Eze Castle Integration Eze Castle Integration

Eze Castle Blog

Blog Entries from 04/2019

Top Questions to Ask a Cloud Service Provider

By Amanda Daly,
Tuesday, April 30th, 2019

Once you’ve decided to adopt cloud computing, it’s time to begin your search for a cloud services provider.

Likely, the first you will come across when looking for a cloud service provider is that there are many cloud service providers (CSP) out there. So, how do you know which provider is the right one for your investment firm? Following are five attributes to look for when vetting a cloud consultant:

  • Depth and Quality of Staff

  • Strong Communication Skill

  • A Proven Strategy

  • Experience in Cloud Deployment

  • Deep Security Knowledge

Categorized under: Cloud Computing  Outsourcing 



Six Questions to Ask About Your Investment Firm's Cybersecurity Risk

By Eze Castle Integration,
Thursday, April 25th, 2019

For investment management firms to embrace a security-first approach, they must regularly audit and evaluate their cybersecurity risk profile and adjust as necessary based on the evolving security landscape and technological advances. Continue reading for six questions your firm should reflect on regarding their cybersecurity risk profile.

What is our commitment to cybersecurity and what is our outlook on the future?

Regulators and investors continue to ask more questions about cybersecurity because they want to know that firms are effectively mitigating risk. To meet these growing expectations, firms must demonstrate that you take cybersecurity risk seriously and have implemented sound systems, policies and procedures to combat those risks. As the threat landscape and technology continue to evolve, investment management firms need to evolve accordingly and develop better ways to counteract threats. Firms don’t necessarily need to implement every available security technology, but they should be keenly aware of their options and have a plan to effectively mitigate as much risk as possible.

How are we addressing third party risk and oversight?

Investment management firms often rely on third party vendors to obtain functionality or capabilities that they need, want or can’t afford to produce on their own. But moving functions out of the firm's control can present challenges. With any outsourced function, the firm inherently takes on additional risks at the hands of the third party. But it's critical for investment managers to limit those risks through sufficient due diligence. To combat vendor risk, financial firms need to maintain strict oversight of all third party relationships and investigate security practices and protocols, particularly for those vendors who have access to the firm's confidential information. An outsourced vendor should be providing the same level of security (or better!) as your firm would if the function was under in-house control.

Categorized under: Security  Outsourcing  Private Equity  Hedge Fund Operations  Hedge Fund Regulation  Business Continuity Planning  Videos And Infographics 



Five Qualities to Look for in a 24x7 Help Desk

By Kulvinder Gill,
Tuesday, April 23rd, 2019

When evaluating technology providers, there are a number of factors to consider when determining which is the best fit for your firm. One important, and often overlooked, criterion is the quality of the Help Desk. Firms rely heavily on technology, but no technology is completely infallible. In the event of an unexpected issue, having a knowledgeable, experienced Help Desk at your fingertips is essential.

So, what makes an exceptional Help Desk?

In today's blog article, we will take a look at some critical considerations and provide guidelines for what to look for when selecting a Help Desk provider for your firm. 

Categorized under: Help Desk  Trends We're Seeing 



How to Create a Comprehensive Security Training Program for Employees

By Olivia Munro,
Thursday, April 18th, 2019

Here at Eze Castle Integration, we’re constantly talking about the evolving security landscape and the technical tools and layers of security required to keep your firm's sensitive information safe. Today, we're here to talk about one extremely important layer of security that firms often overlook: employee training.

Though sometimes underestimated, developing and implementing a comprehensive employee training program creates an internal culture of security and ensures that all employees maintain a "security-first approach" to everything they do. This will make your employees an asset to your data security as opposed to a threat and bolsters your firm's cybersecurity strategy.



To learn more about creating an internal of security, downloud our guidebook, Four Step Guide to Employee Security Awareness, Culture of Security.

Categorized under: Security  Outsourcing  Trends We're Seeing 



Seminar Roundup: Building Cyber and Technology Resiliency in Financial Services

By Amisha Shah ,
Tuesday, April 16th, 2019

Late last year, the Financial Conduct Authority (FCA) published a cross-sector survey. 296 firms across the wider UK financial services landscape including asset managers, investment firms and banks were surveyed to investigate how effective resiliency practices surrounding their cybersecurity and technology are. There were some shocking findings, what stood out the most was that there was a 138% increase in technology outage incidents between 2017-2018. Results from the survey also indicated that nearly half of firms do not upgrade or retire old IT systems in time. 

As an industry, whilst we’re getting better at building and maintaining a strong infrastructure with access to evolving tech and enhanced security processes, there is still pressure to do more to ensure your network is truly bulletproof. Earlier this month, experts from Eze Castle Integration and leading law firm, Simmons & Simmons, explored key areas of concern outlined by firms in this survey, sharing guidance on the cybersecurity, operational and managing third-parties aspect of building resiliency. Today’s blog article will roundup key cyber and technology considerations covered at the event by Dean Hill, Executive Director at Eze Castle Integration.

Categorized under: Security 



What Is Multi-Factor Authentication, and How Can I Use It?

By Eze Castle Integration,
Thursday, April 11th, 2019

The official definition given in TechTarget’s IT Dictionary reads: “Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. Authentication is a process in which the credentials provided are compared to those on file in a database of authorized users’ information on a local operating system or within an authentication server. If the credentials match, the process is completed and the user is granted authorization for access.”

Controlling access to ensure individuals only access the information they need is at the heart of authentication. With stories of password compromises becoming more common it is important to understand the types of authentication factors available and good computing practices.
 
As part of Information Security Planning, firms should also identify applications, services or websites that require at least one level of authentication (e.g. password protection, PC certificate, or security tokens) as well as any that may require multi-factor authentication.

 

Categorized under: Security  Cloud Computing 



Hello, Eze Dark Web Monitoring, A Deterrent to Account Takeover Activities

By Amanda Daly,
Tuesday, April 9th, 2019

Here at Eze Castle Integration, we take great pride in listening to our clients and the market as a whole. We follow a security-first approach in delivering complete cloud solutions complemented by the support of our award-winning global helpdesk, which operates 24x7x365. Whether using the public cloud, private cloud or a hybrid cloud approach, Eze Castle Integration excels in providing best-in-class solutions that address a firm’s specific needs.

Dark Web MonitoringAcross the dark web underworld criminals are buying and selling stolen user credentials, including email addresses, usernames and passwords, to access high value (i.e. executive and privileged user) accounts. Once in a system, criminals steal financial assets, uncover trade secrets and exploit other vulnerabilities. To stop this threat, firms must monitor the Dark Web and respond.

Enter Eze Dark Web Monitoring, a cost-efficient deterrent to ATO activities. Eze Dark Web Monitoring provides early detection, alerting clients when credentials are discovered and forcing users to reset passwords.

“Cybersecurity threats rank as some of the greatest risks facing the industry today with companies of all sizes under attack. At Eze Castle Integration, protecting clients is our mission. We follow a security first approach to IT and deliver fully managed security solutions, such as Eze Dark Web Monitoring, to fortify our client environments – whether they reside in a public cloud, private cloud or on-premise,” said Steve Schoener, Chief Technology Officer at Eze Castle Integration.

Categorized under: Security  Cloud Computing  Operational Due Diligence  Outsourcing  Private Equity  Disaster Recovery  Trends We're Seeing  Eze Castle Milestones 



Business Continuity Planning: The Importance of Table Top Exercises

By Eze Castle Integration,
Thursday, April 4th, 2019

business continuity planning table top meeting exerciseIn the fast-paced, volatile world of financial services, constantly maintaining normal business operations is crucial – even in the event of an unexpected disaster. Even just a few moments of downtime could be extremely costly, so it is essential that firms implement sound business continuity procedures.

Since we frequently work with our clients on developing comprehensive business continuity plans (BCPs), we feel it is important to review and test our own BCP procedures on a regular basis to ensure they will meet our most current business needs in the event of a disaster. To this end, one of our certified business continuity professionals recently conducted a BCP table top exercise with our management team here at Eze Castle. After this successful meeting, we thought it would be valuable to share some insights on the BCP table top exercise process with our readers to spotlight the importance of this activity.

Categorized under: Business Continuity Planning  Disaster Recovery 



Exploring Cybersecurity in the Legal Sector

By Kulvinder Gill,
Tuesday, April 2nd, 2019

Law firms today are becoming increasingly knowledgeable about the range of cybersecurity attack they could expect to see targeting their systems. The area of management that they most need to improve is addressing their risk profile and exposure proactively. Proper incident response to mitigate the impact of an attack continues to be business-critical – but certain actions can also reduce the likelihood of a successful attempt in the first place. In fact, businesses need to be as assiduous as those behind the growing threats they face. Cybercriminals in 2019 are doing due diligence of their own: more detailed research on the vulnerabilities of both software and the people in organisations who use it – practising and honing their skills to increase their own chances of success and ensure they’re only spotted late in the attack.

Finding the resources to meet that sizable effort can present a challenge. Large global organisations like top law firms will have strong, hard-working IT teams, but even then, running a 24/7 information security monitoring operation may present a significant burden. Instead, it may make more sense to partner with an outsourced specialist in threat management, highly trained to track emerging types of attack and their modus operandi, as well as the best ways to see them off.

 

Categorized under: Cloud Computing  Security 



Recent Posts / All Posts


 

Subscribe

Follow Us

    Follow us on Twitter Follow us on FaceBook Follow us on LinkedIn Follow us on Google RSS Feed

Recent Articles

Categories

Archives