New Year, New Resolutions for Hedge Funds

It’s officially 2015! With the New Year upon us it is important to set new goals for the future. In today’s post, we will offer five resolutions hedge funds should consider to help pave the pathway for another prosperous year. 

Resolution #1: Prepare for Cybersecurity

In 2014, hedge funds were revamping their IT policies and upgrading their methods of preventing, detecting and responding to cyber threats. However, this push to overhaul and enhance security was largely reactive to the several breaches we witnessed in 2014. Among those companies affected were Sony, Target, JP Morgan Chase and Home Depot. In 2015, we predict cybersecurity will remain at the forefront of headlines. That being said, hedge funds should prepare ahead of time and have detailed information security policies in place.

Resolution #2: Avoid Common Cloud Mistakes

When it comes to hedge fund operations and technology, there is no margin for error. Common mistakes range from not sizing bandwidth adequately to business needs to not planning proactively for applications and assuming deep security safeguards are in place. Hedge funds that take the proper precautions and do their research when cloud shopping save themselves from preventable stress and inflated issues down the road. 

Resolution #3: Know Basic Cloud Terminology

Technology is ever-evolving. To help make these continuous developments less overwhelming, we suggest keeping up-to-date with cloud jargon. In 2015, ensure your hedge fund has brushed up on basic cloud terms to stay in the know, rather than behind the curve.  

Resolution #4: Proactively Set Policies in Place

At Eze Castle, we recommend that all hedge funds employ several layers of security and have a Business Continuity Plan (BCP) in place to help mitigate risk and reduce the level of impact should a disaster occur. Firms should also make sure information, whether confidential or sensitive, is protected by internal and external policies. Having the following guidelines and procedures in place will help prevent sensitive and confidential business data from falling into the wrong hands:

• Principle of Defense in Depth

• Principle of Least Privilege 

• Written Information Security Policies (WISP)

• Secure User Authentication Protocols and Encryption

• Mobile Device Policy

• Audit and Logging Systems

Resolution #5: Test Your Disaster Recovery (DR) Systems Frequently

We cannot stress enough how imperative it is to test DR systems on a regular basis. Why should you test it? Because it helps ensure that the DR site meets your present business needs as well as your firm's needs during a disaster. As your organization evolves and changes, your DR system should adapt accordingly. Not testing this sytem could leave your fund vulnerable to a disaster and may hinder the continuation of efficient business operations.  

Additional Resources:

• IT Security Etiquette: A Best Practices Video Guide

• Trend Watch: Technology Predictions for 2015

• Back to Basics: 10 Cloud Technology Terms to Know