With new technology emerging, cloud computing becoming the new norm and cybersecurity threats growing exponentially, how does this impact investment management firms across the globe? To gain a better understanding of industry IT priorities, Eze Castle Integration, in partnership with Microsoft and IDG Reserach, conducted a survey of 150 senior-level executives from the United States and United Kingdom. The findings cover technology priorities, cybersecurity plans and concerns, outsourcing attitudes and trends, and IT budgeting.
Continue reading for a synopsis of our findings, or to view the full report, you can access The 2019 Global Investment Management Survey: Understanding Industry IT Priorities and Spending HERE.
Did you know that the global average cost of a data breach is $3.86 million? Or, that the average cost incurred for each record of lost or stolen sensitive and confidential information has increased by almost five (5) percent since 2017? A recent study found that breaches are only getting bigger; and I think we have the evolving sophisticated cyber threats that continue to surface.
With the new year now upon us, what better time to create your 2019 resolutions for your firm's IT strategy! As we know, the threat landscape is constantly evolving, cloud computing has gained momentum and is now widely accepted in the investment management industry, and new technologies and trends are emerging to support firms with their IT and operational needs.
Continue reading for Eze Castle Integration's recommendations for IT resolutions for 2019:
1.) Create a Cybersecurity Incident Response Plan
As the experts in the industry say, it's not if, but when, a cybersecurity incident will occur. According to a recent report by TechCrunch, cyber attacks are set to spike again in 2019, meaning firms need to continue to stay on top of cybersecurity best practices, utilizing layers of security to protect sensitive data, of course, have a Cybersecurity Incident Response Plan. This includes creating an Incident Response Team consisting of members throughout different departments in the organization, and mapping out the steps to take before, during and after a security incident.
Building on this, developing a Written Information Security Plan, or a WISP, is critical to securing your information, but also required if your firm is registered with the SEC. Having documentation of your firm's plan and systems in place to protect personal information and sensitive company information can help mitigate threats and risk against and protect the integrity, confidentiality, and availability of your firm's data.
3.) Create a comprehensive employee security training program
If you don't have an employee training program, it is critical that you create one in 2019. If you already have an existing employee training program, you must periodically audit this program, ensuring it is both effective and current. Having a managed phishing and training program is an effective way to train employees on how to spot and report phishing and social engineering attempts. These simulated phishing attacks against your employees provide real-time and interactive training.
For investment management firms, downtime caused by technology or application failure is not an option. Efficiency and speed are critical functions in this industry, and if your firm doesn't have the in-house experience to manage and troubleshoot IT issues, unnecessary downtime is inevitable. Continue reading for four signs that your investment management firm could benefit from an IT help desk partnership.
1.) Teams are suffering from downtime.
2.) Processes are stagnant.
3.) The firm doesn't have the in-house experience.
4.) Your IT team doesn't have the bandwidth to support the firm's employees.
If your firm is showing any of the signs above, you could be operating at lower efficiency and wasting valuable time and resources. This is not only frustrating for employees, but bad for the bottom line. Utilizing a help desk partnership is an excellent way of streamlining processes, creating additional resources for employees, improving efficiency and even increasing morale.
When evaluating partners for your help desk, make sure that they have deep financial services industry knowledge and experience, are well known and recognized in the industry, and come with raving reviews. If your firm is global, make sure that they offer global support, and have engineers live 24x7x365. On top of this, having a partner who utilizes a service management system, or a ticketing and tracking system, will keep your tickets organized and helps streamline the client support.
For more information on Eze Castle's Help Desk, contact us here.
When it comes to investment management firms, collaboration, efficiency, and cutting edge technology are all critical factors when it comes to growth. At Eze Castle Integration, we partner with Microsoft to offer our clients the option to utilize OneDrive and SharePoint, two tools that can dramatically improve collaboration and streamline processes for businesses, increasing efficiency for everyone. With more people working remotely and traveling for business than ever before, mobility, security and ease of use for applications is more relevant than ever.
Before we outline the five ways SharePoint and OneDrive can transform your business operations and enhance collaboration for investment firms, let's outline the functionality of these applications. It is also key to note that in this blog, we're referring to OneDrive for Business and SharePoint Online, which are business tools and products of Office365 for Business. There are similar tools you can utilize on your personal accounts, however today we're talking about how they can specifically impact your investment firm and day-to-day business.
OneDrive: Our partners at Microsoft simply define OneDrive as "the Microsoft cloud service that connects you to all your files". Simply put, OneDrive for Business is a storage location or repository for files and documents. You are able to access this tool through Office365, anywhere at anytime, regardless of whether you're connected to your firm's VPN.
SharePoint: Like OneDrive, you're also able to access SharePoint through Office365 anywhere and anytime. It's a tool that helps firms share and collaborate on documents and files from anywhere in a secure manner.
Now, let's dive into the 5 ways OneDrive and SharePoint Improve Collaboration for Investment Firms:
As previously mentioned, one of the best features of these tools is the ability to access your files anywhere. Today more than ever, due to technological advances like these, employees are are able to work remotely with little to no change in the processes. These tools allow you to securely store your files no matter where you are and whether you’re connected to your business’s VPN, share them with your team members or partners, and access them from any of your devices. If you aren’t connected to your firm’s network, you can access and work on documents in OneDrive, and when you return to the network, the files will automatically sync with your network, ensuring a seamless transition from working at home or from a plane to being back in the office.
For alternative investment firms, there a number of business and operational challenges to navigate on a daily basis. With the evolving IT landscape and new technologies and best practices emerging, it can be difficult to stay up to speed. Here, we’ll outline four common IT challenges for alternative investment firms.
With the security landscape becoming more complicated, it can be a challenge for alternative investment firms to stay up to date with the latest and greatest trends and technologies in security. Hackers are becoming more sophisticated, and social engineering attacks are on the rise, so it is crucial to ensure that your firm has the right protections and level of security to keep your confidential information safe.
To decipher which means of security are right for your firm, you need to look at your company size and risk profile. Suffering a breach or acybersecurity incident can be harmful to your organization’s reputation, which in turn is harmful to your bottom line. You can use our Cybersecurity Checklist to see the technologies and safeguards Eze Castle offers based on which tier you choose, Standard or Advanced.
2.) Adopting New Technology
Technology adoption is a common challenge for firms of all sizes. Smaller firms may not have the budget or resources to dedicate to the adoption of new technology, while larger firms face their own set of challenges, with more end-users, and potentially bandwidth restrictions of their own.
Whether adopting new applications or migrating to the cloud, having a trusted third-party vendor to guide you through the selection and implementation process can be invaluable. Using these vendors as consultants can help your firm navigate IT and technology decisions and choosing the best fit for your firm. When choosing a vendor for your technology needs, be sure to choose a firm with industry leading, best-of-breed solutions and 24x7x365 support.
In any relationship, when things are good, they’re usually pretty good. And when things are bad, sometimes they are really bad. There may come a point when you need to evaluate whether you’re still a good fit together.
Just like with a romantic relationship, your firm’s connection to a service provider (especially an infrastructure/cloud provider you rely on daily) should be strong enough to withstand a few hiccups and healthy enough to warrant open communication at all times. In some cases, it might be clear that you’re in a good place and moving forward together, but sometimes there are sure signs it’s time to call it quits.
Here are a few of those signs:
1. Your provider’s service levels are not up to snuff.
Maybe you recently experienced a major service outage or find that you not-so-conveniently have to work around confusing and interrupting maintenance schedules during work hours. You’re constantly frustrated and don’t feel like you are receiving the level of support that was agreed to – both verbally and as part of your Service Level Agreement (SLA).
Your SLA should clearly indicate the uptime standard (e.g. 99.995% availability) as well as repercussions to any breaches in the contract (for example, service credits) and associated RPOs if disaster recovery is involved
When it comes to protecting your business, you can never be too prepared. In the competitive investment management world, downtime for any reason is not an option. Whether it be a natural disaster, inclement weather, or even a flu epidemic sweeping the office, your firm needs to have both Disaster Recovery and Business Continuity Plans to ensure that your firm doesn't undergo the costly financial and reputational losses in the case of downtime.
Firstly, it’s important to understand difference between Disaster Recovery and Business Continuity Plans.
Disaster Recovery refers to the policies and procedures to enable the recovery of key technology systems after the event of a disaster. A robust DR program ensures that data centers are highly redundant, have multiple entry fiber paths and multiple power grids, undergoes annual testing, and comes with around the clock support, as outages can easily occur outside of business hours.
Business Continuity refers to a document that outlines how your firm will respond when confronted with unexpected business disruptions. A cohesive Business Continuity Plan has proven methodology to ensure your firm is prepared for the unexpected, includes a detailed risk assessment and business impact analysis, has strategies and plan development, includes testing and training, and is continuously evaluated and maintained. Our new eBook outlines the seven steps to create a BCP, download your copy here.
Whether it is an intern heading back to school or a full-time employee moving on, an investment firm must have a detailed employee termination checklist for information technology (IT) that is diligently followed.
But what are the key items that must be on your employee termination checklist?
Here’s An Employee Termination Checklist Foundation:
Contact IT Department or IT Provider to terminate or change network or application logins
Ensure subscriptions are either cancelled or changed
Collect employee equipment such as laptops, monitors, mobile devices, etc.
Ensure employee has documented transition procedures
Reset user password and disabled account
Operational due diligence has become a hot topic that continues to gain importance and attention throughout the alternative investment industry. Over the past few years, as regulations have changed and investors increasingly seek transparency, funds are spending more time than ever preparing for the due diligence process.
It is no surprise that the investment industry landscape is becoming more and more competitive. As this trend continues, investors are raising their expectations and looking towards funds that display the highest levels in operational excellence. One important way to ensure your firm meets these high standards is to complete a due diligence questionnaire (DDQ) that can be shared with potential investors.
A comprehensive DDQ covers a wide range of topics, from assets under management to audited financial statements and investment strategies. One major area of focus is the fund’s IT and accompanying cybersecurity policies and procedures.At Eze Castle, we frequently assist our clients in completing DDQ questions on technology, and we often see the same types of questions popping up. So, to help you get started, we have compiled the following list of some frequently asked DDQ questions.