, personal information, what groups you’re in or pages you like. All of this information is readily accessible to your profile viewers.

Consider your online profiles like marketing pieces. Even if you aren’t trying to sell yourself or look for a new job, you still want to ensure you are giving off the right impression about yourself. Your status updates, tweets, online reviews, LinkedIn recommendations and comments all contribute to your online personal brand. Having a positive online presence can influence how others think of you. But having a negative online presence can also do the same.

Important Tip: Stay in control of your online privacy settings. You have the ability to control who sees what information about you, but you have to actively take steps to ensure your content is protected if you want it to be.

Contact an Eze Castle Representative

1. David Aaker, Managing Brand Equity

]]>
<![CDATA[Team iPad or Team Surface? A look at new Apple and Microsoft innovations]]>http://www.eci.com/blog/308-team-ipad-or-team-surface-a-look-at-new-apple-and-microsoft-innovations.htmlTue, 19 Jun 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=308 Happenings from the Apple Worldwide Developers Conference (AWDC) were leading the news last week as Apple faithfuls (and investors too) patiently awaited (and speculated) what the world’s innovator had up its sleeve. While no new iPhone was announced, the company didn’t completely disappoint.

Not to be outdone, Microsoft introduced its first tablet this week – the Surface – but more on that later.

Apple WWDC 2012 logo

Here is a snapshot of Apple’s AWDC news:

A Preview of iOS 6: Available this fall for the iPhone, iPad and iPod touch, iOS 6 brings 200+ new features including:

  • A new Maps app with Apple-designed cartography, turn-by-turn navigation and an amazing new Flyover view;

  • New Siri features, including support for more languages, easy access to sports scores, restaurant recommendations and movie listings;

  • Facebook integration for Contacts and Calendar, with the ability to post directly from Notification Center, Siri and Facebook-enabled apps like Photos, Safari and Maps; and

  • Shared Photo Streams via iCloud.

New MacBook Pro with Retina Display: The all-new 15-inch MacBook® Pro features Retina™ display, all flash storage and quad-core processors in a radically thin and light design – it measures a mere 0.71 inches and weighs only 4.46 pounds.

Updates to MacBook Air & Existing MacBook Pro: Not overly exciting but the MacBook Air is now available with the latest Intel Core processors, faster graphics and flash storage that is up to twice as fast as the previous generation. The current generation 13-inch and 15-inch MacBook Pro – not to be confused with the Retina display unit – have also been updated with the latest Intel Core processors and powerful discrete graphics from NVIDIA.

Mountain Lion July Availability: Mountain Lion – not the animal, the ninth release of Apple’s OS X – introduces more than 200 features including the all new Messages app, Notification Center, system-wide Sharing, Facebook integration, Dictation, Power Nap, AirPlay Mirroring, Game Center and the enhanced security of Gatekeeper.

Microsoft Enters the Party

Windows Surface for Hedge Funds

In other tablet-maker news, Microsoft this week revealed its own Windows 8 tablet – the Surface. The impressive new device appears to target the iPad head on, but we are still awaiting more details including the official cost, availability and distribution channels.

What we do know is that the smallest Surface tablet is 9.3 millimeters thick and weighs 1.5 pounds, which is similar to Apple's iPad, at 9.4 millimeters thick and 1.44 pounds. The Surface has a 10.6-inch screen while the iPad's screen is 9.7 inches.

Uniquely, the Surface has a built-in kickstand, full-size USB port and cover that also serves as a touch keyboard, which could potentially win over folks afraid to go completely keyboard-less. Two models of Surface will be available: one running an ARM processor featuring Windows RT, and one with a third-generation Intel Core processor featuring Windows 8 Pro.

You can learn more about the Microsoft Surface here.

All this news leaves one final question -- Are you Team iPad or Team Surface?

]]>
<![CDATA[Happy Birthday Eze! The Castle turns 17 this month]]>http://www.eci.com/blog/307-happy-birthday-eze-the-castle-turns-17-this-month.htmlThu, 14 Jun 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=307 Cue the confetti and cake - Eze Castle Integration is turning 17 years old this month!

Just as times and technologies have changed, Eze Castle has continuously evolved over the years. We've certainly come a long way from our founding in 1995, when childhood friends John Cahaly (our current CEO) and Sean McLaughlin pitched their first trading solution to Fleet Investment Advisors - a product they developed in a small apartment above Sean's father's dental practice. Today, we have 12 offices across the US, Europe and Asia with a staff of almost 400 employees supporting over 600 hedge fund and investment firm clients.

Our first 17 years have certainly been an exciting ride! Check out our "History of Eze Castle Integration" timeline and some fun facts about our company below. Also, be sure to stop by our new Wikipedia page, which provides more color on the Eze Castle story.

Fun Facts about Eze Castle

  • The company was named after Eze, a village in the French Riviera.

  • The organization was originally incorporated under the name "Eze Castle Consulting," and was later split into two entities: Eze Castle Software and Eze Castle Integration.

  • Despite personnel changes, reorganization and rapid growth, our headquarters has always remained in Boston, Massachusetts.

  • We were voted one of Crain's Best Places to Work in 2009, 2010 and 2011.

  • We pride ourselves on our commitment to the community. Eze Castle contributes regularly to several nonprofit organizations and matches employee donations to all reputable charities.

history of eze castle integration timeline

contact an eze castle integration representative

]]>
<![CDATA[Cloud Adoption in the Investment Industry: Survey Results Part 2]]>http://www.eci.com/blog/306-cloud-adoption-in-the-investment-industry-survey-results-part-2.htmlTue, 12 Jun 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=306 Last week, we revealed Part 1 of our cloud adoption trends survey results and detailed how hedge funds and investment firms are currently leveraging the cloud, as well as what kinds of cloud deployment models they are using (private clouds take the cake).

Some additional data points we learned as a result of this survey include the driving factors influencing firms’ decisions to use the cloud, potential barriers to cloud adoption and the key evaluation criteria for cloud services providers. Let’s take a closer look at what survey respondents had to say relative to these categories.

Factors Influencing the Decision to Use the Cloud

There are a multitude of factors that alternative investment firms need to take into Factors Influencing Cloud Decisionsconsideration as they evaluate cloud offerings. Survey respondents were asked to rank the importance of several factors related to their cloud decision-making, including cost, flexibility, functionality and speed.

The majority of respondents interestingly noted that all factors provided were either important or extremely important to their organization’s decision to use the cloud now or in the future. Overwhelmingly, 86 percent of respondents ranked the use of the cloud for reducing IT infrastructure investments as important or extremely important.

Increasing the speed of technology deployment was a close second when it comes to factors influencing cloud purchases. 83 percent of respondents ranked it as important or extremely important, and, like cost, only 6 percent consider it an insignificant factor. Particularly for startup firms, the appeal of getting up and running quickly is a great one. Traditional, on-premise infrastructure solutions can take six to 10 weeks to design and implement. Cloud solutions, on the other hand, can take a fraction of that time, with some smaller implementations requiring only days for deployment.

In addition to cost and speed of deployment, another important factor ranked as significant by respondents was the ability to simplify IT management and support. While some alternative investment firms like the ability to control IT in-house and manage the infrastructure from within, the appeal of outsourcing day-to-day functions and support to a third-party cloud provider is a hard one to pass up. Particularly as roles and responsibilities change to increase operational efficiencies, professionals at many firms who were previously responsible for technology are juggling a variety of new tasks.

As firms grapple with increased regulatory requirements and oversight as well as compliance issues and investor demands, they may choose to utilize the cloud as a means to delegate their traditional IT responsibilities and focus on their core competencies. Within this survey, 82 percent of respondents said simplified IT management and support was an important or extremely important factor; 5 percent responded that it was not very or not important at all.

Barriers to Cloud Deployment

While the cloud does hold distinct advantages for alternative investment firms, it should not be a decision that is taken lightly for any firm. Just as significant as the factors influencing the move to the cloud, we also asked respondents to rank the significance of certain barriers or concerns with cloud computing.

As you might expect, respondents ranked concerns about cloud computing security (i.e. risk of unauthorized access, data integrity, etc.) as significant or extremely significant 86 percent of the time.

Second to cloud security, concerns about information governance or meeting regulatory or compliance requirements were also seen as significant or extremely significant barriers to cloud adoption. 71 percent of respondents ranked this factor as significant to them. Regulatory pressures have increased exponentially in recent years, particularly with the introduction of the Dodd-Frank Wall Street Reform and Consumer Protection Act.

Additional “barriers” ranked significant or extremely significant by respondents include:

  • Investors/clients are not receptive to cloud computing (62%)

  • Concern about lack of custom application availability or integration (61%)

  • Fear of outgrowing or overpaying in the cloud (59%)

  • Fear of vendor lock-in (54%)

Evaluating Cloud Services Providers

Finally, we asked respondents to provide guidance on what they use for evaluation criteria of cloud services providers. Cost continues to be a significant factor for nearly all firms currently using or considering using the cloud, as evidenced by 84 percent of firms ranking it as important or extremely important to their cloud provider evaluation process. Only 4 percent of firms ranked this factor as not very or not at all important.

Secondary to cost, alternative investment firms also find value in cloud services providers who have knowledge of and expertise within their specific vertical. Eighty-one percent (81%) of firms reported this as an important or extremely important factor, and just 6 percent ranked it as not very or not at all important.

Evaluating Cloud Services Providers

Other factors ranked as important or extremely important by firms surveyed included experience in establishing security procedures (82%), proven post-sales support and service (82%), the cloud provider’s technology infrastructure (81%), certified application availability (80%), innovative ideas and expertise regarding cloud trends (78%), prior experience with the vendor (74%) and geographic reach and global support (70%).

To download the complete 18-page survey report, Cloud Adoption Trends within the Investment Management Industry, click here.

Download the complete report now

]]>
<![CDATA[Cloud Adoption Survey Results Revealed: Part 1]]>http://www.eci.com/blog/245-cloud-adoption-survey-results-revealed-part-1.htmlThu, 07 Jun 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=245 Survey Says: Cloud computing is no passing trend!

If you missed it yesterday, we officially announced the results of our “Cloud Adoption Trends within the Investment Management Industry” survey during a live webinar. You can listen to the webinar recording here.

Our cloud survey set out to investigate how hedge funds and investment management firms are using cloud services today, as well as to provide insight into the factors influencing this trend and also the barriers to adoption. Here’s a look at some of the findings:

Respondent ProfileTotal Assets Managed By Survey Respondents

Our online survey, which was conducted between March and May of 2012, surveyed 125 financial services firms in the United States. Of those 125 firms, 65 percent identified as investment management firms. Additional firm types represented included hedge funds (16%), private equity firms (16%) and fund-of-funds (4%).

The majority of respondent were large firms, with 34 percent reporting they currently manage over $1 billion in assets. Twenty-one percent (21%) of firms are managing assets between $500 and $999 million, and 25 percent between $100 and $499 million. The smallest assets under management (AUM) class represented was firms with less than $100 million in assets – a total of just 15 percent.

Current & Future Use of the Cloud

Of the 125 firms surveyed, 79 percent responded that they were currently using the cloud. When asked how they were currently utilizing cloud services (multiple responses were accepted), 65 percent indicated they were using the cloud for basic business/office functionality. This is a popular trend for investment firms of all kinds, particularly as they get started. Basic office functions that can be leveraged via the cloud include email, file services, storage and mobility functions.

The second most popular use of the cloud for current users was financial application hosting, with 50 percent of firms reporting use of this practice. Financial application hosting in the cloud offers financial firms several advantages to the traditional practice of running and managing an application on an in-house server. With the cloud, firms can leverage the enterprise-grade infrastructure of a third-party provider who is also responsible for the management and monitoring of that application within the cloud environment. Scalability is a factor as well. A hosted platform can provide virtually unlimited computing resources and easy expandability to support a firm’s need to add users or increase resources on-the-fly.

Firms are also using the cloud for complete IT outsourcing (22%) and other infrastructure and application services (35%).

First Cloud Initiative

First Cloud Initiative

As we’ve seen, financial firms are utilizing the cloud in a variety of ways. But what was their first cloud initiative? Similar to how firms are currently using the cloud, the first cloud initiative for 57 percent of firms was basic business and office functionality. Thirty-four percent (34%) of respondents said they first used the cloud to host their key financial applications, and only nine percent (9%) opted for complete IT outsourcing to the cloud on their first try.

Cloud Deployment Models

Cloud Deployment Models for Current Cloud Users

When it comes to cloud deployment models, investment firms continue to rely on a variety of models. The most common choice, however, is a private cloud. While not all private clouds are alike, they are often better suited for hedge funds and investment firms who require a great deal of sophistication, application integration and support.

Of current cloud users, the overwhelming majority (71%) indicated they were using a private cloud solution. Hybrid clouds are the second most popular choice at 37 percent, while public cloud users totaled 33 percent. Additionally, 7 percent of respondents were unsure of their current cloud deployment model.

For those who are not yet using the cloud but are planning to, the responses tended to mirror those of current users. Forty-six percent (46%) of prospective cloud users anticipated using a private cloud solution, while only 23 percent said they would likely use a public cloud. Thirty-one percent (31%) will opt for a hybrid solution when they make the move to the cloud.

Read Part Two of our survey results to learn more about factors influencing cloud decisions, barriers to cloud adoption and top evaluation criteria for cloud services providers. You can also download our full survey report here.

Contact an Eze Castle representative

]]>
<![CDATA[World IPv6 Launch Day is Here. What Does that Mean?]]>http://www.eci.com/blog/244-world-ipv6-launch-day-is-here-what-does-that-mean.htmlTue, 05 Jun 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=244 It’s alive! It’s alive!World IPv6 Launch Day Badge

Well actually tomorrow, June 6 2012, it (aka IPv6) will officially be alive, but that doesn’t work with our Hedge IT blog calendar so today we look at IPv6.

As a refresher, since the inception of the Internet, we have been using IPv4, which totals about 4.3 billion Internet addresses. But with the increasing number of wireless technologies that support the Internet (smart phones, tablet, etc.), these addresses are depleting.

Enter IPv6. The new IPv6 protocol uses 128-bit addresses and allows for substantially more IP addresses – trillions upon trillions of new addresses. The World IPv6 Launch Day marks a key milestone as companies shift their infrastructures to the new protocol, which will eventually completely replace IPv4.

What Happens on World IPv6 Launch Day?

World IPv6 Launch signifies the largest industry movement towards and deployment of IPv6 in the history of the Internet. The goal of the Launch Day is to motivate organizations to permanently enable IPv6 and begin the transition before IPv4 addresses officially run out.

On June 6, participating ISPs will enable IPv6 so that at least one percent of their residential wireline subscribers visit participating websites via IPv6. Participating home networking equipment makers will enable IPv6 by default on their home router products. And participating companies, such as Eze Castle Integration, will enable IPv6 on their main websites permanently (check!).

Potential Hiccups?

According to the Internet Society, “most Internet users will not be affected. Internet users should enjoy uninterrupted service. In rare cases, users may still experience connectivity issues when visiting participating Websites. As ISPs enable IPv6, and home gateway products support it, users at home with modern operating systems and devices will start using IPv6 automatically. In particular, Windows Vista, Windows 7, and Mac OS X 10.7 support IPv6.”

Bye, Bye IPv4

IPv4 still has some life left in it and won’t be fading into oblivion just yet. World IPv6 Launch Day merely introduces IPv6 in parallel to IPv4. It is worth noting that participating websites (like ours!) will still support IPv4 and provide access.

Got Questions?

Our team is happy to answer your IPv6 questions. Just ask.

]]>
<![CDATA[The Queen's Diamond Jubilee: Celebrating 60 Years of Technology]]>http://www.eci.com/blog/243-the-queens-diamond-jubilee-celebrating-60-years-of-technology.htmlThu, 31 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=243 As London hangs out the buntings and prepares for street parties to celebrate Queen Elizabeth II's 60 years on the throne with her Diamond Jubilee, we thought it would be fun to look back at how technology has changed over those last 60 years (and admittedly, beyond that!).

When the Queen began her reign back in 1952, the world looked a lot different. Her primary mode of communication with her constituents was the radio during her first few years on the throne. According to a recent article that appeared in the Telegraph, "in 1953, after television cameras were allowed into Westminster Abbey to record the coronation – the popularity of the young queen prompted sales of half a million extra TV sets in the weeks running up to the ceremony."

Through the years, as technology has changed, the Queen's methods of communication and outreach have significantly changed. Today, Her Majesty has her own Facebook and Twitter accounts (not surprisingly, with a team of social media experts making updates on her behalf), and is able to reach a much broader audience and provide information on a near real-time basis.

Let's take a look at exactly how much technology has changed while the Queen has been in the office (and well before then, too!):

Technology Through the Years

A Timeline of Technology Changes

The future of technology is sure to be exciting. What will the next 60 years bring? Only time will tell.

In the meantime, want to hear why our London office loves technology? Watch this video!

Contact an Eze Castle representative

Source: The Telegraph

]]>
<![CDATA[Examining the Changing Role of the Hedge Fund CTO]]>http://www.eci.com/blog/242-examining-the-changing-role-of-the-hedge-fund-cto.htmlTue, 29 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=242 Times have changed. There is little doubt that the hedge fund industry has evolved in recent years with the rise of new regulations (e.g. Dodd-Frank) and the emergence of outsourcing and cloud computing, particularly. These changes have affected the way many firms do business on both operational and technology levels.

But what effect do these changes have for the person responsible for technology at a hedge fund or investment firm? As a Chief Technology Officer (or comparable role: Director of IT, Chief Information Officer, etc.), one has historically been responsible for day-to-day IT functions and routine technology refreshes. But as the industry has experienced rapid change over the last several years, so too have the CTOs and their responsibilities. CTOs have to wear many hats

A CTO in today’s world must wear many hats. In addition to needing knowledge on a variety of technical skills such as networking, storage, virtualization, telecommunications and resource management, a CTO must also possess a variety of business and non-technical skills to support the organization. These include:

  • Regulatory Requirements: With the Dodd-Frank Act now in effect, investment management firms have a whole new host of requirements to meet. CTOs have to run daily or intraday reports to satisfy new legal requirements, store and archive emails and other messages, and work with regulators on a regular basis to ensure their firms are complying with all necessary directives.

  • Compliance: In addition to complying with the regulatory requirements above, there are also new internal compliance procedures hedge fund CTOs have to grapple with. Particularly in the post-Madoff era, firms are implementing policies to combat insider trading and other securities risks. Mobile security and BYOD issues are another area for technology directors to focus their attention.

  • Communication Skills: Despite the fact that they are forced to work with inanimate objects all day, technologists must also maintain good communication skills to support their technical operations. The increased focus on transparency and due diligence has led to many CTOs interacting directly with investors on a daily basis, educating them on how technology is supporting and protecting their assets. Working more frequently with investors and regulators means CTOs need to work on their interpersonal communication and ensure they are properly representing their organizations.

  • Security: Okay, so this one is still partially technical, but security has become one of the most important – if not the most important – aspect of a hedge fund’s technical operations. In addition to managing the back end infrastructure, a firm’s technologist may also be responsible for or involved in drafting policies and procedures to support security operations within the firm.

While dealing with increased focus and responsibilities relative to regulations, compliance, and due diligence have added to the plates of hedge fund CTOs, another phenomenon has also contributed to this change in role. The popularity of cloud computing (and outsourcing in general) has prompted many hedge funds and investment firms to reevaluate their technical strategies and reallocate their technical resources.

While some firms have opted to reduce or eliminate their IT staffs and outsource all technology, others have opted to maintain internal technology resources while also utilizing the cloud. It can be done effectively and efficiently, and many larger firms, in particular, find it beneficial to use the cloud and also have internal staff dedicated to other technical projects.

Regardless of the approach, the prevalence of cloud computing in the hedge fund industry is driving technologists to evolve their technical and non-technical skills. The cloud means IT roles shift from hands-on work with hardware and installations to resource management, integration, capacity planning, and technical architecture.

For each firm, the dynamic is different. While many of the traditional roles of the hedge fund CTO are changing, others remain the same. Many firms still maintain that they need an internal resource for troubleshooting and other projects. Others prefer to focus their attention on the newer aspects of “technology” (i.e. compliance, due diligence, etc.) and leave the day-to-day IT functions to an outsourced third party. The role of the hedge fund CTO has certainly changed in recent years, and like the technology these professionals support, it’s safe to say their job functions may be markedly different in the years to come.

Contact an Eze Castle representative

Photo credit: iStock Photo

]]>
<![CDATA[Mobile Device Security: Navigating the BYOD Trend]]>http://www.eci.com/blog/241-mobile-device-security-navigating-the-byod-trend.htmlThu, 24 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=241 InformationWeek recently released the findings from its 2012 Mobile Security Survey which examined the mobile security technology trends and strategies employed at over 300 organizations across North America. Of this group, 86% currently allow their employees to use personally-owned devices for business purposes or are in the process of adopting policies which allow this practice.

With the rapidly growing popularity of this so-called BYOD trend, one might assume that IT departments across the country would be tightening up mobile device security policies to keep pace. Unfortunately, this does not appear to be the case. According to the InformationWeek survey, an alarming number of companies are simply making minor adjustments to their policies as opposed to implementing new ground rules that better reflect the capabilities of the smartphones, tablets and laptops their employees are using.

mobile device security

Why is this such an important issue?

By allowing employees to supply their own devices, an organization inherently loses control over the hardware and how it is used. Governing the fine line between personal and professional use on the same device can be challenging. But without clearly defined policies in place companies are making themselves vulnerable to a number of security risks.

For instance, 48% of respondents in the InformationWeek survey indicated that employees within their organizations had their mobile devices lost or stolen in the past year, with 12% of those cases requiring public disclosure, causing inevitable harm to the business. If proper security measures are not in place, the information contained on that device could become accessible to unauthorized parties and the company's reputation may suffer irreparable damage.

Additionally, there are many security risks involved in using one’s personal device for business purposes that most users may not even be aware of. Many popular smartphone apps, such as Dropbox – a public file-transfer service – could allow sensitive information to be easily intercepted. In a recent interview with MIT’s Technology Review, Jeanette Horan, chief information officer at IBM, shared that many IBM employees who use personal devices in the workplace were found to be automatically forwarding their work email to public webmail services. Others were using their smartphones to create open Wi-Fi hotspots. Both of these (not uncommon) practices make a company’s data extremely vulnerable to hackers.

What can your firm do to protect itself from BYOD security threats?

Today, nearly all employees have personal smartphones, tablets and laptops, and it is becoming more convenient to handle both personal and business tasks on those devices. Whether your firm chooses to adopt a formal BYOD program or not, it is crucial to have clearly defined policies in place to govern what is acceptable, and what measures must be in place before using personal devices in a professional manner. Here are some tips for tightening up your firm’s mobile security:

  • Educate employees about mobile device security, as they may not be aware of the vulnerabilities that exist on their personal devices.

  • Remind users to employ many of the same cautions they would when working on company-owned devices. For example, use discretion when opening email or text message attachments or clicking on links - especially when they are received from an unsolicited sender.

  • Ensure appropriate physical security measures are in place to prevent theft of mobile devices and enable data recovery. Users should lock their devices and use secure passwords. Additionally, firms can install software on the devices such that, if they are lost or stolen, their contents can be erased remotely.

  • Employ encryption tools to ensure all emails and text messages are sent securely and cannot be easily intercepted.

  • Only connect devices to secure Wi-Fi networks.

  • Be careful with downloads. Only download apps from reputable developers. It may be useful to develop a list of unacceptable apps or vendors so that employees understand which ones to avoid.

  • Update devices regularly, or set up automatic updates where applicable.

To learn more, don’t miss our article on “The BYOD Trend: What is it and how could your company be affected?” or contact an Eze Castle Integration representative.

Contact an Eze Castle Integration Representative

]]>
<![CDATA[Why Hedge Funds are Hosting Applications in the Cloud]]>http://www.eci.com/blog/240-why-hedge-funds-are-hosting-applications-in-the-cloud.htmlTue, 22 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=240 In last week's article, The Cloud Trifecta: Scalability, Cost and Efficiency, we looked at the top three winning reasons hedge funds are gravitating towards the cloud. In today’s article (again inspired by our Cloud Forum website), we will examine further why firms are outsourcing the IT management of their applications to third-party cloud providers and the questions you should be asking. As validation of this trend, leading application vendors including Advent, ConvergEx, Tradar and Ledgex Systems have introduced efforts to certify third-party hosting providers.

Why Funds Are Moving

Following are some of the key reasons hedge funds are considering using the cloud for application hosting.Heading to the Cloud

  • Enterprise-grade Infrastructure: Cloud provider delivers a resilient and robust infrastructure that includes best practices around N+1 configurations to ensure the application is highly available.

  • Cost-Effectiveness: By hosting an application with a cloud provider, hedge funds can reduce costs and minimize capital expenditure outlays on new equipment. Ongoing maintenance, monitoring and upgrades are all handled by the provider and should be included in the monthly cost.

  • Scalability: A hosted platform can provide virtually unlimited computing resources, a redundant infrastructure and easy expandability to support a firm's needs. In many cases, allocation of CPU, memory, storage resources and Internet bandwidth can be increased on-the-fly.

  • Management: The cloud provider is responsible for monitoring and maintaining the platform to ensure Service Level Agreements are met.

Questioning a Cloud Provider

Asking the right questions is essential to vendor evaluation. Here are some of the must-ask questions when considering moving your application to a cloud provider:

  • Which application vendors have systems operating in the cloud?

  • Does the application vendor confirm their product works in a hosted environment?

  • Are there any issues associated with virtualizing the applications?

  • How is the application deployed? Does the software run native over the Internet, or does it require a delivery mechanism such as Citrix?

  • Are there any limitations with this type of deployment? Are there certain pieces of functionality that will not work if remotely deployed? Are there display limitations?

  • How many clients for the specific application have a hosted implementation?

  • What certification levels does the cloud provider have with these application vendors?

  • Will the application vendor help with a “proof of concept”?

  • Will there be any changes to the level of service if the application is deployed in a hosted environment?

Read the full list of Service Provider Questions HERE.

Check out our Cloud Forum or contact us for further information.

]]>
<![CDATA[The Biggest Security Threat to Your Firm Might Be Sitting Next to You]]>http://www.eci.com/blog/239-the-biggest-security-threat-to-your-firm-might-be-sitting-next-to-you.htmlThu, 17 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=239 Just last week, we talked about network security threats and the best practices your firm can employ to keep information safe. You probably think that your security efforts should be focused on the outside - on external risks. But the reality is that the biggest security threat to your firm could be the person sitting right next to you.

It was mentioned by both eSentire’s Steve McGeown and Eze Castle’s Steve Schoener during our recent webinar that internal threats to security are just as likely to occur when it comes to cybercrime and security breaches.

A recent Wall Street Journal article, IT Protects the Company, Who Protects IT, included statistics from a PricewaterhouseCoopers survey of executives about economic crimes. Several jarring statistics were provided, including:Restrict Computer Privileges

  • 56 percent of respondents who said they had experienced economic crime in the past 12 months said the main perpetrator of the most serious fraud was someone inside the organization;

  • 53 percent of respondents who saw a risk of cybercrime within their organization said there was a risk of it coming from the IT department – the highest percentage from any department; and

  • 18 percent of frauds reported by respondents in 2011 were detected by electronic monitoring of suspicious activity and transactions, up from 5% in 2009.

But it’s not just a firm’s IT department that could pose a risk. Anyone at the company with a certain level of access could gain control of sensitive information. This is why we recommend firms employ the principle of least privilege. In its simplest terms, this means only allowing access to data, documents and resources to personnel who need it. Members of the IT staff likely need more access than employees in the Human Resources or Marketing departments, for example.

We’ve talked about these before, but here are a few internal security best practices to keep in mind:

  • Maintain a strong password policy. In addition to creating a strong password and changing it frequently, be sure not to write it down or give it out. Creating a tough password means nothing if it can be easily discovered by a coworker. And remember, "password" is not a good password.

  • Use multi-factor authentication. In order to access certain systems or data, your firm should employ at least two-factor authentication practices. This means that in addition to providing a password for access, employees would also need to provide a separate PIN number, for example. For access to a data center, firms may want to use biometric screening as a second authenticator.

  • Take control of company-sanctioned mobile devices. What about when an employee leaves the firm? Can he/she still access company data and information from their mobile device? It’s important to remember that even if an employee leaves, access may not be automatically terminated. Firms should ensure they restrict access when employees leave and are also able to wipe devices remotely if necessary.

Just remember: when it comes to protecting your company’s sensitive information, don’t just train your eyes outward. Look inside too.

Want More on Hedge Fund Security?

Contact an Eze Castle representative

Source: Wall Street Journal
Photo Credit: eHow

]]>
<![CDATA[The Cloud Trifecta: Scalability, Cost and Efficiency]]>http://www.eci.com/blog/238-the-cloud-trifecta-scalability-cost-and-efficiency.htmlTue, 15 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=238 Taking a page from the Cloud Forum (quite literally), today we look at the top three winning reasons hedge funds are gravitating towards the cloud. Not surprisingly, these reasons center around increased efficiencies, improved technology environment and cost savings.Cloud: Time to Deployment

Scalable, Flexible and Available

The cloud offers firms the option of scalability without the serious financial commitments required for infrastructure purchase and maintenance. With cloud services there is no vendor lock-in or implied commitment beyond duration so firms have the flexibility to easily evolve their IT environment.

Another benefit is the ability to seamlessly add more users and/or computing resources to match the firm’s requirements. A hedge fund private cloud can deliver the infrastructure, bandwidth and network resiliency to accommodate business requirements for high speed access, storage and applications.

Finally, a cloud solution offers advantages around time to deployment since the timely element of a custom build-out is eliminated.

Cost Containment

Through cloud services firms gain the opportunity to convert from Capex to Opex. While building out a comm room or data center requires capital expenditures, using an external cloud service that offers a pay-as-you-go service falls into ongoing operating expenditures. The transition to a cloud service provides many cost-savings beyond just eliminating the need to purchase and refresh equipment.

When weighing the costs associated with maintaining a server and other data center equipment in-house it is important to consider:

  • Direct costs including power, real estate/floor space, storage, and IT staff to manage the resources

  • Indirect costs including network and storage infrastructure and IT staff to manage the environment

  • Overhead costs including procurement, accounting and IT

When added to the cost of an internal server, these factors significantly raise the monthly overall cost to host a server and make cloud services more attractive.

Increased Operational Efficiencies

The cloud delivery model also offers many benefits around increasing operational efficiencies at hedge funds that translate into streamlined technology oversight and potential cost savings. These include:

  • Eliminating server technology refreshes in-house while also ensuring a firm has the latest technology powering it

  • Reducing IT overhead by using a third party, such as Eze Castle Integration, to handle all infrastructure maintenance, monitoring and management

  • Decreasing the cost of designing and deploying new applications due to the standardized infrastructure that is fully managed

For more on how your hedge fund can benefit from cloud computing contact us or visit our Cloud Forum.

Hedge Fund Cloud Forum

]]>
<![CDATA[Network Security Threats & Best Practices for Hedge Funds]]>http://www.eci.com/blog/237-network-security-threats--best-practices-for-hedge-funds.htmlThu, 10 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=237 As part of our ongoing thought leadership, we often host educational webinars on a variety of topics relevant to hedge fund operations and technology. For our most recent webinar, we decided to dive deeper into the topic of security, as it still remains one of the biggest priorities and concerns for hedge funds.

Speaking on the webinar were two great security experts: Steve McGeown, VP of Marketing and Product Management at eSentire, and Steve Schoener, VP of Client Technology here at Eze Castle Integration.

Below is a short summary of the key points addressed by our expert speakers.

Why are Hedge Funds at Risk?

The truth is that there is a lot of animosity towards firms on Wall Street, and this distaste has spurred the increase in potential threats to hedge funds and investment firms. Since the US recession began in 2008, people have been looking for someone to blame, and oftentimes that blame has been placed on hedge funds. In some cases, hackers or “hactivists” are merely looking to steal information, and in other cases, they may be looking to tarnish and take down funds that they believe are responsible for our current economic state. Hackers have stepped up their games and even made a point to target specific firms in order to seek revenge.Network Security

In addition to external threats, some of the biggest risks to your company may be located internally. One example that eSentire's Steve McGeown provided of this was an instance in which a company’s employee was caught downloading an entire CRM database onto her personal Gmail account. Instances like this are prime examples of how important it is to maintain strict internal policies and procedures to keep your firm’s information safe at all times. (We’ll be dedicating an entire blog article to this topic next Thursday, 5/17, so be sure to come back then!).

Hedge Fund Security Best Practices

Hedge funds and investment firms may be easy targets for hactivists, but with proper policies and procedures in place, firms can ensure their sensitive data and information doesn’t fall into the wrong hands. On the most basic level, firms should employ anti-virus software and network firewalls to minimize the amount of traffic into the firm’s network. To take things a step further, firms can utilize systems like intrusion detection to more accurately and aggressively monitor inbound threats.

Having the right systems in place can only get you so far. Your firm also needs to underscore the importance of security by maintaining strict policies that outline acceptable behavior and security best practices.

Following are a few policies we recommend your firm employ:

  • Access Control Policy: Provides direction for managing and granting access to information systems

  • Acceptable Use Policy: Outlines acceptable use of Internet/Extranet/Social Media/etc.

  • Incident Response Management Policy: Outlines the requirements and procedures for dealing with an information security breach or incident

  • Personal Communications Device Policy: Describes requirements for use of personal communication devices

To hear more from our expert speakers, Steve McGeown and Steve Schoener, listen to the complete webinar recording here: Network Security Threats Exposed: How to Keep Your Firm’s Data and Infrastructure Safe.

Also, be sure to check out these articles:

Contact an Eze Castle Representative

]]>
<![CDATA[Hedge Fund Cloud Summit: Video Testimonials]]>http://www.eci.com/blog/235-hedge-fund-cloud-summit-video-testimonials.htmlThu, 03 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=235 More than 100 hedge fund technology and operations professionals attended our recent Hedge Fund Cloud Summit in New York, and we're pleased to report that the feedback was overwhelmingly positive.

Not only was the Cloud Summit the first event of its kind, but it was also where we debuted Eze Castle TV! Some of our attendees were brave enough to face the camera and tell us what they thought of our event. Watch the video below to see what they had to say!

To watch more of our videos, visit www.YouTube.com/EzeCastleECI.

Contact an Eze Castle Integration representative

]]>
<![CDATA[Introducing Our Newest Addition: Cloud Forum!]]>http://www.eci.com/blog/234-introducing-our-newest-addition-cloud-forum.htmlTue, 01 May 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=234 As any regular Hedge IT reader knows we are passionate about cloud computing and its use at hedge funds. We are also committed to being a constant source of information and education.

So…drumroll please… We are excited to unveil the newest member of the Eze Castle Integration thought leadership family – Cloud Forum!

On the Cloud Forum you will find rich information:Cloud Forum Intro

  • What is Cloud Computing

    • History of Cloud Computing
  • Cloud Architecture

    • Types of Cloud Computing Models
    • Unified Cloud Architecture Overview
  • Operating in the Cloud

    • Application Hosting
  • Cloud Security

    • Top Threats
    • Best Practices
    • Questions to Ask Cloud Providers
  • Cloud Computing Dictionary A-Z

  • Cloud Resources: Articles, Videos and Events

Here is a snapshot of our newest family member:

Cloud Forum Snapshot

Visit Cloud Forum Now

]]>
<![CDATA[Hedge Fund Cloud Summit Draws Crowd in New York]]>http://www.eci.com/blog/233-hedge-fund-cloud-summit-draws-crowd-in-new-york.htmlThu, 26 Apr 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=233 The atmosphere in the room was one of excitement and anticipation. Not something you’d expect for a conference dedicated to cloud computing? Think again.

Hedge Fund Cloud SummitWe hosted our first-ever Hedge Fund Cloud Summit earlier this week at the Sofitel New York, bringing together over 100 operational and technology professionals from the investment industry for what truly was an exciting day.

Event hosts Bob Guilbert and Vinod Paul kicked off the afternoon by offering their perspective on the changes within the hedge fund market relative to cloud computing and why it has steadily become a reliable technology option for firms of all sizes and strategies. Five years ago, most hedge funds were involuntarily relying on traditional on-premise infrastructures marked by intricate Comm. Room build-outs and heavy upfront capital expenditures. The average cost for servers, storage, networking and other equipment? Two hundred to five hundred THOUSAND dollars.

As the industry has changed and technology has evolved, the cloud has emerged as a beneficial solution for firms looking to increase their efficiencies and reduce their CapEx. Hedge funds and investment firms are using the cloud in a multitude of ways and for a variety of reasons. We’ve come a long way from back in 2008 when respondents of an InformationWeek survey said that “cloud” was just a carelessly used marketing term.

But times have changed. And the Cloud Summit was the perfect opportunity for fund professionals on both the operations and technology levels to gather together and gain insight into some of the key cloud-related discussion point being heard throughout the industry. And, as expected, the most popular panel of the day was focused on cloud security.

We hope you share more insights from the Cloud Summit with you soon, but in the meantime, check out some of our expert panelists on display! Also, be sure to visit our new Cloud Forum website that answers (almost) every question you could have about cloud computing for hedge funds.

Hedge Fund CTO Panel at Cloud Summit

Examining the changing role of the hedge fund CTO/CIO are Moderator Bob Guilbert (Eze Castle Integration)
and panelists Chris Turek (Evercore Partners), Doug Kline (Deutsche Bank) and Perry Vais (BlueMountain Capital Partners)

Security Panel at Cloud Summit
Discussing cloud security before the panel starts are Moderator Mike Abbey (Eze Castle Integration)
and panelists Eldon Sprickerhoff (eSentire), Steve Schoener (Eze Castle Integration),
Tom Smykowski (Goldman Sachs) and Elad Yoran (Vaultive/Cloud Security Alliance)

Contact an Eze Castle Representative

]]>
<![CDATA[Eze London Employees - Why We Love Technology]]>http://www.eci.com/blog/232-eze-london-employees---why-we-love-technology.htmlTue, 24 Apr 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=232 What would we do without technology in our daily lives? Technology has evolved over the years helping us with the way we communicate with one another to the mediums we use to obtain and share information. If you remember, last year we wrote an article on Why We Love Technology. This year we thought we would share what our London employees love about technology. Check out what these Eze Castle employees had to say in the video below.

]]>
<![CDATA[eSentire: Bringing Security to a Hedge Fund Near You]]>http://www.eci.com/blog/230-esentire-bringing-security-to-a-hedge-fund-near-you.htmlTue, 17 Apr 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=230 The security threat landscape continues to evolve, and security through obscurity is no longer (and probably never was) an ideal approach to protecting the sensitive data of the hedge fund industry. A recent study by IBM found that the cyber threats are expanding with 62% of managers believing that cyber threats are an increasingly serious risk to business.virus alert

The report found a 27% rise in cyber security vulnerabilities between 2009 and 2010 and noted that “early in 2011 officials at the International Monetary Fund revealed that it had been targeted by a sophisticated cyber attack – a threat that was considered so serious, the World Bank severed the computer ties through which the two organisations shared information.”

Another example cited was that “in June 2011 a black-hat hacker group known as LulzSec (or “Lulz Security”) targeted the website of the CIA in the US using a denial-of-service attack. This was the latest in a string of similar attacks against a range of government and public sector bodies.”

While these two examples occurred at large organizations, the risks facing smaller firms (read: hedge funds) are just as real. To that end, we recently had eSentire into our Boston office to speak with a group of hedge fund CTOs about the security landscape and their managed security technology. Feedback on eSentire’s offering and approach was positive and the spark for this tech spotlight article.

The Spotlight

Eze Castle Integration and eSentire are working together to give hedge funds using the Eze Private Cloud or on-premise IT complete protection from security risks that could jeopardize operations and threaten proprietary information.

eSentire’s core solutions combine advanced security technology with highly trained security experts to proactively identify potential vulnerabilities, detect and prevent intrusion, and conduct forensic traffic analysis for predictive threat profiling. Core components of eSentire’s eSentinel managed security services are network interceptor and Security Operations Center (SOC). These deliver:

Network Interceptor

  • Intrusion Detection / Intrusion Prevention

  • Bandwidth Tools

  • EXE Blocking / Quarantine / DPI

  • DNS Interception

  • SSL Interception/Proxying

  • Attachments and End-of-Day Reports

  • Forensic Traffic and Incident Analysis

Security Operations Center

  • Service Level Objectives

  • Change/Release Control

  • Operational Reporting/Relationship

  • SOC Escalation/Resolution Mechanisms

  • Root Cause Analysis Functions

  • Systems Group Maintenance

Up Next

This coming Thursday (April 18, 2012) we are hosting a webinar with eSentire titled “Network Security Threats Exposed: How to Keep Your Fund's Data & Infrastructure Safe.” The webinar will provide attendees details on:

  • Specific network security threats, including data leakage and network intrusion;

  • Understanding of security threat management practices such as intrusion detection and prevention, forensic traffic analysis and web and application assessments; and

  • Specific policies and procedures to employ for optimal security management.

Want More on Hedge Fund Security?

Contact Eze Castle about Hedge Fund Security


]]>
<![CDATA[Clouds of Change for IT Pros: Cloud Admin's the new Sys Admin]]>http://www.eci.com/blog/229-clouds-of-change-for-it-pros-cloud-admins-the-new-sys-admin.htmlThu, 12 Apr 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=229 birthday cakeOn most days if you asked what I was doing on that exact day two years prior I wouldn’t be able to tell you, but today is different.

Today is the second birthday for Hedge IT, our sweet, informative blog. So I know exactly what I was doing two years ago – I was writing and posting our first Hedge IT article, aptly titled “Welcome to Hedge IT.”

Sticking with the theme of ‘welcome to…’ and giving a nod to our upcoming Hedge Fund Cloud Summit, today’s post is a welcome to the changing world of IT – now that the business world is going to the cloud.

Paradigm shifts are commonplace in the IT world. When talking to an IT veteran about cloud, he/she will likely reflect on the move from centralized computing (mainframes/mini-computers) to decentralized computing (Windows NT/Novell) and now back to centralized computing with the cloud.

The prevalence of the cloud means IT will shift from hands-on work with hardware and installations to resource management, integration, capacity planning, and technical architecture. IT roles will evolve from “Systems Admins” and “Systems Architects” to “Cloud Admins” and “Cloud Architects.” This evolution is exciting and likely scary all at once. The well-known book, “Who Moved My Cheese?,” provides the following insights for coping with and preparing for change:

  • Change Happens. They Keep Moving the Cheese.

  • Anticipate Change. Get Ready For The Cheese To Move.Cheese

  • Monitor Change. Smell the Cheese Often So You Know When It Is Getting Old.

  • Adapt To Change Quickly. The Quicker You Let Go Of Old Cheese, the Sooner You Can Enjoy New Cheese.

  • Change. Move with the Cheese.

  • Enjoy Change! Savor The Adventure And Enjoy the Taste Of New Cheese!

  • Be Ready To Change Quickly and Enjoy It Again. They Keep Moving The Cheese.

To support your expedition to enjoy the big cheese in the sky, here is a snapshot of the technical and non-technical skills that make a knowledgeable Cloud Admin or Cloud Architect.

Technical Must-Have Skills

Virtualization

Capacity Planning

Enterprise Storage

Enterprise Security

Mobility

Application Management

Resource Management

Networking

Telecommunications

Application Integration

Technical Project Management

Data Center Management

Non-Technical Must-Have Skills

Business Intelligence

Legal Compliance

Vendor Management

Collaboration Architecture

Business Acumen

Communication Skills

We'll explore this topic futher at our Hedge Fund Cloud Summit in NYC, and be sure to write a follow up article for those of you unable to attend.

Enjoy the tides of change!

Photo credits: Smabs Sputzer, Will Clayton

]]>
<![CDATA[A Sneak Peek at the Upcoming Hedge Fund Cloud Summit]]>http://www.eci.com/blog/228-a-sneak-peek-at-the-upcoming-hedge-fund-cloud-summit.htmlTue, 10 Apr 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=228 It’s the most talked about trend in technology these days. Then again, can it even be considered a trend anymore? Cloud computing has evolved into a credible technology solution for hedge funds and other financial services firms, allowing them to reduce their upfront capital expenditures and focus their priorities on investment decisions and other operational tasks.

Hedge Fund Cloud Summit, April 24 NYCBut with so much buzz in the industry about the cloud, it seemed fitting to organize an event dedicated solely to this topic. Alas, it’s finally here.

In just two short weeks, Eze Castle Integration will be honored to host the 2012 Hedge Fund Cloud Summit – a half-day conference in New York City designed to dive deep into the critical areas of cloud computing that hedge funds and investment firms are compelled to think about on a daily basis.

The Cloud Summit will bring together more than 100 of the investment industry’s best and brightest technology and operations professionals and will feature expert speakers from some of the leading hedge funds, prime brokers and technology application vendors in the industry.

Below is a sneak peek at the four panel sessions that will highlight the Hedge Fund Cloud Summit in its inaugural year. For a full agenda or to register for the conference, click here.

Making the Business (and Financial) Case for the Cloud

In addition to the technology specifics involved in leveraging cloud computing, there are also important operational considerations to think about. What is the business proposition for hedge funds moving to the cloud? Is the cloud really more cost-effective? How do investors feel about the cloud? Our expert panelists will answer these questions and more as they examine the business case for the cloud.

Examining the Changing Role of the Hedge Fund CTO/CIO in the Cloud Era

The role and responsibilities of the hedge fund CTO has evolved in recent years. With the emergence of cloud computing, as well as increased focused on compliance, regulations, reporting and transparency, individuals responsible for technology are juggling more than ever before. Hear directly from current and former hedge fund CTOs as they examine how the role has changed so far and what else to expect in the future.

Hosting Your Applications in the Cloud: What You Need to Know

Your fund uses a host of different financial, trading and risk applications on a daily basis. And many of these can now be supported in a cloud environment. But how do you know when the cloud is a good fit for your applications? This panel includes experts from companies that taut some of the leading hedge fund applications on the market and will examine the pros and cons of hosting your key hedge fund applications in the cloud.

Practicing Safe Security in the Cloud

It’s the question that has lingered in the industry for years – is the cloud secure enough to store sensitive data? With fears of data mingling and cyber attacks, investment firms need to be sure their information lies in a safe place. This panel will explore possible security risks that exist in the cloud and provide best practices for maintaining a safe and secure virtual environment.

Click here for more information on the 2012 Hedge Fund Cloud Summit.

NOTE: The Hedge Fund Cloud Summit is open to hedge fund and investment firm professionals only. Space is limited, and service providers will not be permitted to attend.

Contact an Eze Castle Representative

]]>
<![CDATA[Opalesque TV Zooms In on Cloud Computing at Hedge Funds]]>http://www.eci.com/blog/223-opalesque-tv-zooms-in-on-cloud-computing-at-hedge-funds.htmlTue, 03 Apr 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=223 Opalesque TV recently sat down with Vinod Paul (of Eze Castle Integration!) to discuss how cloud computing is altering the technology landscape in the hedge fund industry. The conversation covered a lot of ground including:

  • Public vs. Private vs. Hybrid Clouds

  • The Migration from Traditional IT to the Cloud

  • Impact of Reduced Costs in the Cloud

  • Real-world Examples of Cloud Utilization

  • Examining the Technology Environment for Startups

  • Scalability with the Cloud

  • Cloud Security Best Practices

  • The Future of the Cloud

Here is the interview for your viewing pleasure!

]]>
<![CDATA[People & Places: An Interview with Eze Castle’s New CFO, Chris Holden]]>http://www.eci.com/blog/221-people--places-an-interview-with-eze-castles-new-cfo-chris-holden.htmlThu, 29 Mar 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=221 Chris Holden CFO head shotLast month, we proudly announced the promotion of one of our veteran company leaders to the position of Chief Financial Officer. Chris Holden, who previously served as our senior vice president of finance, has been with Eze Castle Integration for nearly a decade, and has led our efforts to expand the organization’s global reach. In his new position, Chris will continue to focus on corporate growth, while leading the way into new markets and regions around the world.

I recently sat down with Chris to pick his brain on the importance of continued international expansion, as well as to get his thoughts on some important lessons that he’d like to share with other CFOs and organizations that may be undertaking similar growth strategies.

Q. Congratulations on your recent promotion! Could you tell our readers a little about yourself and your background in the industry?
A. Thanks! As you mentioned, I have been with Eze Castle for almost nine years now. I manage our financial operations and spearhead the establishment of international operations. Most recently, I helped facilitate our expansion into London, Geneva, Singapore and Hong Kong. As part of this process, I oversee the company’s global finances, as well as the accounting, insurance, legal and real estate functions.

Prior to joining the Eze Castle team, I worked as a principal at The Parthenon Group, which is a global strategic advisory firm. While at Parthenon, I enjoyed the data-driven, financial aspects of the consulting engagements I worked on. This led me to pursue a finance position at a privately held company, thus bringing me to Eze Castle. I am a graduate of Dartmouth College, where I received a Bachelor of Arts degree in mathematics.

Q. Great! Could you tell us a little more about the company’s international growth? What were the driving factors behind the decision to expand beyond the United States?
A. Most of our growth is driven by the needs of our clients and the size of the market opportunity in a particular country or region. Our first international office, in London, was established as a result of the fact that we had a large client in New York who also had a significant presence in the UK. They were pleased with our level of service in New York and asked if we’d consider supporting them in London as well. The support from our client base, coupled with the size of the hedge fund market in London, made this an easy decision.

When we first opened in London, we focused our support on existing US clients that have London offices. Once we were comfortable that we were maintaining a consistently high level of support, we then looked to scale our efforts. We began selling our solutions and services to the local UK hedge fund market and adding new clientele. Subsequently, we have started the process of replicating this strategy as we expand into Asia. Our geographic breadth has since opened us up to opportunities with global financial institutions to which we would not have otherwise been exposed.

Q. Since some of our readers may be considering growing their own firms into new territories, can you walk us through the major steps involved in establishing a new office overseas?
A. A good place to start is often the inward investment branch of the government in the country or city to which you are looking to expand. They often have offices in the US and are eager to discuss expansion opportunities. They are a great (free!) resource and can provide contacts for everything from talent recruiters to tax advisors. They will also make you aware of any special tax incentives available for hitting certain revenue and/or job creation milestones.

international expansion globeFrom an operational standpoint, it’s important to choose the appropriate entity type to ensure it will fit into your overall corporate structure from both a tax and legal perspective. Once the entity choice is made you can focus on establishing how you will handle accounting, tax, audit, banking/foreign currency and legal/contracts.

It’s important to have all of the tactical aspects of running the business in place before supporting clients and selling products and services. Certainly, the sales and support strategy should be tackled in parallel so that client work can begin once the compliance initiatives are complete. If you have a realistic timeline and budget and partner with the right people, the process is not as daunting as it might seem.

Q. I understand you will be making a trip over to Europe soon. What will be your top priorities for this visit?
A. Yes, I will be in both the UK and Switzerland. I have three main objectives for the trip. The first is to handle all of the compliance requirements that need to be addressed in person. The second is to meet with all of our tactical partners in both locations. I have meetings set up with bankers, lawyers, tax advisors, auditors and regulatory agencies. My third goal is to spend time with the employees in our London office. That office has grown substantially since we opened it in 2007, and has recently moved to a new location so I’m looking forward to seeing that.

In today’s highly connected world there is so much that can be done over the phone and via email, but there still is no substitute for a face-to-face meeting. I see real value in that and plan to take full advantage of this upcoming opportunity.

Q. What are some important lessons that you have learned throughout this process that you feel are important to share with other CFOs or anyone leading a company through a similar undertaking?
A. One of the major lessons I’ve learned is that there is so much that can be discovered on the job. If you have an interest in what you are working on, an aptitude for learning and a logical thought process you can accomplish anything. Five years ago we didn’t have any foreign offices or anyone with experience opening or operating a foreign office. As a team we figured out what we needed to do, developed a plan and executed on that plan. We certainly made some mistakes along the way, but we have learned from them and have been able to refine the process in order to become more efficient with each subsequent expansion. This knowledge, constantly evolving over time, will certainly serve us well in the future.

Considering expanding your organization to a new city or region? Be sure to check out our “Expanding Your Hedge Fund Internationally” Knowledge Center, or contact an Eze Castle Integration representative.

Contact an Eze Castle Representative

]]>
<![CDATA[Hedge Funds: Are You Prepared For The London 2012 Olympics?]]>http://www.eci.com/blog/219-hedge-funds-are-you-prepared-for-the-london-2012-olympics.htmlThu, 22 Mar 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=219 2012 is a big year for the UK, starting with the Queen’s Diamond Jubilee, The London Festival, World Pride, and the Olympics. There are many advantages to hosting major events including a considerable boost to the economy, urban regeneration and increased tourism. However, there are also many logistical and technological challenges the hedge fund and alternative investment industry must plan for to ensure their businesses doesn't experience disruptions.London Olympics

The number of people for the Olympic Games is expected to rise by 300,000 with the number using public transport increasing by over 80,000. Transport networks will be stretched as hundreds of thousands of people use public transport, which means staff may not be able to get to work as easily as usual.

When preparing for any major events, many hedge funds and investment firms will focus on preparing their technology: making sure data is backed up, files are secure, and access to market data remains intact. But often firms forget about the business and operations aspect that is equally as important to keeping a hedge fund's technology operational through a disaster.

In any type of disaster situation, it becomes a necessity to have a business continuity plan in place. Firms will need to ensure their employees know how to access their technology and how to communicate with each other if they are unable to get to the office during the Olympics.

There are certain business continuity best practices that firms should follow in order to ensure their business processes are not interrupted:

The Importance of Communication

DR GuidebookThe reality is, you can have all the processes and procedures in place to prepare for a disaster, but if they are not properly communicated to your employees and external parties, then their effect with be minimal. Consider creating a call tree or implement an Automated Messaging System that can be configured to send notifications to all employees simultaneously. Using the automated messaging system ensures all employees receive the same message immediately via email, phone call and/or text message.

Remote Access Technologies

Employees will be forced to work from home or an alternative work location if they are unable to get into the office. But ensuring your employees actually know how to work remotely will go a long way in validating the effectiveness of your BCP plan.

There are a few different options for remote access, notably Virtual Private Network (VPN), Citrix, and Outlook Web Access (OWA).

  • VPN: IPSec or SSL VPN technologies work by connecting your home computer to that which resides in your office. You are able to “remote desktop” and run all of the applications which live on your work computer’s server.

  • Citrix: With a Citrix server, you are able to log into a website via any computer and get access to the applications that live on the Citrix server in your office. When you click any application icon, it will appear as if it is running locally despite being housed on your office server.

  • OWA: For those companies who use Microsoft Outlook for email, you can log into OWA to access your email account from an external computer.

Whichever technology or combination of technologies your firm decides to employ for remote access, the key is ensuring your employees know how to properly use them and test them prior to a disaster.

Employee Remote Access Test

Testing remote access beforehand will make employees more comfortable with the process and ensure that any unexpected challenges are addressed before an incident impacts your office. Here are some recommended steps to have your employees follow as part of the testing process:

  • Validate successful communication to internal and external dependencies

  • Confirm full functionality of required applications

  • Perform all high level business functions

  • Confirm access to vital records

  • Redirect office phones to home/mobile phone

With 127 days until the Olympic Games 2012 begins, it is essential for firms and their employees stay safe and productive, organisations must have a fully planned, well-tested business continuity plan and methods to ensure your workforce can work from any location at any time.

Additional Resources:

hedge fund dr guidebook

]]>
<![CDATA[Dodd-Frank Act: Deadlines, deadlines, deadlines]]>http://www.eci.com/blog/218-dodd-frank-act-deadlines-deadlines-deadlines.htmlTue, 20 Mar 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=218 The countdown is on as the March 30, 2012 deadline for hedge fund and private equity managers to file their registration forms with the SEC, under the Dodd-Frank Act, is just around the corner. In reality though, most firms filed their Form ADV back in February to satisfy the 45-day review period.Dodd-Frank Update Presentation

However, the Dodd-Frank Act continues to spark change and much debate throughout the financial services industry. Just today the U.S. Commodity Futures Trading Commission (CFTC) “completed Dodd-Frank Act rules requiring swaps brokers to decide within minutes whether to clear a trade in an effort to reduce risk in the $708 trillion global swaps market,” according to Bloomberg news.

Dodd-Frank also requires that swap entities establish and maintain written business continuity and disaster recovery plans designed to enable them to resume operations with minimal disturbance to counterparties and to recover all required documentation and data.

Not every deadline has been met. Law firm Davis Polk publishes a monthly Dodd-Frank Rulemaking Progress Report “to help market participants and policymakers assess the progress of the rulemaking and other work that has been done by regulators under the Dodd-Frank Act.” Following is a peek at the findings from the March 2012 report:

  • As of March 1, 2012, a total of 225 Dodd-Frank rulemaking requirement deadlines have passed. This is 56.3% of the 400 total rulemaking requirements, and 78.7% of the 286 rulemaking requirements with specified deadlines.

  • Of these 225 passed deadlines, 158 (70.2%) have been missed and 67 (29.8%) have been met with finalized rules. Regulators have not yet released proposals for 24 of the 158 missed rules.

  • Of the 400 total rulemaking requirements, 99 (24.75%) have been finalized and 154 (38.5%) have been proposed. 147 (36.75%) rulemaking requirements have not yet been proposed.

The following graphic shows the progress by agency:

Dodd-Frank Deadlines by Agency Status

The exact impact of Dodd-Frank will not be known for a while, but speculation is sure to continue. At Eze Castle Integration we are focused on helping hedge funds and alternative investment firms cope with the technology requirements, including disaster recovery plans and systems, that come with Dodd-Frank.

Visit our Dodd-Frank Knowledge Center for resources on ensuring your IT systems meet the new regulations.

contact eze

]]>
<![CDATA[The Night the Lights Went Out in Boston: Lessons in BCP]]>http://www.eci.com/blog/216-the-night-the-lights-went-out-in-boston-lessons-in-bcp.htmlThu, 15 Mar 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=216 Boston BlackoutEarlier this week – Tuesday, March 13 to be exact – sections of Boston lost power because of an electrical transformer fire that occurred behind the Back Bay Hilton Hotel. Approximately 21,000 people were without power Tuesday night and as of late Wednesday afternoon about 4,000 people were still without power including hundreds of Boston companies.

Companies whose power came back Wednesday morning experienced minor inconveniences, such as having employees who worked late Tuesday night have to travel down 46 flights of stairs since the elevators weren’t working. Other companies who were without power all day Wednesday weren’t so lucky. As of 3:00 p.m. today (Thursday) power is still out at Boston’s Prudential Center.

This unfortunate incident is precisely why disaster recovery and business continuity planning are so important. So important in fact that we are going to re-run an oldie but goodie from our interview last year with Lisa Smith, a Certified Business Continuity Planner at Eze Castle Integration.

Here it goes…ASSUMPTION: Your office building is inaccessible.

How will employees be notified of the building closure?

Calling all employees through a manual phone tree can be very time-intensive. Some may not receive the message in time to avoid reporting to an inaccessible office, which could cause confusion and further time loss. Also, if managers and employees are busy calling one another to spread the message, this prevents them from performing more productive work-related activities.

One way to avoid this challenge is to implement an Automated Messaging System that can be configured to deploy a notification to all employees simultaneously. Using this system ensures that all employees receive a consistent message immediately via email, phone call, and/or text message. These systems tend to vary in terms of cost but a base level system can be installed for as low as $8.50 per employee per year.

Where will employees work from?

DR Guidebook

In advance of the inclement weather let employees know whether they will report to an alternate site or begin conducting their work from a home office. If using an alternate site, be sure it has the capacity to accommodate all critical employees that may need to work from there in the case of an office closure (i.e. extra desks or tables, adequate number of Citrix licenses, phone lines, etc.).

If the plan is to have employees work from home, steps should be taken to ensure that they will have access to all resources necessary for performing their daily tasks. In either case, the alternate work location procedures should be clearly communicated to all employees, and regular testing should be conducted in advance to ensure that any unexpected challenges are dealt with before a major storm shuts down your office space.

How will employees communicate with each other and with external contacts?

Before inclement weather strikes, each employee should compile a list of the phone numbers and other contact information for all individuals on whom their jobs are dependent. For example, it is common among hedge fund firms for people in the trading and operations departments to be highly dependent on one another. Employees in both functional areas should have the home and cell phone numbers of each of their counterparts to avoid a loss of communication when your office is inaccessible.

Additionally, employees should save the contact information of all external parties, such as vendors, investors, and broker-dealers with whom they need to regularly communicate in order to do business. This information should be stored in a location that is accessible from both the office and the employees’ alternate work locations.

Other considerations

There will undoubtedly be some unforeseen challenges associated with the closure of your office building. For example, what should an employee do if he needs a signature from another employee or a manager and both individuals are working from home? How should an employee go about wiring money or carrying out similar transactions from her home office?

The best way to address these issues in advance of inclement weather is to conduct business continuity plan testing days in which employees work from their designated alternate locations and report back on any challenges they faced. This will allow you to make your business continuity plan even more comprehensive, while forcing employees to think about how they will continue doing their jobs effectively if they do not have access to their regular offices.

Want some more? Check out:

Eze Castle Integration’s Business Continuity Planning services (Eze BCP) focus on the critical operations and processes that a hedge fund or investment firm must have available if a disruption occurs. Our experienced team of certified business continuity professionals work with clients to address the full-spectrum of BCP. To learn more, visit our Disaster Recovery & Business Continuity Knowledge Center, or contact an Eze Castle representative.

Contact Eze Castle

Photo credit: Tayloraldredge

]]>
<![CDATA[To Commemorate Our 200th Post: Hedge IT Blog Awards!]]>http://www.eci.com/blog/215-to-commemorate-our-200th-post-hedge-it-blog-awards.htmlTue, 13 Mar 2012 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=215 In honor of our 200th post on the Hedge IT blog, we thought we'd do something a little different. So, we've gathered the most popular articles according to our readers, as well as a few of our personal favorites.

Enjoy!

UPDATE: We've now surpassed the 300 post mark! Don't miss the 2013 Hedge IT Awards honoring the best content and most popular topics from the past year!

Eze Castle's "Best of Hedge IT Awards"

]]>
<![CDATA[Doing Your Cloud Homework: Answering Legal,Tech & Security Qs]]>http://www.eci.com/blog/214-doing-your-cloud-homework-answering-legaltech--security-qs.htmlThu, 08 Mar 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=214 Are you tired of talking about the cloud yet? Good. Neither are we. In fact, we recently devoted our first webinar of the year to the topic. You can download the webcast replay of the event here. A summary of the key topics discussed during the webinar is below.

Increased Adoption of the Cloud

Cloud Homework

According to our managing director, Vinod Paul, over 80 percent of the new clients we brought on board last year are utilizing the cloud in some way, shape or form. As hedge funds continue to battle for institutional dollars, the smaller firms, in particular, are able to leverage the cloud for enterprise-level technology at an often reduced cost.

Speaking of cost, it’s one of the main drivers for firms moving to the cloud. Three to five years ago, hedge funds typically had to pay $300-500K dollars to set up an initial IT environment. In today’s rapidly changing landscape, firms are looking to pay less money out-of-pocket, as well as decrease their initial deployment times.

With the cloud, resource deployment and allocation only take days or weeks instead of months. The increased flexibility with the cloud is an enormous driver, allowing firms to customize how they use this technology platform. The cloud can easily work on a different scale for small and large firms, with smaller startups outsourcing their entire IT landscape and larger firms having the flexibility to use a hybrid model and determine which aspects of their environment they want to manage in-house or outsource.

Is the Cloud Regulated?

To regulators such as the SEC and FINRA, the term “cloud computing” doesn’t really resonate. They tend to use the word “outsourcing” when defining rules for investment advisers and broker-dealers. Broker-dealer rules, in particular, have become more specific in recent years, and there is currently a proposed rule which would prevent BDs from outsourcing arrangements that involve moving cash or securities. Additionally, BDs are required to provide advanced notice to FINRA and the SEC about outsourcing their recordkeeping.

Webinar: Answering Cloud Questions - Listen NowUnder the Dodd-Frank Act, investment advisers (including most hedge funds) are required to maintain records of all activites related to their business, but the rules are not as specific in regards to if those records are outsourced. Firms must also complete Form ADV, which requires the disclosure of firms’ service providers and their level of involvement. In the coming years, we may see changes in regards to how regulatory bodies govern the cloud, but for now, there is a lot of ambiguity.

Cloud Security Best Practices & Evaluating Your Service Provider

The threat of a cyber attack is a reality for all organizations, whether they are using the cloud or not. Regardless of a firm’s IT infrastructure, it should take all measures to protect the firm and its sensitive information. For both on-premise and cloud technology, where data is stored in a colocation facility somewhere, you’ll want to ensure that proper physical security procedures are in place, including biometric screening and authentication, monitored cabinets and cages and 24x7x365 surveillance. On the cloud level, you’ll also need to ensure your service uses proper virtualization security, meaning your data needs to be isolated from that of other firms using the same cloud.

It’s also important to consider the type of cloud you are leveraging. Security practices and principles may differ between public and private clouds. Consider the following:

  • Who can access your data and at what level? Not every employee needs access to everything on the network.

  • Can your service provider share an audit trail which logs who has accessed what?

  • What is the viability of your firm’s cloud service provider? Can they provide audited financials? Can they sustain business in the long run?

  • Does your provider offer a Service Level Agreement (SLA) and what is the agreed upon uptime? In the hedge fund industry, in particular, downtime is not an option.

To listen to the complete replay of our Feb 28th webinar, Doing Your Cloud Homework: Legal, Tech & Security Questions Answered for Investment Firms, click here.

Ready for the cloud? Check out the Eze Private Cloud or contact us.

Contact an Eze Castle Representative

]]>
<![CDATA[Proud of the Company We Keep: Hedge Fund Charities]]>http://www.eci.com/blog/210-proud-of-the-company-we-keep-hedge-fund-charities.htmlTue, 28 Feb 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=210 March is a rewarding month for Eze Castle Integration because we have the opportunity to support two of our favorite philanthropic organizations – Hedge Funds Care and 100 Women in Hedge Funds – in their work to improve the lives of children around the world.

Hedge Funds CareWe have again signed on as a Hedge Funds Care global sponsor and are looking forward to attending this week’s Open Your Heart to the Children Benefit in NYC. This year the New York Committee of Hearts is awarding the HFC Founder's Award to former Yankees manager Joe Torre for his accomplishments with the Joe Torre Safe at Home Foundation, which is dedicated to ending the cycle of domestic violence.

Here is a video of Joe Torro talking about his experiences and foundation.

>

100 Women in Hedge FundsAt the end of the month (March 23 to be exact), Eze Castle Integration has the honor of sponsoring the 100 Women in Hedge Funds –Stanford PACs Conference, which is the first hedge fund conference to donate all net proceeds to philanthropy and focus on a double bottom line -- how investors can innovate both absolute and social returns.

Momentum around the conference is building and, as a committee member and Bostonian, I’m proud to see this one-of-a-kind conference being held in Boston. All conference proceeds will support The Alliance for a Healthier Generation organization, which was founded by President Clinton’s foundation and the American Heart Association. Plus, Seth Klarman, president of The Baupost Group, is the keynote speaker.

To whet your appetite, here is a great video of Seth Klarman discussing investing and philanthropy.

Facebook logo

Last but not least, in preparation for this great event, Eze Castle Integration has committed to donate $1 to The Alliance for a Healthier Generation for every new ‘Like’ we receive on Facebook in March 2012. Like us now!

We hope you’ll consider supporting these worthy organizations as well.

]]>
<![CDATA[Virtualization 101: More than consolidation]]>http://www.eci.com/blog/205-virtualization-101-more-than-consolidation.htmlThu, 09 Feb 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=205 It's a big buzzword in the industry, but do you know how virtualization works? We're here to let you in on a little secret - it does more than you think!

Virtualization is more than just server consolidation and resource utilization. Yes, there is an inherent benefit in consolidating servers to reduce the instance of unused resources by allowing multiple operating systems and applications to run on one server.

But the business value of virtualization far exceeds simply reducing your firm’s physical footprint and the number of servers you maintain in your Comm. Room or data center.

Following are some key virtualization features that can allow your firm to operate on an enterprise level without the traditional enterprise investment.

  • Resilient, High Availability (HA) Infrastructure

o Virtualization can significantly reduce downtime associated with hardware maintenance.VMware Virtualization

o Inherent high availability into servers means less hardware purchases and reduced power and cooling costs in the long run.

o Despite multiple virtual machines operating on a single piece of hardware through virtualization, the underlying components provide the option for isolation and dedicated resources to applications.

o Virtual servers are easily portable between physical host servers for flexibility.

o In the event of a disaster or hardware failure, data and applications would remain intact as the virtual machine can be easily started on another server.

  • Backup and Restoration

o With virtualization, firms can use snapshots to take images of their servers and desktops and store that information on a storage platform, such as a storage area network (SAN). In a disaster situation, these snapshots can be restored to another server located away from the disaster area if replicated via a SAN, for instance.

o Production snapshots can also be easily taken for debugging or patch testing purposes.

  • Ease of Maintenance and Monitoring

o The level of maintenance required to troubleshoot virtualization issues is far less than with traditional server-based infrastructures. Maintenance can be coordinated in a more timely and efficient manner because IT can troubleshoot via remote access.

o Because multiple virtual machines operate on the same piece of hardware, there is a unified approach to monitoring.

To learn more about virtualization and cloud computing, visit our Hedge Fund Cloud Computing Knowledge Center.

Contact an Eze Castle Representative

Photo Credit: VMware

]]>
<![CDATA[We Interrupt this Program to Tout a Few Successes]]>http://www.eci.com/blog/203-we-interrupt-this-program-to-tout-a-few-successes.htmlThu, 02 Feb 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=203 Here at Hedge IT, we pride ourselves on writing articles that are informative and educational – not company and product promotional. But sometimes we have to break the rules. This week we’ve received some outstanding coverage from Forbes, Wall Street & Technology and HFMWeek, and I just can’t help sharing. Plus, we found out we’ve been named a finalist for a few hedge fund technology awards, which we think is just grand.

Forbes, Forbes and more Forbes

forbes logo

First up is the article on How To Start, And Run, A Hedge Fund. This article looks at the ins and outs of starting a hedge fund, as traders leave the prop trading desks of large investment banks due to the Volcker Rule.

Next, up is an article on Reporting Values and Risks In Private Equity Funds And Funds Of Funds that looks at the “development of new tools for tracking private equity, venture capital and funds of funds” and includes quotes from Mark Coriaty, who heads Eze Castle Integration’s sister company, Ledgex.

Closing out our Forbes streak, Mark Coriaty is also quoted in an article on Market Data Sales Drop In Market Slowdown; Thomson Reuters Off.

We love the others too

As any good Hedge IT subscriber likely knows, one topic we love is cloud computing and its use within the hedge fund industry. So it should be no surprise that we were thrilled to be included in Wall Street & Technology’s cloud computing article titled, The Rise of Cloud Computing on Wall Street.

In the article, Managing Director Bob Guilbert talks about the benefits of the cloud and the wider availability of applications specifically targeted to the financial markets. He also points to Eze Castle's New York hedge fund hotel as an example of how hedge funds may become operational quickly and efficiently with the use of cloud computing.

Not to play favorites, we also enjoyed HFMWeek’s article on Cloud Control that explores the potential benefits and costs of cloud computing by hedge funds. Our Managing Director Vinod Paul is quoted saying that “nearly all of the 44 launches the company worked with last year adopted [cloud] technology, while five clients worth more than $5bn made the switch towards the end of the year.”

And the winner is…

Since we can’t play favorites, which is your favorite article about your favorite hedge fund technology provider (that’s us!)?

]]>
<![CDATA[There are Private Clouds (mine) and there are Private Clouds (yours)]]>http://www.eci.com/blog/201-there-are-private-clouds-mine-and-there-are-private-clouds-yours.htmlThu, 26 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=201 When it comes to clouds we have private, public and hybrid as the primary flavors. Private clouds have the privilege of being segmented further, but more on that in a minute.

According to Search Cloud Computing, a private cloud (also called internal cloud or corporate cloud) is a term for a proprietary computing architecture that provides hosted services to a limited number of people behind a firewall.

Attributes of a private cloud, versus a public cloud, include providing a hedge fund more control over their data, excellent client service/response times, and greater integration with hedge fund vertical-specific applications such as order management or portfolio management systems.

Now for the segmentation -- a private cloud can be:

  1. Deployed on-site by an enterprise IT department and used only by the enterprise. This approach of an internal private cloud is typically used by large enterprises looking to expand or enhance the existing infrastructure and services delivered to users.

    OR

  2. Managed and delivered by a third-party private cloud service provider, such as Eze Castle Integration. This option is ideal for hedge funds and other firms drawn to the simplification and economic benefits derived from fully managed hosted IT solutions.

Analyst Thomas Bittman at Gartner helps provide greater color by saying, [a private cloud is a] “form of cloud computing where service access is limited or the customer has some control/ownership of the service implementation.”

“Graphically, that means that either the provider tunnels through that opaque boundary and limits service access (e.g., to a specific set of people, enterprise or enterprises), or the customer tunnels through that opaque boundary through ownership or control of the implementation (e.g., specifying implementation details, limiting hardware/software sharing). Note that control/ownership is not the same as setting service levels – these are specific to the implementation, and not even visible through the service.”

The following graphic shows the difference between customer private clouds and provider private clouds.

private cloud hedge fund

At Eze Castle Integration, our Eze Private Cloud Services are designed to provide hedge funds and investment firms seamless access to the technology and business applications they require to effectively and efficiently run their businesses.

To learn more about cloud computing at hedge funds, DOWNLOAD our eBook or check out our other HedgeIT articles HERE on the topic.

Contact Eze Castle

Photo credits: Gartner

]]>
<![CDATA[Hedge Fund Application Hosting: Eze OMS, Tradar, Advent (to name a few)]]>http://www.eci.com/blog/200-hedge-fund-application-hosting-eze-oms-tradar-advent-to-name-a-few.htmlTue, 24 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=200 Hedge funds and alternative investment firms rely on a host of financial applications for their day-to-day operations: order and execution management, portfolio management and accounting, risk management, and more. And with the ability to host these applications in the cloud, firms are able to leverage all of the typical benefits associated with cloud-based services including reduced costs, increased flexibility and scalability and added resiliency and redundancy.

While there are countless applications in the marketplace designed to meet the unique needs of investment management firms, we thought we’d highlight a few here that our hedge fund clients use regularly to support their trading operations.

Order/Execution Management


Via an OMS solution, hedge fund firms have the ability to review performance, exposure and risk profiles in real time, monitor pre- and post- trade compliance results and enhance audit trails on a daily basis.

Eze OMS

Respondents from our 2011 Hedge Fund Operations & Technology Benchmark Study overwhelmingly named Eze OMS as their order management system of choice. Part of the ConvergEx Group, Eze Castle Software’s Eze OMS is used by more than 400 buy-side firms worldwide and “provides functionality to support portfolio management, compliance, trading and operations in a single platform.”

Portfolio Management/AccountingHedge Fund Cloud Computing eBook


A hedge fund’s portfolio management system is arguably its most critical daily application. With a PMS, investment firms can make real-time trading decisions as well as capture daily trading activity via an integrated technology platform.

Tradar’s Insight

Tradar’s Insight platform is available for the front, middle and back office and offers “improved efficiency by reducing costs, mitigating operational risk and by providing full portfolio transparency.” More than 200 global firms with assets ranging from $10mm to $10bn use Insight on a daily basis to control their trade processing and reporting.

Advent’s Geneva

Geneva – once considered solely a back office accounting platform – has evolved into a fully integrated portfolio management tool for hedge funds, asset managers, family offices, and fund administrators, and is currently supported by more than 250 firms worldwide. Geneva’s features include real-time, out-of-the-box dashboards for accurate P&L, general ledger and NAV calculation, and middle-office functionality such as trade capture and allocation.

If you’re a fund-of-fund, family office or pension/endowment fund, be sure to read up on Ledgex – a comprehensive platform that delivers portfolio management and monitoring, investor relations, reporting, security and compliance.

Click here to learn more about the benefits of hosting your hedge fund applications in the cloud.

Additional Resources:

]]>
<![CDATA[A Look at the New BlackBerry 7.1 OS]]>http://www.eci.com/blog/199-a-look-at-the-new-blackberry-71-os.htmlThu, 19 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=199 Earlier this month BlackBerry introduced its new BlackBerry 7.1 OS that adds new features including mobile hotspot capabilities, BlackBerry Tag and Wi-Fi calling. This week I updated my device and thought I’d share my experiences with the new features.

Mobile Hotspotblackberry hotspot
The ability to turn my BlackBerry into a mobile hotspot got my attention after some recent trips to NYC where I enjoyed the snail-pace of Acela’s free Wi-Fi. The Mobile Hotspot feature is found under ‘managed connections’ and allows you to connect up to five Wi-Fi devices at once.

BlackBerry warns that additional charges might apply for Mobile Hotspot use and tha,t during phone calls, Internet traffic to and from connected devices will be suspended until the call ends.

For reference, it was $20/month to add the Mobile Hotspot data service to my Verizon BlackBerry. The package includes 2GB of data, which the Verizon rep said even heavy users typically never reach.

While Wi-Fi hot spots are pervasive, the Mobile Hotspot capability may come in handy for frequent travelers.

blackberry tagBlackBerry Tag
Full-disclosure, I haven’t tried this new feature yet but can see the value, especially when I don’t have a business card handy or want to quickly share a photo or document.

With BlackBerry Tag, users can tap their NFC (Near Field Communications) BlackBerry (i.e. Bold 9900/ 9930 and Curve 9350/9360/9370) against another NFC enabled BlackBerry and easily share information. The uses BlackBerry mentions in their press release include “invite a friend to BBM, exchange contact information, documents, URLs, photos and other multimedia content.”

Looking ahead, BlackBerry may use this NFC capability to create apps that turn the device into a virtual wallet, but, for now, we can more easily share information and invite a friend to BBM.

Wi-Fi Callingblackberry radio
Available for a more limited audience, BlackBerry 7.1 OS also supports carrier implemented Wi-Fi calling services (aka UMA or GAN where available), allowing users to make Wi-Fi calls from their BlackBerry smartphone that don’t eat into their airtime minutes. Not all carriers offer such a service – Verizon is one that does not.

FM Radio (Bold users need not apply)
Only for BlackBerry Curve 9360 or 9380 users, the device can now serve as an FM radio so users can enjoy local FM radio stations while on the go.

All-in-all BlackBerry 7.1 OS has some nice add-ons, but in reality most only have applicability to a subset of BlackBerry users.

Photo credits: BlackBerry

]]>
<![CDATA[Top Five Cloud Computing Trends for 2012]]>http://www.eci.com/blog/198-top-five-cloud-computing-trends-for-2012.htmlTue, 17 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=198 At the end of last year, we predicted that cloud computing would remain a hot technology trend in 2012 – particularly on the security front. As more and more firms move to this platform, we continue to see the technology and processes within the cloud evolve to support the growing needs of its users.

Following are five key cloud computing trends to look for in 2012:

1. Education will remain important.

The industry came a long way in 2011 in terms of learning about the cloud – what it is, how it works and more. But believe it or not, there is more to be learned. In 2012, we expect conversations to go to a deeper level and focus on topics such as cloud security, operational best practices within the cloud and cloud technology specifics.Cloud Trends

2. Cloud security practices will expand.

According to a 2011 cloud computing survey by VMware, fifty-one percent of IT executives named security as their top cloud computing concern. As security standards evolve and come to fruition, organizations such as the Cloud Security Alliance (CSA) will continue to put forth best practices for maintaining secure cloud environments – whether public, private or hybrid. You can read more about the latest version of the CSA’s “Security Guidance for Critical Areas of Focus on Cloud Computing” here.

The type of cloud environment does still play a role in security (or at least concerns about security). According to VMware’s “Global Cloud Computing Adoption: Transformation Is in the Air,” more companies are leveraging hybrid enterprise clouds that combine the best of both public and private cloud environments.

“Public clouds without transparent security controls, that can’t be audited against security standards organizations demand today, are unlikely to support their business or IT transformation. This makes them less appropriate for hosting data that is mission-critical or subject to compliance requirements.”

3. Cloud technology will evolve.

The foundation technology the supports cloud computing will continue to evolve as more and more enterprises adopt this platform. At Eze Castle, we rely on technology hardware and software experts such as VMware, NetApp, Cisco and Microsoft to provide our clients with best-in-breed technologies and platforms. As cloud traffic continues to increase, these vendors will need to expand and evolve their product sets to meet the growing demand and maintain the speed, reliability and predictability that come with the cloud.

Cloud expert name tag4. IT staffing requirements will change.

One question on a lot of minds is what the effect of increased cloud adoption means for IT staffing. And while the first thought is to assume staffing needs will be cut due to the cloud, it is not necessarily the case. The cloud does change requirements for IT professionals, however.

In 2012, we expect to see demand for new IT skill sets, particularly as they relate to the cloud. “Cloud credentials” will come into play and may give a boost to both current employees and new applicants. As the cloud continues to evolve, so too must the knowledge and understanding of those IT professionals who manage it.

5. Service Level Agreements will be top of mind.

Like with any other technology, end users and technology providers will need to work together to create and maintain comprehensive Service Level Agreements (SLA) to protect both sides. SLAs relative to the cloud should include key criteria not limited to:

  • Availability and performance requirements

  • Security and privacy controls

  • Disaster recovery expectations

  • Escalation and troubleshooting processes and procedures

  • Change management procedures

Be sure to subscribe to Hedge IT to stay up-to-date on everything you need to know about cloud computing; or contact us to discuss the Eze Private Cloud.

Contact an Eze Castle Representative

Source: VMware
Photo Credit: Flickr

]]>
<![CDATA[Nobody Gets a Pass When It Comes to Hedge Fund DR, Due Diligence]]>http://www.eci.com/blog/197-nobody-gets-a-pass-when-it-comes-to-hedge-fund-dr-due-diligence.htmlThu, 12 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=197 I had the pleasure of joining my colleague, Vinod Paul (managing director here at Eze Castle Integration), on a panel yesterday about disaster recovery at HFBOA’s Optimizing Hedge Fund Business Operations Conference in New York.

Titled ‘Disaster Recovery: An ounce of prevention is worth a pound of cure,’ we covered a range of topics with the overarching theme being that there is no excuse for a hedge fund not to have disaster recovery in place. To quote one panelist, “Nobody Gets a Pass” – including service providers.

Here are some of the highlights from the panel:Hedge Fund DR Guidebook

The difference between DR and BCP?

  • BCP focuses on the people, processes and operations while DR looks at the IT systems necessary to maintain business as usual should an incident occur.

How has the DR and BCP landscape changed over the last five years?

  • From a regulatory perspective, more is expected from hedge funds, and regulators are more knowledgeable about what IT systems and safeguards should be in place.

  • Beyond regulators, investors not only expect hedge funds (regardless of AUM) to have DR and BCP in place, but they want proof the systems accurately reflect the business processes and risk landscape. A simple ‘check the box’ approach to DR is no longer enough to satisfy investors.

  • The IT landscape for DR has changed as well. The prevalence of cloud-based DR services has driven down the cost of DR substantially making it economical for funds of all sizes. Additionally, the cloud has lifted the technology management burden off many hedge fund managers.

360-degree due diligence emerging as the new norm

  • Investors are scrutinizing hedge funds and, in turn, hedge funds must scrutinize their service providers. To quote one panelist, “Trust but verify. No one gets a free pass in this day and age.”

  • Conducting due diligence on your service providers is essential to drive out unknown risks and protect your firm. A DR system becomes valueless if your IT provider is unable to fulfill their role of activating the system. Ask your provider how they would handle a multi-client activation scenario – do they have the staff to activate 30 clients simultaneously? What is the provider’s plan if their primary office becomes unavailable?

Are DR hot seats necessary anymore?

  • The resounding answer from the panel was “no,” with the caveat that it is a personal choice that really comes down to a team’s dynamics and how they work together. If a portfolio manager is most comfortable having his team together should an incident occur than securing hot seats is the ‘right’ choice. However, today’s technology makes it unnecessary for hot seats to continue operations.

Electricity and Internet connectivity are the oxygen for any DR system. What happens if these items aren’t available?

  • This is where planning comes into play. As part of the BCP and DR planning process firms must run through a thorough Risk Assessment and Business Impact Analysis to understand the most likely threats/risks and associated business impact.

  • One panelist (a West Point grad) referenced the concept of P-A-C-E followed in the US military, which he uses to guide his hedge fund’s business continuity planning. P-A-C-E (Primary, Alternate, Contingency, and Emergency) is used by operational planners to ensure that they have a minimum of four different ways to accomplish a critical task.

Planning is great, but how do you ensure accountability?

  • The importance of DR testing and preparation must be set at the top of the organization. At Eze Castle Integration we advise clients to test their DR systems quarterly to help ensure users are comfortable logging in and that the DR environment matches the primary location files and applications. Read our article HERE on what is included within a DR test.

For more information download our 18-page Guidebook on Business Continuity Planning and Disaster Recovery for Hedge Funds or contact us.

Contact Hedge Fund IT Provider Eze Castle About Disaster Recovery

]]>
<![CDATA[The BYOD Trend: What is it and how could your company be affected?]]>http://www.eci.com/blog/196-the-byod-trend-what-is-it-and-how-could-your-company-be-affected.htmlTue, 10 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=196 iphone 4sAs we mentioned in our recent “Trend Watch” article, the Bring Your Own Device (BYOD) movement is gaining popularity among organizations of all types and sizes. Some companies are already seeing significant benefits as a result of implementing BYOD programs, while others have been hesitant to get onboard.

BYOD refers to the so-called “consumerization of IT” trend that has emerged, in which the culture of enterprise IT is shifting such that the end user is now the one who has cutting-edge technologies first, as opposed to the organization. As a result of this trend (which is frequently attributed to the advent of such Apple products as the iPhone and iPad), individuals are now starting to prefer using their personal devices in place of company-issued products.

Some organizations have begun to embrace these preferences and have implemented BYOD programs to facilitate the use of employees’ personal mobile devices for business use. So far, many of these firms have reported positive results, although lingering concerns remain. Let’s take a look at some of the pros and cons of introducing a BYOD program at your organization.

Advantages

  1. Cost Savings – Companies with BYOD programs in place frequently report significant cost reductions in IT. This is the result of a reduction in the volume of desktop support requests from employees to internal IT departments. Additionally, when employees supply their own mobile devices they typically absorb hardware costs and, at least, a portion of the accompanying voice and data service fees. In fact, according to the Good Technology State of BYOD Report, about 50% of companies with BYOD models in place require that their employees cover all costs associated with their mobile devices – and most are more than happy to do so.

  2. Employee Satisfaction – People buy and use the cell phones, laptops and tablets they have for a reason: they have done research and determined that those devices are the best for them. They quickly become accustomed to the intricacies of those specific devices and are able to efficiently maneuver them to perform daily tasks. Given the opportunity, many employees would prefer to use these devices in the workplace in lieu of company-issued hardware.

  3. Flexibility – Today, employees do not want to be constantly tethered to a desktop PC. They want the freedom to work remotely if necessary, especially if travel is a major aspect of their jobs. In order to do so, they need mobile computing devices that can maintain the speed and efficiency of in-office equipment. There are now several devices available in the marketplace which make this possible. ipad playbook

  4. Green/Sustainability Benefits – Employees who use only desktop PCs tend to leave them on all night. Although computers are much more energy efficient than they once were, they still require far more energy to operate than laptops, cell phones or tablets. Also, these mobile devices are generally more likely to be turned on and off between uses, thereby reducing the company’s environmental impact even further.

Concerns

  1. Loss of Control – When an organization agrees to allow employees to supply their own devices, it inherently loses control over the hardware and how it is used. When employees use the same device for both personal and professional use, governing where the line between the two should be becomes difficult.

  2. Security Risks – Mobile devices that are provided by a company’s IT department are usually equipped with enterprise-level security tools to prevent a potentially costly breach. The IT team then has the ability to continuously upgrade and enhance these tools over time to ensure ongoing protection. The same cannot be said for an employee’s personal device, so the risks are much greater.

  3. Compliance Risks – Many industry regulators require specific data protection measures that may be difficult to maintain with a BYOD model.

  4. Handling Employee Departures – When an employee leaves the organization, there must be a way for the company to retrieve any proprietary or sensitive information from the individual’s mobile device and sever future access to the network.

As the BYOD trend continues to grow, it will become increasingly difficult for organizations to ignore. Nearly all employees now have personal mobile devices, and it will become continuously more convenient to handle both personal and business tasks on them. Whether your firm chooses to adopt a BYOD program or not, be sure you have a clearly defined policy in place that outlines what is and is not acceptable and clearly states what the expectations are.

For more information, contact an Eze Castle Integration representative today!

contact an eze castle representative

]]>
<![CDATA[Five New Year’s Resolutions Every Hedge Fund Should Make]]>http://www.eci.com/blog/195-five-new-years-resolutions-every-hedge-fund-should-make.htmlThu, 05 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=195 The start of a new year is the perfect time to reflect on the previous year’s accomplishments (and perhaps shortcomings) and consider areas for improvement. While many of us are striving to cut back on the sweets, drop a bad habit or spend more time with friends and family, we got to thinking about resolutions that hedge funds and alternative investment firms should make in 2012.

In this spirit, I spoke with some internal experts here at Eze Castle Integration to gain their thoughts on a few areas in which hedge funds could consider making enhancements in 2012. Check out our list of the top five resolutions every hedge fund should make:

Resolution #1: Investigate the Cloud.resolutions
Cloud computing was certainly a hot topic in the investment industry in 2011. This year, the conversation is getting deeper and more technical as hedge fund managers seek to gain a more thorough understanding of this technology and consider implementing it within their firms. Whether you are a startup fund preparing to launch this year, or an established firm looking to improve efficiencies and reduce costs, the cloud provides real opportunities for improvements in 2012. Advantages include increased flexibility and scalability, less required maintenance and reduced expenditures. There are also potential challenges associated with cloud computing, such as privacy and data security concerns. Resolve to learn more about the cloud in 2012, as many of your competitors are likely doing the same.

Resolution #2: Test Your Disaster Recovery (DR) Systems Regularly.
We frequently talk about the importance of disaster recovery for investment firms, but many fund managers lack a strong understanding of the importance of testing DR systems on a regular basis. Routine tests can help your firm ensure that its DR site meets all current business needs. Since these needs are likely to evolve and grow as your organization does, changes will be made to the production environment to reflect these ongoing developments. Likewise, the DR site should be adapted in order to continuously mirror the changing business requirements. By engaging in regular disaster recovery system tests, firms can ensure they will be fully prepared to continue operations in the event that a disaster knocks out the production environment.

Resolution #3: Locate, Review and Evaluate All Current Telecom Contracts. calendar
Telecom contracts that you signed 1-3 years ago are probably coming due in the near future. To assess, begin by locating any contracts that are currently in place. Be aware of the re-term dates, as some contracts may have automatic renewal features which could lock you into the same terms without renegotiating. Make note of the contract expiration dates and plan to renegotiate or research better options before renewing for 2012 and beyond.

Additionally, stop assuming that carrier bills are accurate, and double-check to make sure you are not being overcharged and that no billing errors have occurred. Many organizations are not as automated as you may think. Be sure you can validate all costs and taxes on your invoices. If missed, these can be repetitive errors that you pay excessively for over time.

Finally, ask an Eze Castle telecom expert about making technology upgrades. For example, is making the switch from a land line or PRI over to VoIP right for your company? Can your phones or voicemail systems be upgraded? Does your firm require more bandwidth? Once you have spoken to an Eze Castle representative about your current setup, an audit can be performed to determine how your current environment runs and whether any other options exist to enhance it.

Resolution #4: Ensure Your Business Continuity Plan (BCP) is SEC/Dodd-Frank Compliant.
With increasingly stringent guidelines coming down from the SEC in recent years (including the implementation of the Dodd-Frank Act, part of which goes into effect in 2012) it is crucial to examine your firm’s business continuity plan to ensure compliance. Be sure to keep these important considerations in mind when determining whether your firm’s BCP is compliant:DR guidebook

  • Do you have a designated evacuation site?

  • Do you have all of the resources necessary to ensure your business can continue operations during a disaster?

  • Do your employees know how to access all crucial applications if your office becomes inaccessible?

  • Do you have accurate contact information for all employees?

  • Does building management know who to contact from your organization in the event of a disaster or building closure?

Resolution #5: Perform a Comprehensive IT Systems Audit.
At Eze Castle, we recommend that our clients perform an annual IT systems audit and “checkup” under the guidance of a senior systems engineer. For fund managers whose primary focus is making sound investment decisions, making the time to thoroughly assess the firm’s IT environment is a task that can easily be overlooked.

However, this process is extremely important, as it provides perspective on the health of the firm’s current technology and can bring to light any areas where changes or enhancements should be made. Performing an annual IT audit is also helpful for management when outlining roadmaps and budgets for the new year. In an age when technology is quickly becoming a competitive differentiator in the investment industry, firms cannot afford to let inefficiencies persist in their IT systems.

Photo Credits: New Year's Resolutions Generator

]]>
<![CDATA[2012 Technology Checklist for Hedge Funds, Investment Firms]]>http://www.eci.com/blog/194-2012-technology-checklist-for-hedge-funds-investment-firms.htmlTue, 03 Jan 2012 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=194 Happy New Year! We hope your 2012 is off to a great start. Whether you’re launching a new fund this year or ramping up your existing firm, you should (and probably do) know how important your firm’s technology is and will be to your success. More so than ever, technology plays a critical role for hedge funds and investment firms, allowing them to streamline processes and communication, get a leg up on competitors in the marketplace and provide investors with the utmost confidence.

Your First IT Decision of 2012? On-premise or Cloud

Hedge Fund Technology GuidebookOne of your first technology decisions of the year is your most important one: do you want your fund to operate on a traditional, on-premise technology infrastructure or utilize private cloud services? This decision will affect many of your other technology choices, notably the type of office hardware and connectivity you will require, so we urge you to do your due diligence and select the option that best suits your firm’s needs.

Once you’ve made your infrastructure selection, there is a seemingly endless list of additional technology requirements for your firm. Luckily, I’ve whittled them down here to focus on some top technology priorities for you to focus on as you enter 2012.

Infrastructure/Hardware

  • Desktop computers, monitors, laptops, servers and printers

  • Network connectivity featuring N+1 redundancy

  • Wireless and Local Area Network (LAN) capabilities

  • Physical and technical infrastructure security for Comm. Room and/or colocation facility (wherever your firm’s infrastructure is stored)

Software/Hedge Fund Applications

Technology Checklist

  • Trading and order management system

  • Accounting and/or portfolio management system

  • Market data and analytics tool(s)

  • Installation, maintenance and upgrades for all software

Telecommunications/Mobility

  • Internet connectivity

  • Voice systems (traditional or VoIP)

  • FIX connectivity to brokers

  • Mobile devices

Business Resiliency & Protection

  • Disaster Recovery system, including remote/hot site

  • Business Continuity Plan, including written processes and procedures

  • Email Archiving solution to meet investor/legal requirements (e.g. Dodd-Frank)

As a follow up to this checklist, on Thursday we’ll offer our New Year’s resolutions that every hedge fund and investment firm should make in 2012. Stay tuned!

Want more now? Download our Guide to Technology Outsourcing.

Contact an Eze Castle Representative

Photo Credit: Google

]]>
<![CDATA[2011 Blog Recap: The Best in Hedge Fund Technology from Hedge IT!]]>http://www.eci.com/blog/193-2011-blog-recap-the-best-in-hedge-fund-technology-from-hedge-it.htmlThu, 29 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=193 As 2011 comes to a close this week, we thought we’d share some of our favorite (and most popular!) blog posts from the Hedge IT stream. As expected, topics such as cloud computing, Dodd-Frank and technology outsourcing were popular among our readers.

We expect these trends to continue to permeate the blog through 2012, and we’ll continue to expand our reach by bringing you relevant and interesting content to read (and watch) come next year. If you have suggestions or feedback on the Hedge IT blog, please feel free to contact us.

Alas, here are our most popular hedge fund technology blog posts from 2011:

Dodd-Frank IT Implications for Hedge Funds: Disaster Recovery, Archiving

We provided a snapshot of the Dodd-Frank Wall Street Reform Act as it relates to hedge fund technology, notably system safeguards and record keeping. Non-exempt firms must comply by March 30, 2012.

State of the Hedge Fund Industry in 2011Happy New Year 2012

Following a panel seminar we hosted in New York, we outlined the key market trends for 2011 in the hedge fund industry, including new fund launches, regulations and cloud computing. Presentation included!

Top Ten Questions to Ask a Cloud Services Provider

One of the most popular topics on Hedge IT is cloud computing, and this article breaks down our own Bob Guilbert’s top ten questions to ask a cloud services provider during the evaluation process.

Trends in Hedge Fund Technology Outsourcing

In accordance with the release of our newest guidebook, A Guide to Technology Outsourcing for Hedge Funds, we provided an overview of the key trends in technology outsourcing, including cloud computing, outsourced staffing and colocation services.

We’ve Got MORE Questions: RFP Questions on Business and Data Protection

Our most popular blog article in 2011 on the topic of business resiliency was this one, which outlines sample RFP (Request for Proposal) questions relative to disaster recovery, BCP, security, backup and more.

Hard Drive Shortage in Thailand Affecting Supply Chain for Resellers, Consumers

One of the biggest technology stories in late 2011 was (and still is) the hard drive disk shortage that transpired in the aftermath of flooding in Thailand. Read more about the situation and how it could continue to affect the technology industry in 2012.

Eze Castle Speaks: What We’re Thankful For (Video!)

A personal favorite of mine, we asked our Boston employees what they were thankful for this year. Watch our video to find out!

On behalf of everyone at Eze Castle Integration, we wish you a safe and happy New Year! See you in 2012!

Contact an Eze Castle Representative

]]>
<![CDATA[Trend Watch: What to Look for in Technology in 2012]]>http://www.eci.com/blog/192-trend-watch-what-to-look-for-in-technology-in-2012.htmlTue, 27 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=192 With the holiday season in full swing and the new year just around the corner, we find ourselves looking ahead at what 2012 has in store. With a number of new and enhanced technologies entering the marketplace in recent months – and many more expected in the near future – tech blogs are abuzz with anticipation for what is to come.

So, we took a look into our technology crystal ball and pulled together a list of some exciting trends to look for in 2012. Enjoy!

The “BYOD” Trend

The BYOD (“Bring Your Own Device”) movement started to gain traction in some organizations in 2011 and seems to be catching on. This trend, in which employees bring their personal smartphones or tablets into the workplace for business use, is gaining popularity as companies begin to adopt Apple and Android products more widely. In 2012, expect more discussions about how to best manage business applications and data on employees' personal mobile devices.

Cloud Discussions Focused on Security

Cloud computing was a leading topic of discussion in the investment technology world in 2011. As more and more firms become interested in reducing costs and reaping the other benefits associated with the cloud, adoption will surely continue to increase throughout the industry.

Now that most fund managers are familiar with the cloud at a high level, 2012 will be the year of diving deeper into this type of infrastructure, focusing in large part on cloud security and data protection. The Security Guidance for Critical Areas of Focus in Cloud Computing Guide, which was recently released by the Cloud Security Alliance (CSA), serves as a roadmap for managers seeking to gain a better understanding of the security considerations associated with the cloud paradigm.

The Tablet Takeover

While Apple’s iPad certainly paved the way for the rapidly growing tablet market, a number of other industry players have developed rival devices with comparable capabilities and features. Samsung’s Galaxy Tab, Amazon’s Kindle Fire, Sony’s Tablet S and Motorola’s Xoom are just a few of the recent market entrants who have helped to spur the tablet movement. With skyrocketing adoption rates, look for this technology to grow in popularity throughout 2012.

Mobile Payment

Smartphones have saturated the enterprise market over the past few years. In 2012, look for Near Field Communication (NFC) technology to enable smartphone users to make payments by simply waving their phones near a credit card reader at checkout stations in stores or taxis. By the end of the year, it is expected that one out of every five smartphones will be equipped with this technology.

Voice Control

When Apple introduced Siri on its iPhone 4S device earlier this year, it was the first tool of its kind to accurately understand human voice controls and take corresponding actions, such as sending an email, responding to a text message or creating calendar alerts. Expect several Apple competitors to come out with similar voice control applications in 2012. An important factor driving this trend: many city and state governments are implementing laws against texting while driving. Voice-controlled devices may prove even more valuable for users who spend a lot of time behind the wheel.

2012 will certainly be an exciting year in the world of enterprise technology. We look forward to sharing more innovative industry trends with you next year!

Which of the above trends do you think will be the hottest in 2012?

Contact an Eze Castle Representative

]]>
<![CDATA[Leveraging LinkedIn: Tips to Help You Boost Your Brand]]>http://www.eci.com/blog/190-leveraging-linkedin-tips-to-help-you-boost-your-brand.htmlTue, 20 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=190 Last week, I held an internal training session to educate my fellow Eze Castle Integration employees on how to leverage the social networking tool LinkedIn. I think the information is valuable for anyone, however, so I’ve decided to share it with you, too!

With over 135 million members, LinkedIn has grown exponentially since its inception in 2003 and is the most respected “professional” social networking site in the industry. And regardless of what your reason is for using LinkedIn (recruiting, prospecting, job searching, etc.), it is essential that you put your best foot forward through your personal profile and activity.

The presentation below outlines a few tips to help you get the most out of LinkedIn, including:

  • Building Your Personal Profile

  • Customizing & Organizing Your Profile

  • Making & Soliciting Recommendations

  • Adding Applications

  • Joining & Participating in Groups

View more presentations from Eze Castle Integration

Contact an Eze Castle Represenative

]]>
<![CDATA[Preparing for Winter Weather: Remote Access & BCP Strategies]]>http://www.eci.com/blog/189-preparing-for-winter-weather-remote-access--bcp-strategies.htmlThu, 15 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=189 When preparing for any type of disaster situation, many hedge funds and investment firms will focus on preparing their technology: making sure data is backed up, files are secure, and access to market data remains intact. But oftentimes, firms forget about the business and operations aspect that is equally as important to keeping a firm operational through a disaster.

DR planning guidebookIn any type of disaster situation, it becomes a necessity to have a business continuity plan in place. You’ll need to ensure your employees know how to access their technology and how to communicate with each other if they are unable to get to the office during bad weather. There are a variety of potential scenarios that could ensue with the winter season approaching. You can learn more about these scenarios and how to respond to them here (when your hedge fund office is not accessible) and here (when your office is accessible).

Regardless of the specific scenario, there are certain business continuity best practices that your firm should follow in order to ensure your business processes are not interrupted when the first snowstorm hits.

The Importance of Communication

The reality is, you can have all the processes and procedures in place to prepare for a disaster, but if they are not properly communicated to your employees and external parties, then their effect will be minimal.

Start by determining who needs to be notified during a disaster, both internally and externally. In addition to employees and their families, you’ll want to consider the third-parties you work with regularly including investors, fund administrators, and other vendors. Once you know who to identify, the question is how to identify them. Consider using an automated messaging system that will send SMS (text) messages to all identified parties. Another good strategy is the use of wallet cards, which can be distributed to all internal parties and include information on alternate work locations and other business continuity instructions.

The key is remembering to start the communication process before you actually need to – while your Winter Weather Preparednesstechnology is still available. Create a calling tree in advance of a disaster so each person understands who is responsible for notifying whom.

Finally, in order to ensure these messages are properly communicated, consider holding employee information sessions and conducting tabletop exercises internally to walk through formal processes and ensure everyone is on the same page.

Remote Access Technologies

When a winter disaster strikes, it’s very possible that employees will be forced to work from home or an alternative work location if they are unable to get into the office or the building is closed to tenants. But ensuring your employees actually know how to work remotely will go a long way in validating the effectiveness of your BCP plan.

There are a few different options for remote access, notably Virtual Private Network (VPN), Citrix, and Outlook Web Access (OWA).

  • VPN: IPSec or SSL VPN technologies work by connecting your home computer to that which resides in your office. You are able to “remote desktop” and run all of the applications which live on your work computer’s server.
  • Citrix: With a Citrix server, you are able to log into a website via any computer and get access to the applications that live on the Citrix server in your office. When you click any application icon, it will appear as if it is running locally despite being housed on your office server.
  • OWA: For those companies who use Microsoft Outlook for email, you can log into OWA to access your email account from an external computer.

Whichever technology or combination of technologies your firm decides to employ for remote access, the key is ensuring your employees know how to properly use them and test them prior to a disaster.

When talking about remote access, another consideration to keep in mind is licensing. SSL VPN and Citrix are both licensed by concurrent users, meaning the number of users accessing the technology at any given moment. As your firm adds new employees and users, remember to add licenses according. Unfortunately, you won’t realize you have fewer licenses than you need until a potential disaster hits.

Remote Test Plans

A remote test plan is an effective means of ensuring your employees can remain functional during a disaster and that your business will not be negatively affected. Following are steps your employees should take to ensure they can use remote access technology successfully during a winter disaster:

  • Validate successful communication to internal and external dependencies

  • Confirm full functionality of required applications

  • Perform all business functions

  • Confirm access to vital records

  • Redirect phones to home/mobile phone

You can also read our article on what is involved in a DR test.

Ultimately, your business will remain operational and successful during any winter weather disaster that strikes if you ensure you have the proper processes and procedures in place, you communicate those procedures thoroughly to your employees and you encourage all personnel to test their remote access capabilities.

If you would like to learn more about the BCP process or to speak with an Eze Castle Certified Business Continuity Professional, please contact us.

Contact an Eze Castle representative

]]>
<![CDATA[Eze Castle’s Secret Sauce: Why We’re a Best Place to Work (Video)]]>http://www.eci.com/blog/188-eze-castles-secret-sauce-why-were-a-best-place-to-work-video.htmlTue, 13 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=188 In case you didn’t hear the good news, Eze Castle Integration is honored to have been named to Crain’s New York Business’ list of Best Places to Work in New York City for the third straight year! We climbed 15 spots to land at #22 this year on the list, which honors just 50 NYC companies each year. You can read our official announcement here.

Our training and corporate development program is one of the many reasons our employees think Eze Castle is a great place to work. But enough from me! You want to hear straight from our New York employees about why they love Eze Castle, right?

It’s your lucky day. Check out our newest video and see what these Eze Castle employees love about their Best Place company!

Contact an Eze Castle representative

]]>
<![CDATA[Ledgex Systems Adds Fund Reconciliation & PE Enhancements]]>http://www.eci.com/blog/186-ledgex-systems-adds-fund-reconciliation--pe-enhancements.htmlTue, 06 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=186 As a general rule we don’t post articles on press releases, but for our friends at Ledgex Systems we are going to make an exception. They just released version 4.0 of their product.

Ledgex Systems is a software provider targeting the alternative asset management industry – primarily multi-fund managers and private equity firms. Since officially launching in 2010, Ledgex Systems has signed many new clients and invested greatly in expanding the functionality of its flagship product, Ledgex. Today they released Ledgex 4.0.Ledgex

The Ledgex platform gives alternative asset managers the ability to systematically manage their portfolios, perform complex liquidity scenarios, and provide robust reporting, both internal and external to the firm.

Version 4.0 introduces Ledgex Reconciliation, a new module that provides an automated method for users to systematically import data from their administrators and compare it with existing portfolio data. Ledgex Reconciliation greatly simplifies the manual reconciliation process that various functional groups within a firm are tasked with performing on a daily, weekly, and monthly basis.

The new version also includes enhancements that private equity firms should appreciate including advancements in the ability to track in–depth account level details and provide a quick analysis and calculations of account assets and returns.

In case you aren’t well versed in all Ledgex has to offer, here is a recap of the other platform components:

  • Ledgex Workbench, a streamlined portfolio planning module which consolidates portfolio management activity into a central workspace. Ledgex Workbench allows users to perform complex scenario-based trade planning, customized ‘what if’ analysis, and complex liquidity modeling for all future portfolio activity.

  • Ledgex Manager, a comprehensive portfolio management system for fund of funds, private equity firms, endowments, family offices and fund administrators. Ledgex Manager solves the need for advanced portfolio management and administration and provides the ability to manage the investment pipeline, perform due diligence, track fund estimates and manage the final valuation processes.

  • Ledgex Monitor, a fully customizable investment monitoring system. Ledgex Monitor provides the tools necessary to monitor and track firm-defined fund attributes for detailed analysis, fund attribution, and transparency reporting.

  • Ledgex Investor Relationship Management (IRM) for managing quantitative and qualitative data for a firm’s investors and hedge fund or private equity interests.

  • Ledgex Alerts enables individuals or groups at a firm to monitor internal and external activity, content, business data, and relevant industry information.

]]>
<![CDATA[Four Trends Shaping Hedge Fund Technology (in 2011)]]>http://www.eci.com/blog/185-four-trends-shaping-hedge-fund-technology-in-2011.htmlThu, 01 Dec 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=185 It goes without saying that technology has reshaped the hedge fund industry and continues to do so more and more each year. This evolution was the focus of conversations our managing director, Vinod Paul, had over the last week with clients and reporters during his visit to London. Reflecting on 2011, some of the hedge fund technology trends that have made the biggest impact on the industry this year include:

  • Cloud Computing – You probably knew this would top our list. Adoption of cloud technology continues to grow, especially as concerns around cloud security ease thanks to technology advances and education. Eze Castle Integration has invested millions in our Eze Private Cloud and today has nearly 160 clients utilising our cloud services. Hedge Fund Cloud Computing Knowledge Center

  • Virtualisation – This technology is becoming commonplace in both on-premise and hosted IT environments and we expect that trend to continue through 2012.

  • Social Media – Business communications have evolved from purely email-based to now include social media platforms from Facebook and LinkedIn to Twitter, Google+ and YouTube. As such, hedge funds are challenged to create social media policies (or not) that guide users' actions in these communities. Participation in social media forums will surely continue to increase in 2012 so firms should consider how a social enterprise will impact their firm (either positively or negatively).

  • Smart Phones and Mobile Applications – Apple has changed the game with its mobile devices, and today iPhones and iPads are becoming the norm, rather than the exception, for hedge fund professionals. The growing array of mobile devices and applications challenges IT to protect company data while fulfilling user demands for device autonomy.

Beyond technology discussions, part of Vinod's trip included attending the London Hedge Funds Care Open Your Heart Benefit. Vinod is a member of the New York City Committee of Hearts for HFC. Here is a picture of our team before they headed out for the benefit.

Eze Castle Attending Hedge Funds Care

Useful Resources

·

]]>
<![CDATA[Eze Castle Speaks: What We're Thankful For (Video!)]]>http://www.eci.com/blog/183-eze-castle-speaks-what-were-thankful-for-video.htmlTue, 22 Nov 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=183 It’s Thanksgiving week, and, as usual, it’s got us thinking about what we’re truly thankful for this year. If you remember, in 2010 we acknowledged our thanks to wonderful charitable organizations such as Hedge Funds Care and Big Brothers Big Sisters, our great partner network, and our worldwide client base.

This year, we thought we’d ask our employees what they’re thankful for this holiday season. Check out the video below to hear their answers!

What are you thankful for this year?

]]>
<![CDATA[WAN Optimization for Remote Users: Is It Right for Your Firm?]]>http://www.eci.com/blog/182-wan-optimization-for-remote-users-is-it-right-for-your-firm.htmlThu, 17 Nov 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=182 When we introduced our readers to the concept of WAN optimization a few months ago, we looked at the various efficiency and budgetary benefits this technology can provide for hedge funds and other alternative investment organizations. To take these advantages one step further, I recently sat down with Matt Jones, our telecommunications technology manager here at Eze Castle, to learn more about how WAN optimization is benefitting our clients, especially those whose employees frequently work remotely.

riverbed wan optimization technologyMatt and I discussed how WAN optimization technology providers offer solutions that enable large volumes of data to be transmitted across telecommunication lines with minimal bandwidth. Through new products that are entering the marketplace, such as Riverbed’s Steelhead Mobile technology, employees can have LAN-like access to all of their important files and documents – just as they would if they were seated at their desks in the office – without incurring the steep costs involved with increasing bandwidth.

Why should my firm use this technology?

In an age where mobile computing has become commonplace, the ability to seamlessly complete one’s daily activities via a laptop, tablet or smartphone from anywhere in the world is crucial to maintaining operational efficiency. Issues such as bandwidth constraints, high-latency environments and application protocol inefficiencies often plague mobile users and hinder productivity and collaboration. WAN optimization eliminates these challenges by moving data rapidly without adding costly bandwidth. This results in many advantages for remote users, including:

  • Web-based applications can be run 20-60 times faster
  • Rapid document downloading and transfers for speedy collaboration
  • Streamlined communication between employees regardless of physical location
  • Significant reduction in bandwidth utilization levels
  • Quick and easy deployment
  • Decreased costs resulting from reduced data charges

How does it work?

Technology such as the Steelhead Mobile product is installed on an employee’s laptop or desktop PC and connects via the Internet to his or her mobile devices. Its activity is completely transparent to the user, so he or she does is not burdened with having to learn a new tool or change any existing processes. With this technology running in the background, the only difference the individual will notice is an enhanced mobile computing experience.

Looking for more information on WAN optimization for mobile users? Interested in whether this technology might be beneficial for your hedge fund or investment firm? Contact the Eze Castle Communications Team, or learn more about this technology on our website.

]]>
<![CDATA[Hard Drive Shortage in Thailand Affecting Supply Chain for Resellers, Consumers]]>http://www.eci.com/blog/180-hard-drive-shortage-in-thailand-affecting-supply-chain-for-resellers-consumers.htmlThu, 10 Nov 2011 00:00:00 -0500 ecihttp://www.eci.com/blog/index.html?id=180 Hardware suppliers and resellers around the world are still reeling in the wake of the destructive flooding in Thailand and its growing impact on the technology and consumer markets. While flooding is hardly uncommon in Thailand, the waters that swept through the country beginning in July are the worst on record and continue to wreak havoc. More than 500 people have lost their lives as a result of the devastation, and thousands of manufacturing factories have been forced to shut down due to lost inventory and irreparable damage.

The Situation

In recent years, Thailand has emerged as one of the major manufacturing hubs around the world and is responsible for supplying a significant percentage (some argue as much as 70%) of the world’s demand for hard disk drives (HDD). As far as the technology industry is concerned, the current shortage of these hard drives has left major manufacturers crippled and hardware resellers concerned for the future. Notably, the shortage is affecting several of the top HDD producers, including Western Digital, Toshiba and Seagate Technology. And while these producers attempt to shift production to factories in other locations until the water recedes and factories can be rebuilt, the effects of the shortage are already being felt worldwide.

The ImpactFlooding in Thailand affecting supply chain

The reality is that while we are already starting the see the short-term impact of this devastation, no one can know for sure what the long-term effects will be. Currently, manufacturer hard drive prices are already starting to rise. While some distributors are holding on onto their inventory as they play a “wait and see” game and attempt to determine next steps, others are already increasing prices by 10 to 20 percent, and the expectation is that that figure will continue to steadily increase over the next quarter, potentially upwards of 30 to 50 percent.

In the short term, expectations are that many distributors and resellers will (hopefully) have enough inventory to meet demand through the end of the year. Come 2012, however, no one truly knows. Much of the long term outlook will depend on when the floods finally recede in Thailand and manufacturers can begin to assess the damage and take measures to renovate and rebuild.

For distributors who may be faced with a shortage of inventory, the challenge becomes more difficult. Existing manufacturers’ hard drives will likely be distributed first to the government and secondarily to larger distributors. This leaves smaller value-added resellers (VARs) to fight their way up the food chain and hope they win the lottery, so to speak.

As we get closer to Q1 and the realization that many distributors and resellers will not have stock to meet their clients’ demands, we will start to see more significant effects coming into play. Lead times for new hard drives could reach upwards of 2 to 3 months. Servers, workstations, and other hardware could start to experience delays and price increases (Extended lead times on servers are already being pushed, with a normal 5-7 day lead time stretching to 20 days). Some analysts are predicting the consumer PC market will be hit hard in Q1 and Q2, with a potential reduction in sales by as much as $7 million.

And while the first thought may be to move infrastructures to the cloud, cloud providers may also be affected and become unable to meet the demand for space. Resolve is unlikely to come until well into 2012, and indications are that manufacturers like Western Digital and Toshiba won’t operate at pre-flood levels for 9-12 months.

Consumers and business who rely on distributors and resellers for hardware should speak directly to their vendors about preparations for the remainder of the year as well as for early 2012.

At Eze Castle Integration we are monitoring this situation closely and have contingency plans in place to support our clients. If you are an Eze Castle Integration client and have questions about inventory and hardware accessibility, please contact your Client Relationship Manager.

Contact an Eze Castle Integration Sales Rep

Photo Credit: Thomas Fuller, New York Times

]]>
<![CDATA[Exploring Cloud Services: Outsourcing Back Office Ops]]>http://www.eci.com/blog/178-exploring-cloud-services-outsourcing-back-office-ops-.htmlThu, 03 Nov 2011 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=178 Earlier this week, we looked at IT Outsourcing with hosted services. In today’s blog post, we will look at the next hot topic discussed at our ‘Exploring Cloud Services for Hedge Funds’ seminar last week in London -- Outsourcing Hedge Fund Middle and Back Office Operations.

Since the financial crisis in 2008, more and more hedge funds are considering outsourcing their middle and back office functions in an effort to reduce costs and gain a competitive advantage. Let's have a look at some of the questions raised at the seminar:

What are the catalysts for hedge fund managers to outsource their middle and back office operations?

hedge fund outsourcing guidebook

  • Desire to reduce operational risk by performing tasks that were not performed previously (i.e. daily cash reconciliation, collateral management, etc.)

  • Inability to consistently align operations and accounting personnel with levels of trading activity

  • Technology infrastructure and/or personnel that are insufficient to handle current or proposed strategies (i.e. new asset classes or increased trading volume)

  • Opening overseas offices or taking on a global mandate which requires after-hours support

  • Failure or serious questions arising from Investor operational due diligence (ODD) audits that need to be resolved

  • Change in human resources (i.e. departure of personnel), which forces a firm to rethink its model

What trends are investors seeing in middle and back office outsourcing?

As investors become more demanding from an ODD perspective, the bar has been raised for hedge funds to run an institutional-grade post-trade infrastructure. This fact, coupled with a firm's desire to keep costs down, forces them to reassess their model and makes outsourcing an attractive proposition.

As firms look to outsource all or part of their operations and accounting functions, they are becoming more creative in the model they select. While the "lift out" model, whereby firms outsource all processes, has historically been popular, they now have more options availalble with compelling ROI metrics.

Tactical outsourcing has therefore been of greater interest. Along these lines, there have also been "hybrid" or "co-sourcing" models in which the organisation has the service provider hire and use some of the their employees to supplement the service provider's team of operations and/or accounting personnel.

What are the benefits that managers have derived from outsourcing their middle and back office operations?

  • Cost reduction is a key benefit. Many hedge funds migrating to the cloud model from traditional in-house IT services can significantly reduce costs, as firms’ can outsource the infrastructure (processing power, storage, networking or number of users) to a third-party provider rather than purchase a costly in-house infrastructure.

  • Firms have greater flexibility to scale up or down the IT infrastructure depending on the business needs.Reduce Costs

  • Expertise delivered by a third party service provider.

  • The robustness of their operations can be used as a marketing tool and help reduce/eliminate ODD-related issues. Outsourcing can also provide better operational workflow documentation and assistance with ODD audits.

  • Depending upon the service provider chosen, firms can keep their existing IT infrastructure and just use the personnel of the outsource provider to act as an extension of the firms staff either remotely or on-site.

  • Outsourcing consolidates the firm’s infrastructure relationships to a single vendor, allowing them to focus on day-to-day business needs.

What are some of the concerns that hedge fund managers have expressed with regard to middle and back office outsourcing?

  • Competence

  • Disempowerment

  • Language barrier (depending on where the outsourced provider's staff is located)

  • Concerns that it would be very difficult to bring back in-house services if the firm is not satisfied

  • Concerns over the ongoing viability of their service provider, which would put them in a precarious position if the service provider were to close its doors

  • Investor perception

  • Service level degradation

Be sure to come back on Tuesday for the third and final installment of our seminar recap on exploring cloud services!

Additional Resources:

contact eze

]]>
<![CDATA[Exploring Cloud Services for Hedge Funds (Seminar Recap Part 1)]]>http://www.eci.com/blog/176-exploring-cloud-services-for-hedge-funds-seminar-recap-part-1.htmlTue, 01 Nov 2011 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=176 Last week, the Eze Castle Integration team in London hosted their final breakfast seminar of the year looking at Cloud Services for Hedge Funds.

The seminar featured a panel of experts:

  • Simon Eyre, Service Director at Eze Castle Integration

  • Andrew Kaufmann, European Business Development Manager at Viteos

  • Christian Nilsson, Head of Investment Solutions - Practice Lead EMEA at Thomson Reuters

So much information was covered at this event that we’ll be publishing three articles on what was discussed. First up (in this article!), we’ll look at IT outsourcing with hosted services. Next, we will cover outsourcing middle and back office operations.

What are the technical advantages of hosted services over on-premise solutions?

For smaller funds, advantages include:

  • Gaining access to enterprise level technologies that improve resiliency and disaster recovery options

  • Reducing internal IT staffing requirements

Larger funds receive the above benefits as well as:

  • Expanded remote connectivity options that are delivered with hosted offerings

  • Rapid scalability and flexibility, which allow faster implementations when compared with physical hardware

  • Reduced requirements on the IT team to maintain renewals, licensing and warranties

  • Allowing internal IT resources to be focused on strategic technology initiatives

What are the cost advantages achieved with hosted services?

  • Significantly less equipment to be purchased, which delivers numerous benefits including reducing initial capital expenditures

  • Reduced Comm Room or Data Room requirements within the office, which means expensive office space and resources (i.e. HVAC) can be allocated to revenue producing functions

  • Hardware refreshes are handled by the service provider behind the scenes and costs are built into the service agreement so the client pays little to nothing for the tech refresh

  • Firms gain instant access to the latest technology solutions

What is the impact of hosted services on an internal IT department?hedge fund tech guidebook

  • Dependencies on specialist IT staff (Networking, SAN Engineer, Virtualisation) are reduced

  • Current staff can focus on solutions and applications that add value to the business rather than hardware support and maintenance

  • Ownership of software upgrades and maintenance is the responsibility of the hosting provider and built into the monthly costs

Be sure to come back Thursday for part two on Exploring Cloud Services for Hedge Funds, where we will dive further and provide useful tips and resources.

Additional Resources:

]]>
<![CDATA[What to Expect from a Help Desk: Eze Help Desk FAQs]]>http://www.eci.com/blog/174-what-to-expect-from-a-help-desk-eze-help-desk-faqs.htmlTue, 25 Oct 2011 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=174 Over the past few weeks, we have been hard at work putting together our submission for this year’s Help Desk Institute Team Excellence Awards. These awards honor top Help Desk teams that consistently demonstrate excellence in customer service and support, focusing specifically on the people, processes, and technologies of the teams. You might remember our award video from last year.

In talking with our Help Desk leaders, specifically Dan Kummer (our Director of Help Desk Services) and Andre Chinkan (Associate Director of Help Desk Services), we identified a number of questions they hear repeatedly from our clients regarding what to expect when working with the Help Desk. So, to help clear some of these up, we’ve put together a set of Help Desk FAQs.

Q: What types of support does the Help Desk provide to clients?

A: The Eze Castle Help Desk (aka "the Desk") provides outsourced IT support for all clients across all regions. Specifically, the team provides technical support, including both server/client and desktop support. Help Desk analysts handle incoming calls and emails, and use all resources necessary to help resolve issues.

Eze Castle Help Desk Pic

In addition to the basic support that is provided via telephone, the Help Desk Resource Coordination team (a sub-group of the Desk) assists clients by providing access to on-site support. These individuals coordinate field engineer visits to clients' offices if an issue calls for that level of support.

The Help Desk Client Maintenance team (another sub-group) provides proactive maintenance to each of our clients across all regions on a quarterly basis. This helps to detect and address any potential technical issues before they arise or are brought to the attention of the client.

Q: What do I do if I am faced with a technical issue late at night or on the weekends?

A: The Eze Castle Help Desk team services all clients in every region on a 24x7x365 basis. The Desk is staffed around the clock with knowledgeable and experienced IT support analysts, and a manager is always either seated at the Desk or on call for assistance if needed.

Q. How can I be sure the analyst who takes my call will be knowledgeable enough to handle my issue?

A: The Eze Castle Help Desk leaders make it a top priority to hire only the best and brightest team members, and ensure that each employee is equipped with the necessary training and resources to provide top quality service to our clients. They work closely with our internal professional development team to provide both technical training and soft skill development to the Help Desk staff. The team frequently takes online courses and watches educational videos on various technologies in order to advance their skills on an ongoing basis.

Additionally, Help Desk analysts sit on an open trade desk, as opposed to segregated cubicles, so that knowledge sharing is both easy and encouraged. So if one analyst does not know the answer to a client’s question, he or she can speak directly with nearby colleagues to help resolve the issue. All analysts also have access to a vast array of resources housed on our internal Wiki, which serve as helpful reference materials for challenging questions.

Q: If the Help Desk analyst who answers my call does not know the answer to my question, how will it get resolved?

A: If leveraging the knowledge of fellow analysts on the Desk and online reference materials are not enough to fully resolve the issue, or if it requires onsite field support, Help Desk analysts will escalate the query via a formalized escalation procedure. Specific processes are in place for both normal business hours as well as nights and weekends, so clients can be assured that any resources necessary to resolve their problem will be employed to do so regardless of day or time.

Q: What if my problem persists or recurs?

A: Following any interaction with the Help Desk, clients receive a follow-up email or call from the analyst to ensure that the issue has been completely resolved. If for any reason the problem still persists, the analyst will then re-examine it and bring in other resources if necessary.

If the problem recurs again in the future and the client needs to place another call to the Desk, analysts can quickly review the original issue as well as what steps were taken in attempts to resolve it, so that the same tactics are not repeated and the client does not have to provide the same information over and over again.

Q: How can I provide feedback to Help Desk management on my experience?

A: Each member of the Help Desk team has a link to our client feedback survey in his or her email signature. When a client receives a follow-up email post-interaction, which is standard, the client can click on this link and provide feedback directly to the leaders of the Help Desk team. Also, when a new client is brought onboard, they are supplied with direct telephone numbers and email addresses of each of our Help Desk leaders, so that they can contact them directly at any time if they so choose.

Eze Castle Outsourced IT Support datasheet

Want to learn more about our awesome Help Desk? Check out our video from last year’s Help Desk Institute Awards, or read these great Hedge IT articles:

contact an eze castle representative

]]>
<![CDATA[Preparing for a Disaster: Is Your Hedge Fund Technology Up to Par?]]>http://www.eci.com/blog/170-preparing-for-a-disaster-is-your-hedge-fund-technology-up-to-par.htmlTue, 11 Oct 2011 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=170 This year, we’ve seen disasters of all kinds: snowstorms and blizzards, tornadoes and earthquakes, hurricanes and heat waves. They have their own motives and destruction paths, but each can be equally disruptive to investment firms and their daily operations. Disaster recovery solutions and business continuity plans are important tools to help firms prepare for these types of disaster situations, but without the proper education, their effectiveness is suspect.

To talk through some of these issues, we recently held a webinar featuring experts from Ridgefield Capital, Morgan Stanley and Eze Castle Integration. Take a look at our recap below. To listen to the full event recording, click here.

Disaster Recovery & Business Continuity Drivers

In today’s environment, hedge funds and alternative investment firms are looking for seamless operational connectivity as a means to attract investors, meet changing regulatory requirements and gain competitive advantages in the marketplace. Particularly since the credit crisis of 2008, firms are placing a stronger emphasis on risk mitigation. It is realistic to assume that there can be significant capital losses associated with downtime, and this fact highlights a greater need for technology systems and processes to mitigate risk and maximize operational efficiencies.

The focus on hedge fund technology has increased dramatically over the past several years, particularly around a hedge fund's disaster recovery and business continuity planning. Some investors, as we heard directly from one of our panelists, are requesting two Due Diligence Questionnaires from firms – one specifically designed for technology systems.

A Recent Reminder: Hurricane IreneDisaster Preparedness for Hedge Funds

2011’s Hurricane Irene, which struck the East Coast of the United States back in August, was a reminder to all hedge funds and investment firms to prepare for anything. Firms like Ridgefield Capital were left with no power after Irene touched down on a Sunday, and, therefore, opted to move trading operations to their disaster recovery (DR) site Monday morning. Non-traders were able to get remote access via Citrix and work from their homes. Luckily, the firm had undergone a recent DR test, and employees were well-briefed on the proper processes for such a situation.

For firms who may not have undergone recent testing, however, circumstances could have been different (Read our DR testing FAQ). Even scarier, what about firms without DR in place?

Defining your Disaster Recovery Objectives

The first step in finding the right type of DR for your fund is identifying your mission-critical systems and applications. With this knowledge, you can easily calculate your firm’s Recovery Point Objective (RPO) and Recovery Time Objective (RTO) – which will help you determine the frequency of backups you require and the least amount of downtime your firm can endure. Read more about RPO and RTO here.

Once your firm’s RPO and RTO are defined, be sure to use an infrastructure checklist as you engage with DR providers. Look for physical and virtual security processes, significant power and cooling resources, and N+1 redundancy to prevent single points of failure.

How does Business Continuity Planning fit in?

In addition to a sound DR system, hedge funds and investment firms should also maintain comprehensive business continuity plans (BCP). BCP extends beyond technology to focus on the critical operations and processes that firms must have available if a disruption occurs. Once a plan is in place, firms must properly communicate that plan to employees to ensure its effectiveness. Here are a few suggestions:

DR Guidebook for Hedge Funds

  1. Identify a predetermined rally point for employees to meet in the event of an unexpected disruption. A great way to make sure employees remember this location as well as other important information, such as phone numbers, is via a wallet card.
  2. Identify and outline all essential employee processes and procedures in writing. Who is responsible for what tasks? Be sure to give someone the task of notifying third parties including prime brokers, fund administrators and trading counterparties.
  3. Create a calling tree to ensure communication remains fluid and all personnel is promptly notified of the situation.
  4. Utilize table top exercises on a regular basis to practice BCP scenarios.

Final Thoughts

Times have changed. Technology is no longer an afterthought, but an essential part of the investor due diligence process and a key differentiator for firms looking for capital allocations. Disaster recovery and business continuity solutions are prerequisites for hedge funds in today’s industry and should be frequently tested and updated to ensure they are remain aligned with changing businesses.

Quiz: How often should a disaster recovery (DR) solution be tested?

Contact an Eze Castle representative

]]>
<![CDATA[Are Managed Services Right for Your UK Hedge Fund?]]>http://www.eci.com/blog/169-are-managed-services-right-for-your-uk-hedge-fund.htmlThu, 06 Oct 2011 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=169 On October 26th, Eze Castle Integration will be hosting a breakfast seminar in London looking at Trends in Managed Services for Hedge Funds. The seminar will be hosted by Simon Eyre, Service Director at Eze Castle Integration, and Andrew Kaufmann, European Business Development Manager at Viteos.

In preparation for the seminar, let's review the current trends in the UK hedge fund market as they relate to managed services.

In a tough economic climate with tighter budgets and stricter regulations, more and more hedge funds are looking to managed services to help align their IT and business needs.

Let’s have a look at some of the current trends that are influencing hedge funds to explore managed services:

  • Hedge Fund Managed ServicesRunning a hedge fund is more complex than ever due to changing regulations, shifting investor demands and rapidly evolving technologies.

  • Rising overhead costs have made it prohibitively expensive to build and maintain an enterprise-calibre hedge fund infrastructure in-house, driving the demand for outsourced solutions.

  • The financial crisis added impetus to the technology outsourcing movement, as cautious investors focused on operational risks and reliable, transparent reporting and accountability systems.

  • The emphasis on outsourcing has shifted from permanent onsite data centres to offsite solutions, such as Software-as-a-Service, colocation and cloud computing.

  • Hedge funds today can choose from a range of outsourcing solutions, including help desks, document management, virtual Chief Technology Officers, disaster recovery plans, Financial Information eXchange (FIX) connectivity and more.

Based on these market trends, hedge funds are increasingly turning to managed services because of the vast benefits they offer, including:

  • Lower cost - Hedge funds are able to reduce their IT cost while gaining access to innovative network technologies that can offer a competitive edge in the market.

  • Align IT with business needs

  • Access to latest technology

  • Built-in disaster recovery

  • Increased level of support and network availability without additional staff and cost

  • Adaptability to changing business needs

We hope you can join our London event on 26 October 2011 where we'll explore this topic in more detail.

Be sure to come back for part two on Trends in Managed Services in the Hedge Fund Industry, where we will dive further and provide useful tips and resources from our breakfast seminar.

Additional Resources


contact eze castle

]]>
<![CDATA[What the New iPhone Means for You]]>http://www.eci.com/blog/168-what-the-new-iphone-means-for-you.htmlTue, 04 Oct 2011 00:00:00 -0400 ecihttp://www.eci.com/blog/index.html?id=168 Today Apple had yet another one of their annual keynotes which began with a 45 minute repeat of the last one – announcing two new services, Cards and Find My Friends.

  • Cards is a new app for creating and sending greeting cards via the mail.

  • Find My Friends is a cool service that allows you to see the location of your friends, if they choose to share such information via their iPhone. This app will be great for those of us with kids who want to know where they are and keep a close eye on them. An added benefit is that it has enough parental controls to prevent iStalking.iCloud image for hedge funds

From there, Apple announced iOS 5, which will be available for the iPhone, iPad and iPod touch on Wednesday, October 12. Some of the more noteworthy new features coming from iOS 5 include Reminders and the updated Safari and Mail apps.

  • The new Safari version allows users to keep a reading list and, if you have an iPad, gain tabbed browsing. The reader feature also allows you to download an article in advance without the ads, which is not only cool but also enhances user productivity by giving them access to articles even when Internet service isn’t available.

  • The new Mail app offers encrypted message support and improved mail formatting, reminder flags and reply/forward indicators. It’s not quite Blackberry-level yet, but it is getting there.

  • The new Reminders feature makes your Outlook task list syncable with your iDevice.

The other big feature discussed (which we already knew about and will also be available on October 12th) was the iCloud. The iCloud allows for syncing devices registered with the same Apple ID over the air providing a new way of automated backups. If it works, it’ll be genius. But be warned – it is NO exception for manual backups. You should always backup! The iCloud is just a supplement.

And the part we’ve all been waiting for… the iPhone 4S (no iPhone 5 yet).iPhone 4S image

iPhone 4S has a faster processor, superior graphics, a much better camera, and looks just like the current iPhone 4. Additional features - the ones that matter - are the new components. They allow for faster speeds (not quite LTE, but still fast) and connections to both GSM and CDMA, which make this a “World Phone.” For those of you that like Verizon and like to travel, you can now do it and stay connected. Checkout our handy comparison chart on iPhone 4S versus iPhone 4.

These enhancements alone make the iPhone 4S just a toy and not the new device we all need and hoped for. Luckily, Apple added one more big feature – Siri, a “voice assistant.” If the claims are true, in my opinion, the iPhone goes from another high-tech gadget to a must-have. Being able to ask my phone any question and get an accurate answer is like having a personal assistant with me at all times. (Check out: "Tech Talk: Should I trade my BlackBerry for an iPhone)

With Siri, you can ask a question based on info you have on your phone, such as your calendar, or dictate a reply to a text message. You can even ask about the weather, stocks or restaurants – and it replies accurately. That’s pretty awesome – if it works.

And the conclusion…I view the new features as a definite win. I’ve been using the beta developer releases of iOS 5 for a few months now on my iPad and, although definitely buggy at first, iOS 5 has made the iPad much more useful. As for iPhone 4S, while certainly faster and more visually pleasing, I’m holding my opinion until I can play with the voice assistant.

What are your thoughts on Apple’s announcements today?

Comparing iPhone 4S and iPhone 4