Eze Castle Integration

Cloud Forum Blog

> Subscribe to Blog Entries about Trends We're Seeing

Five Hedge Fund Cybersecurity Risks and Struggles

Posted by Katelyn Orrok on Tuesday, October 4th, 2016

In Part Three of our Risk Outlook Webinar Series, Michael Corcione, Managing Director of Cordium, spoke about compliance and cybersecurity trends in the investment industry. Although cybersecurity risks and struggles can vary from firm to firm, it is important to address a number of key areas.

Continue reading for quick takeaways or scroll down to watch the 30 minute video replay.


Good security can be achieved as firms move from reactive to proactive strategies. Firms usually start with the goal of checking the box for regulators, but they need to get beyond the 'check-the-box' exercises and test controls. The SEC’s 2015 cybersecurity guidance update provided more specific insights on cybersecurity focus areas for investment firms - governance and risk assessments, training and awareness, incident response, data loss prevention, access rights controls, and vendor risk management. Hedge funds and investment firms should use this as a framework, understand how they have addressed these areas and where they need to improve. 


A good cybersecurity program starts with the leadership team, and they need to set the tone from the top down. This way everybody understands the impact of risk and its effects on the firm. Leaders should acknowledge risk, understand risk, and lead ongoing discussions firm-wide.

Categorized under: Security  Hedge Fund Operations  Trends We're Seeing  Videos And Infographics 

The Transformation of Private Equity Operations (Webinar Recap)

Posted by Katelyn Orrok on Thursday, September 22nd, 2016

Private equity firms have been slow to embrace outsourcing, but managing data and technology is more complex than ever. With increasing regulatory requirements and a growing urge to focus on core competencies, PE firms are shifting their views of the back office. In case you missed our recent webinar on 'The Transformation of Private Equity Operations', speakers from Citco Fund Services and Eze Castle Integration examined the changing tide for private equity operations and how CFOs, CTOs and fund managers alike can control operating costs, maximize efficiency and better perfect operational workflows.

Drivers for change.

The number one reason for managers to make the switch to an outsourced solution is the desire for managers to get back to their roots. The idea of back office transformation is really founded in that managers have found themselves spending much more time doing everything but raising money and investing money.

Beneath this layer, back office transformation is also driven by regulation, investor transparency, the lifecycle of a private equity firm, and global reach. Slow adoption, fast results. The private equity sector has been slow on the uptake when it comes to outsourcing, and we contribute this lag due to lack of education on the process and benefits of outsourcing. In the past three to five years, adoption in the PE space has increased because it is cost effective, secure and feature rich. Private equity firms that have made the switch wonder why others are not doing the same. The idea of leveraging an experienced managed service provider is one that private equity firms have really embraced because there is no burden for firms to hire and attract talent, which can be challenging and expensive.

Categorized under: Private Equity  Cloud Computing  Security  Outsourcing  Infrastructure  Trends We're Seeing 

Recapping the Latest Apple Release: iPhone 7, Watch Series 2 and AirPods

Posted by Katelyn Orrok on Thursday, September 8th, 2016

The day that many Apple users wait for every year finally came - the release of the newest Apple products. From the latest iPhone to the all-new Airpods, Apple had a lot to share with us yesterday afternoon. We’ve recapped some highlights below.

Watch Series 2

Unlike the Watch Series 1, the Watch Series 2 now has a built-in GPS and is water resistant. The new processor will now be in the Watch Series 1 and the Watch Series 2, but there will be a $100 price difference between the two models.

iPhone 7

The new iPhone 7 introduces a new camera, better performance, longer battery life, stereo speakers, the brightest display yet, and it’s the first water resistant iPhone. iPhone 7 and iPhone 7 Plus are splash, water, and dust resistant and were tested under controlled laboratory conditions with a rating of IP67 under IEC standard 60529. Battery life and charge cycles vary by use and settings, but the iPhone 7 and & 7 Plus have been tested to hold a charge up to one (7 Plus) or two (7) hours longer.
Strangely, Apple seemed quite excited to announce the introduction of two new colors - black and jet black.
The biggest change for iPhone users is the elimination of the audio port. Stepping in are AirPods, Apple’s version of wireless headphones. The iPhone 7 will come with traditional EarPods that are connected through the lighting connector (goodbye, headphone jack!), or you can use an old set of headphones using the provided adapter. AirPods are an additional cost ($159).

Categorized under: Communications  Trends We're Seeing 

Setting Up Secure File Sharing at Your Hedge Fund: Varonis on Eze Cloud

Posted by Mary Beth Hamilton on Tuesday, September 6th, 2016

As we work with clients on completing due diligence questionnaires (DDQs), one increasingly common question is, “does your firm block access to data sharing sites such as DropBox or Google Drive?”

Generally the answer to this question should be ‘Yes,’ but that isn’t always the case because public file sharing services such as these are very convenient, and firms may overlook the security risk they pose. Additionally, employees accustomed to using Dropbox for personal use may be tempted to go for convenience over security when they need to share a large file or data set.

However, with security threats multiplying exponentially, hedge funds and alternative investment firms need to be proactive in protecting data and personally identifiable information (PII) from accidental and malicious insider risks. That’s why for secure file sharing Eze Castle Integration includes Varonis' DatAnywhere product as a standard feature within our Eze Managed Suite. Varonis' DatAnywhere offers users seamless and secure collaboration and file sharing across devices.

Beyond security, Varonis' DatAnywhere is easy to use. Users receive the same drag-n-drop experience as shared network drives or a cloud sync folder, which means no need for training on complex user interfaces and collaboration workflows. Additionally, data is automatically backed up and version controlled.

Categorized under: Infrastructure  Cloud Computing  Security  Trends We're Seeing  Videos And Infographics 

A How-To Guide to Selling the Cloud to Your CFO

Posted by Kaleigh Alessandro on Tuesday, December 8th, 2015

handshakeIf you’re one of the seemingly few firms who has yet to make the move to the cloud, it could be for a variety of reasons. Perhaps you want to maintain total control of your IT environment. Or maybe you’re waiting for a tech refresh to motivate you. Alternatively, it could be that you just haven’t made the proper case to management for switching to the cloud – and many times the one who really needs convincing is the Chief Financial Officer (CFO).
If you’re the Chief Technology Officer (CTO) or IT Manager, your responsibility is determining the infrastructure choices that are going to best suit operations at your firm. But those priorities may not line up exactly with those of the firm’s CFO. IT doesn’t always have insight into the financial ramifications of an operations decision of this magnitude. Instead they are typically focused on the other benefits including personnel reallocation, workflow efficiencies, etc.
The CFO, on the other hand, is ultimately tasked with ensuring the company’s financial decisions are appropriate, and therefore, it’s often advantageous to at least attempt to speak his/her language when pushing for an IT change.

Categorized under: Cloud Computing  Hedge Fund Operations  Outsourcing  Trends We're Seeing 

Four Smart Hedge Fund Technology Resolutions for 2016

Posted by Mary Beth Hamilton on Tuesday, December 1st, 2015

A new year, which is just around the corner, brings us endless opportunities to improve. So here’s a list of the top 4 IT resolutions that will help keep your hedge fund safe and sound in 2016.


Categorized under: Cloud Computing  Launching A Hedge Fund  Hedge Fund Insiders  Security  Disaster Recovery  Hedge Fund Operations  Trends We're Seeing  Videos And Infographics 

Ride Through the Security Layers Encasing the Eze Managed Suite

Posted by Mary Beth Hamilton on Tuesday, September 1st, 2015

Eze Video Debut!

Ever wonder about the layers of security encasing our Eze Managed Suite solution? We thought you had. That's why we created this video, which outlines not only the security protections but also the extensive services available to investment firms and hedge funds that move to our premier cloud solution.

Watch, learn and then contact us for more details.

Categorized under: Cloud Computing  Launching A Hedge Fund  Disaster Recovery  Security  Trends We're Seeing  Videos And Infographics 

Understanding Social Engineering: How to Avoid Phishing Attacks

Posted by Katie Sloane on Tuesday, July 7th, 2015

In the context of information technology, social engineering refers to the act of tricking people into divulging confidential or sensitive business information, and breaking security policies. This form of attack infiltrates companies by targeting their weakest access point, which predominantly is a firm’s employees.Understanding Social Engineering; Spear Phishing, Cyber Security

The Art of the Phishing Con

Let’s examine a popular technique for social engineering known as phishing. In a phishing scheme, the hacker broadly disseminates a fraudulent email with aim to acquire sensitive data, such as, login credentials, IT resources or banking information. The message may request the recipient to submit personal information or to click on a link embedded with malware. Although this approach rarely dupes sophisticated users, a distracted employee could make one mistake and compromise a firm’s entire network.

Categorized under: Security  Hedge Fund Due Diligence  Hedge Fund Operations  Hedge Fund Regulation  Infrastructure  Communications  Trends We're Seeing 

A Look at OCIE's Cybersecurity Exam Sweep Findings: Hedge Funds Take Note

Posted by Mary Beth Hamilton on Tuesday, February 17th, 2015

In its 2015 priorities, the SEC’s Office of Compliance Inspections and Examinations (OCIE) listed cybersecurity as a key focus area in its risk-based assessments. Then on February 3, 2015, OCIE released summary findings from its Cybersecurity Examination Sweep.
OCIE’s sweep focused on written documentation for their assessment and conducted "limited testing" of the accuracy of the responses. They did not review the technical sufficiency of the firms’ programs either. OCIE’s reliance on documentation highlights the importance of complete Written Information Security Policies.
Following are noteworthy items Eze Castle Integration observed in reviewing the findings.

  • Most firms adopted written information security policies, but 43% of advisers did not conduct periodic audits to determine compliance with these information security policies and procedures. 

  • 49% of advisers did not discuss mitigating the effects of a cybersecurity incident and/or outline the plan to recover from such an incident in their written business continuity plans.

  • The vast majority of examined firms conduct periodic risk assessments, on a firm-wide basis, to identify cybersecurity threats, vulnerabilities, and potential business consequences. However, only 32% of advisers require cybersecurity risk assessments of vendors with access to their firms’ networks. 

In the Written Information Security Plans (WISP) Eze Castle Integration creates for clients, we include service provider risk assessments as a standard element.

Categorized under: Security  Launching A Hedge Fund  Hedge Fund Due Diligence  Infrastructure  Trends We're Seeing 

2015 Hedge Fund Trends & SEC Exam Priorities (Webinar Recap)

Posted by Anna Wendt on Thursday, February 5th, 2015

Ricardo Davidovich

With a new year comes new regulations for hedge funds and investment firms. Earlier this week, Eze Castle Integration hosted a webinar during which Ricardo Davidovich, partner at Haynes & Boone LLP shared his insight into the Securities and Exchange Commission’s (SEC) new examination priorities as well as reoccurring themes firms should expect to see play out through the year.

What’s New in 2015

Retail Investors

One priority for examinations this year is the focus on retail investors. Davidovich says that “hedge funds, which in [the SEC’s] mind have historically been an exclusive and private club, are being sold to the retail and consumer client base.” Meaning they will be taking a closer look at the types of fees being sold, the sales practices and the suitability analysis. Firms should focus on making sure no information released is misleading and that there are provisions against fraud. There should be a real emphasis on policies to create guidelines that can be shown and proven to the SEC.

Categorized under: Launching A Hedge Fund  Security  Hedge Fund Operations  Hedge Fund Regulation  Trends We're Seeing 

View earlier posts in the archive

Recent Posts


Subscribe to Hedge IT

Follow Us

    Follow us on Twitter Follow us on FaceBook Follow us on LinkedIn Follow us on Google RSS Feed

Cloud Forum Blog