Eze Castle Integration Eze Castle Integration

Hedge IT Blog

> Subscribe to Blog Entries about Hedge Fund Operations RSS

Hedge Fund Cloud Summit Five Years Later: What's Changed?

By Kaleigh Alessandro,
Thursday, April 20th, 2017

I love a good Throwback Thursday, and for today's post, I want to throw it back to five years ago this month. It was April 2012, and we were hosting one of our biggest and most ambitious events: a Hedge Fund Cloud Summit. At the time, cloud computing was widely discussed and adoption was certainly growing, but there were still a number of lingering questions heard across the industry with regards to financial and business impacts of the cloud, effects on in-house IT staffs and, of course, security. 

We still answer many questions related to these topics today, so I thought it might be fun to take a look back at the four panel topics we addressed back in the 2012 event and examine how much the conversation has really changed - or in some cases, how perhaps it's stayed the same. 

Making the Business (and Financial) Case for the Cloud

For hedge fund COOs and CFOs, the business impact of a move to the cloud is still a critical consideration for established firms. But many of the myths and common questions that were prevalent back in 2012 are now pretty easy to explain. How do investors feel about the cloud? In 2017, investors are generally comfortable with the cloud if not in favor of it over legacy, on-premise IT infrastructure setups. Is the cloud really more cost-effective? This question was a long-standing 'myth' that's been debunked; for some firms, yes, costs may be lower depending on their previous infrastructure and personnel situation, but for all, the predictability of cost is what has become a primary driver for cloud adopters. 

Categorized under: Cloud Computing  Security  Operational Due Diligence  Outsourcing  Launching A Hedge Fund  Private Equity  Hedge Fund Operations  Infrastructure  Trends We're Seeing 



The Value of a Global Network: Q&A with Networking Expert Mike Abbey

By Eze Castle Integration,
Tuesday, April 18th, 2017

With the gravitation towards all things cloud, understanding the role a global network plays in all layers of connectivity is crucial, especialy for the financial sector where firms rely on low-latency and seamless access to counterparties across the globe. 

mike abbey eze castle integration headshotSo, as we often like to do here on the Hedge IT blog, we turned to the experts.
 
Mike Abbey is the vice president of network services here at Eze Castle Integration. He joined the company in 1999 and is currently responsible for ECINet, our global carrier class network platform. Mike also provides design consulting and best practice audits on fault tolerance and scalable optical, Ethernet, and IP-based networks, from single and multi-site domestic networks to multi-site, global deployments. He is a graduate of Binghamton University.
 
Q. Mike, what are you hearing from clients regarding networking and Internet services?
A. To be honest, most hedge fund managers don’t have the time – and don’t necessarily want – to grapple with the complicated intricacies of securing and maintaining an enterprise-class network or Internet service. That’s where my team and I come in. We help simplify this process for our clients using Eze Castle’s ECINet global private network.

Categorized under: Communications  Cloud Computing  Outsourcing  Hedge Fund Operations  Infrastructure 



Top 10 IT Security Audit Gaps and How to Avoid Them

By Katelyn Orrok,
Tuesday, April 11th, 2017

When it comes to cybersecurity there are many factors that you need to be conscious of. During a recent webinar, speakers from Eze Castle Integration and Wolf & Company shared 10 of the most common cybersecurity gaps identified during an IT audit/risk assessment. We’ve listed the top 10 below and shared some particulars on a few of the most critical (in our opinion). For more detail on how these gaps are presenting themselves – and also best practices for avoiding them – click here to listen to the full webinar replay

Top 10 IT Security Gaps  

  1. Risk Management and Governance

  2. IT Asset Management

  3. Vulnerability Assessments

  4. Patch Management 

  5. Social Engineering & User Training 

  6. Business Continuity Planning

  7. Multi-Factor Authentication

  8. Third Party Vendor Management 

  9. User Provisioning and Management 

  10. Incident Response Planning/Procedures 

Risk Management and Governance

Responsibility and accountability for risk management starts in-house – and at the top. Even for firms that rely on third party outsourced providers, it’s imperative (and often overlooked) to establish governance controls and outline who internally maintains ownership of the firm’s security posture – and more broadly, who owns the firm’s risks. 

Categorized under: Security  Operational Due Diligence  Outsourcing  Private Equity  Hedge Fund Operations  Infrastructure  Business Continuity Planning  Trends We're Seeing  Videos And Infographics 



IRS Phishing and Malware Scams Abound, Here’s How to Avoid the Bait

By Mary Beth Hamilton,
Tuesday, April 4th, 2017

As April 18th (US) and April 30th (Canada) near, cyber scammers are pulling out all their tax scams to trick consumers and capitalize on the flurry of activity. Our friends over at Proofpoint say that “this year, [they have] tracked malware distribution in addition to the customary phishing schemes among the email threats related to federal taxes.”

The IRS is also urging people to remember that “the IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. In addition, IRS does not threaten taxpayers with lawsuits, imprisonment or other enforcement action.”

So to help our clients stay vigilant, we’re highlighting some recent phishing tricks and sharing phishing flags every employee should recognize.

IRS Phishing and Malware Scam Examples

Example 1: Malware Distribution

This first example centers on malware delivery and was identified by the Proofpoint researchers who analyzed numerous tax/IRS-related phishing emails. In this IRS phishing campaign, the recipient was asked to read the IRS Privacy Policy, which was attached to the email (hint: don’t open unexpected attachments!). With this campaign, once the attachment was opened and the embedded macros where enabled, the macros downloaded malware (Dridex botnet ID 1105).


IRS malware scam email by Proofpoint

Categorized under: Security  Operational Due Diligence  Hedge Fund Operations  Infrastructure  Trends We're Seeing 



Cost, complexity & security drive hedge fund outsourcing

By Lauren Zdanis,
Thursday, March 30th, 2017

This article first appeared on Hedgeweek and Private Equity Wire as part of Eze Castle Integration's Technology Resource Center

Outsourcing has not only become an accepted practice among hedge fund managers, it has become a necessity as funds large and small seek out ways to control their costs, manage their internal resources more effectively, and overcome the ever growing challenge of regulatory compliance. Mark Coriaty, Chief Strategy Officer Eze Castle Integration

Perhaps more than ever before, hedge fund managers recognise that as cloud technology makes huge strides forward it makes more sense to focus on their core activities of investing and raising capital, appointing a trusted outsourced provider to manage the raft of non-core activities that investors do not want managers to be preoccupied with. 

Indeed, while the thought of hosting IT offsite was once a worry for allocators, today’s investors find comfort in knowing hedge fund and alternative investment firms are focusing on their investment priorities and leaving the technology decisions to the experts. 

Mark Coriaty is Chief Strategy Officer at Eze Castle Integration. In his view, a firm’s fee structure as well as the growing complexity of the back-office directly impact the extent to which managers choose to outsource and spend capital over time. 

"Today the majority of our clients range anywhere from 20 to 200 users and most of these users sit in the front office; portfolio managers, analysts, traders, says Coriaty. Over time, the back office has had to grow due to the number of counterparties and regulatory obligations that managers have. The growth of counterparties and investor requirements coupled with increased compliance and regulations has introduced more complexity and risk into hedge fund options." 

Hence outsourcing.

Categorized under: Outsourcing  Security  Hedge Fund Operations  Trends We're Seeing 



Essential Building Blocks to Hedge Fund Cyber Risk Management

By Lauren Zdanis,
Thursday, March 23rd, 2017

The following article originally appeared in HFMWeek's Cyber Compliance Focus.Hedge Fund Cybersecurity Compliance

It’s not enough to have strong security policies. And it’s not enough to have robust technologies in place to ward off cyber threats. In truth, it’s not even enough to have both of these.

An effective cybersecurity program, rather, can only be achieved through a consistent and comprehensive strategy that touches layers across the entirety of the organization – from perimeter security and access control to policy enforcement and employee training. Without each of these building blocks, the effectiveness of a cyber risk management program is crippled at best.

And today’s standards for cybersecurity are increasing rapidly.

Categorized under: Security  Private Equity  Hedge Fund Operations  Hedge Fund Regulation  Outsourcing  Infrastructure  Communications  Trends We're Seeing 



ODD & Technology Advice for Achieving Institutional Operations (Video)

By Lauren Zdanis,
Thursday, March 16th, 2017

Post-launch, many hedge funds and investment firms struggle to gain ground and attract the institutional capital needed to succeed in today’s competitive market. As firms grow – and bandwidth and budget are less likely to be roadblocks – it can be a challenge to reinvent the wheel and position your firm to capture institutional dollars.

During a recent webinar, speakers from EisnerAmper and Eze Castle Integration explored trends in hedge fund operational due diligence and technology operations and offered advice for asset managers looking to grow out of their startup boots and achieve an institutional grade operation. Some areas they explored during the 40-minute webinar include:

  • How institutional investor expectations have changed for firms at the pre-launch and post-launch phases;

  • The importance of (and detriment to not) passing an operational due diligence examination;

  • How cyber security expectations are evolving to increase standards across both technology infrastructure and policy planning; 

  • If the public cloud is suitable for investment management firms looking to solidify institutional investments; and

  • Top mistakes emerging managers make that prevent successful ODD exams and institutional evolution.

Scroll down or click here to watch the replay

Categorized under: Operational Due Diligence  Security  Outsourcing  Hedge Fund Operations  Business Continuity Planning  Project Management  Videos And Infographics 



Hackers are Watching: New security threats facing investment firms

By Eze Castle Integration,
Thursday, March 9th, 2017

As you’re probably aware, the topic of cybersecurity has been splashed prominently across headlines lately. Earlier this year, the former US director of national intelligence, James Clapper, identified cybersecurity as the top global threat.

Security HeadlinesIn his testimony before the Senate Armed Services Committee, Clapper stated “I think the private sector needs to up its game on cyber security and not just wait for the government to provide perfect warning or a magic solution.” So what should you be doing to better protect your firm’s critical systems and data?
 

The truth is both large, well-established hedge funds and smaller startups are equally at risk of intrusion. Hackers may target large firms because they see an opportunity to profit from their substantial asset pools. Additionally, they might be after the notoriety associated with successfully hacking a well-known fund’s critical systems, especially in cases that will likely garner media attention. For smaller funds, hackers are likely after intellectual property, namely business plans, market forecasts and investment strategies.

Categorized under: Security  Hedge Fund Operations  Trends We're Seeing 



More RFP Questions: Data Protection, Business Continuity & Incident Response

By Eze Castle Integration,
Tuesday, March 7th, 2017

Hedge Fund Technology RFP QuestionsLast week, we shared some important questions to include in hedge fund technology RFPs, focusing on Staffing, Client Service Model and User Support. In today’s article, let’s dive back into the RFP process, and look at some questions on Business Continuity & Disaster Recovery Plans, Backup & Retention of Information, Data Security and Intrusion Detection & Incident Response.

Business Continuity & Disaster Recovery Plans

  • Does your company have a written policy and program in place for business continuity and disaster recovery?

  • Have your company’s policies and programs for business continuity and disaster recovery been fully implemented? If not fully implemented, please discuss those areas in detail and explain any plans to address them.

Categorized under: Hedge Fund Operations  Disaster Recovery  Operational Due Diligence  Business Continuity Planning 



We’ve Got The Questions: Hedge fund tech RFP questions that is

By Mary Beth Hamilton,
Thursday, March 2nd, 2017

We’ve all heard the saying, “there are no stupid questions,” but when it comes to technology it is easy to feel undereducated. Knowing what to ask a hedge fund technology provider not only makes you look smart (or smarter!) but also ensures you get the right solution.hedge fund tech guidebook

In this article we’ll look at questions around Staffing, Client Service Model and User Support for your hedge fund technology Request for Proposal. Next week we’ll give questions for DR Plans, Information Backup & Retention and Data Security.

Staffing and Skills

  • Provide the total number of employees (current year and past year). Please show numbers for overall staff as well as a breakdown by function (e.g., developers, client service, etc.).

  • Provide the number of employees gained and lost (current year and past year).

  • Describe the organizational structure of your company. Please detail the roles specific to your business (e.g., engineers, client managers, trainers, QA, etc.)

  • How many full-time employees are assigned to these particular roles, by functional and geographic split?

  • What is the anticipated project resource profile through the stages of the implementation process?

Categorized under: Operational Due Diligence  Hedge Fund Operations  Outsourcing 



View earlier posts in the archive

Recent Posts / All Posts