Eze Castle Integration Eze Castle Integration

Hedge IT Blog

> Subscribe to Blog Entries about Infrastructure RSS

Hedge Fund Cloud Summit Five Years Later: What's Changed?

By Kaleigh Alessandro,
Thursday, April 20th, 2017

I love a good Throwback Thursday, and for today's post, I want to throw it back to five years ago this month. It was April 2012, and we were hosting one of our biggest and most ambitious events: a Hedge Fund Cloud Summit. At the time, cloud computing was widely discussed and adoption was certainly growing, but there were still a number of lingering questions heard across the industry with regards to financial and business impacts of the cloud, effects on in-house IT staffs and, of course, security. 

We still answer many questions related to these topics today, so I thought it might be fun to take a look back at the four panel topics we addressed back in the 2012 event and examine how much the conversation has really changed - or in some cases, how perhaps it's stayed the same. 

Making the Business (and Financial) Case for the Cloud

For hedge fund COOs and CFOs, the business impact of a move to the cloud is still a critical consideration for established firms. But many of the myths and common questions that were prevalent back in 2012 are now pretty easy to explain. How do investors feel about the cloud? In 2017, investors are generally comfortable with the cloud if not in favor of it over legacy, on-premise IT infrastructure setups. Is the cloud really more cost-effective? This question was a long-standing 'myth' that's been debunked; for some firms, yes, costs may be lower depending on their previous infrastructure and personnel situation, but for all, the predictability of cost is what has become a primary driver for cloud adopters. 

Categorized under: Cloud Computing  Security  Operational Due Diligence  Outsourcing  Launching A Hedge Fund  Private Equity  Hedge Fund Operations  Infrastructure  Trends We're Seeing 



The Value of a Global Network: Q&A with Networking Expert Mike Abbey

By Eze Castle Integration,
Tuesday, April 18th, 2017

With the gravitation towards all things cloud, understanding the role a global network plays in all layers of connectivity is crucial, especialy for the financial sector where firms rely on low-latency and seamless access to counterparties across the globe. 

mike abbey eze castle integration headshotSo, as we often like to do here on the Hedge IT blog, we turned to the experts.
 
Mike Abbey is the vice president of network services here at Eze Castle Integration. He joined the company in 1999 and is currently responsible for ECINet, our global carrier class network platform. Mike also provides design consulting and best practice audits on fault tolerance and scalable optical, Ethernet, and IP-based networks, from single and multi-site domestic networks to multi-site, global deployments. He is a graduate of Binghamton University.
 
Q. Mike, what are you hearing from clients regarding networking and Internet services?
A. To be honest, most hedge fund managers don’t have the time – and don’t necessarily want – to grapple with the complicated intricacies of securing and maintaining an enterprise-class network or Internet service. That’s where my team and I come in. We help simplify this process for our clients using Eze Castle’s ECINet global private network.

Categorized under: Communications  Cloud Computing  Outsourcing  Hedge Fund Operations  Infrastructure 



Top 10 IT Security Audit Gaps and How to Avoid Them

By Katelyn Orrok,
Tuesday, April 11th, 2017

When it comes to cybersecurity there are many factors that you need to be conscious of. During a recent webinar, speakers from Eze Castle Integration and Wolf & Company shared 10 of the most common cybersecurity gaps identified during an IT audit/risk assessment. We’ve listed the top 10 below and shared some particulars on a few of the most critical (in our opinion). For more detail on how these gaps are presenting themselves – and also best practices for avoiding them – click here to listen to the full webinar replay

Top 10 IT Security Gaps  

  1. Risk Management and Governance

  2. IT Asset Management

  3. Vulnerability Assessments

  4. Patch Management 

  5. Social Engineering & User Training 

  6. Business Continuity Planning

  7. Multi-Factor Authentication

  8. Third Party Vendor Management 

  9. User Provisioning and Management 

  10. Incident Response Planning/Procedures 

Risk Management and Governance

Responsibility and accountability for risk management starts in-house – and at the top. Even for firms that rely on third party outsourced providers, it’s imperative (and often overlooked) to establish governance controls and outline who internally maintains ownership of the firm’s security posture – and more broadly, who owns the firm’s risks. 

Categorized under: Security  Operational Due Diligence  Outsourcing  Private Equity  Hedge Fund Operations  Infrastructure  Business Continuity Planning  Trends We're Seeing  Videos And Infographics 



IRS Phishing and Malware Scams Abound, Here’s How to Avoid the Bait

By Mary Beth Hamilton,
Tuesday, April 4th, 2017

As April 18th (US) and April 30th (Canada) near, cyber scammers are pulling out all their tax scams to trick consumers and capitalize on the flurry of activity. Our friends over at Proofpoint say that “this year, [they have] tracked malware distribution in addition to the customary phishing schemes among the email threats related to federal taxes.”

The IRS is also urging people to remember that “the IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. In addition, IRS does not threaten taxpayers with lawsuits, imprisonment or other enforcement action.”

So to help our clients stay vigilant, we’re highlighting some recent phishing tricks and sharing phishing flags every employee should recognize.

IRS Phishing and Malware Scam Examples

Example 1: Malware Distribution

This first example centers on malware delivery and was identified by the Proofpoint researchers who analyzed numerous tax/IRS-related phishing emails. In this IRS phishing campaign, the recipient was asked to read the IRS Privacy Policy, which was attached to the email (hint: don’t open unexpected attachments!). With this campaign, once the attachment was opened and the embedded macros where enabled, the macros downloaded malware (Dridex botnet ID 1105).


IRS malware scam email by Proofpoint

Categorized under: Security  Operational Due Diligence  Hedge Fund Operations  Infrastructure  Trends We're Seeing 



Stuck on the Technology Treadmill? A Case for Hedge Fund Managed Services

By Kulvinder Gill,
Tuesday, March 28th, 2017

The technology treadmill is a tough place to be these days. Technology refresh cycles last only a mere three years, forcing firms to replace their infrastructures and make costly software and hardware upgrades on a too-frequent basis. And with hedge fund budgets tighter than ever, many firms cannot afford to stay on this path.Hedge Fund Cloud, 5 Reasons, hedge fund technology

But the hedge fund technology treadmill is not a firm’s only option. Costly in-house, 'traditional' IT services have given way to more cost-effective outsourced IT and managed services that get firms off the treadmill and on a path to success.

Let’s have a look at some of the key reasons why hedge funds and other investment management firms are moving from on-premise technology infrastructures to cloud and managed services.

Keys factors driving hedge funds to managed services

Many firms are turning to managed IT services because it allows them to align their IT requirements with their business needs, including tighter control on budgets and staff. Moving to a managed service platform provided by a reputable outsourced IT provider not only makes it easier to deploy technologies, but also allows firms to benefit from platforms inherently designed to meet the constraints of limited IT resources and budgets.

Categorized under: Cloud Computing  Security  Outsourcing  Infrastructure  Trends We're Seeing 



Essential Building Blocks to Hedge Fund Cyber Risk Management

By Lauren Zdanis,
Thursday, March 23rd, 2017

The following article originally appeared in HFMWeek's Cyber Compliance Focus.Hedge Fund Cybersecurity Compliance

It’s not enough to have strong security policies. And it’s not enough to have robust technologies in place to ward off cyber threats. In truth, it’s not even enough to have both of these.

An effective cybersecurity program, rather, can only be achieved through a consistent and comprehensive strategy that touches layers across the entirety of the organization – from perimeter security and access control to policy enforcement and employee training. Without each of these building blocks, the effectiveness of a cyber risk management program is crippled at best.

And today’s standards for cybersecurity are increasing rapidly.

Categorized under: Security  Private Equity  Hedge Fund Operations  Hedge Fund Regulation  Outsourcing  Infrastructure  Communications  Trends We're Seeing 



Five Reasons Why Private Equity Firms Are Moving to the Cloud

By Kaleigh Alessandro,
Tuesday, March 21st, 2017

Traditionally, private equity firms have allocated significant capital budgets to build out their own sophisticated Communication (Comm.) Rooms, which can take months to provision and bring online. With servers to buy and install, software to license and configure, and voice/networks to deploy – not to mention recruiting, hiring, and managing expensive and hard-to-find IT talent – it’s no wonder cloud solutions have emerged as the dominant choice for computing infrastructures at private equity firms large and small.

Not surprisingly, many firms – including those with well-established in-house infrastructures – are making the move to the cloud for a number of compelling reasons, most notably these five:

  1. Timing. Understanding when the right time to move to the cloud might be is a smart first step. There are three typical inflection points: when you’re adding new applications, moving or opening a new office, or in need of an IT refresh. But even if you’re not under any of those circumstances, there are a lot of motivating factors (keep reading).

  2. Cost Containment. You may not always be able to reduce the cost of IT in the long-run with the cloud (depends on your firm’s size and scope), but you will have a predictable budget to work with, which means you can contain costs and create greater predictability and smoother, linear cash flows. As an added bonus, you can better allocate funds to other strategic projects and areas more directly relevant to the business mission. Even within the IT discipline, instead of spending time on mundane, daily operation of commodity IT resources, the firm can focus on proprietary application development, application integration, cyber security protections or other strategic initiatives.

Categorized under: Cloud Computing  Security  Outsourcing  Private Equity  Disaster Recovery  Infrastructure  Trends We're Seeing 



Cybersecurity Basics for Asset Managers (Webinar Replay)

By Katelyn Orrok,
Tuesday, February 28th, 2017

When it comes to cybersecurity, the list of haves and have nots is constantly evolving due to the changing regulatory and threat landscape. In case you missed it, we hosted a webinar this week on Cybersecurity Basics for Asset Managers, during which we uncovered various elements within three primary cybersecurity layers: from Tier 0 (Basic Protection) to Tier 1 (Industry Standard) to Tier 2 (Advanced Protection).

How does your firm stack up when it comes to your cybersecurity practices? Watch the replay below and find out where you fit in.

  • Tier 0: We call this level Tier 0 in part because, well, there’s zero chance your firm will have long-term success in thwarting cyber risks if you don’t employ these basic security measures.

Categorized under: Security  Hedge Fund Operations  Hedge Fund Regulation  Infrastructure  Videos And Infographics 



Five Steps to Effectively Managing Third-Party Service Provider Risk

By Kaleigh Alessandro,
Tuesday, February 21st, 2017

Hedge fund outsourcing is not a new trend, as buy-side firms have long dispersed the responsibility of many functions to third-party service providers more adept and accomplished at said functions. Technology, for example, is an area where many firms choose to leverage outsourced providers to manage complete or partial infrastructures, support projects or supplement on-site IT staffs. The benefits to outsourcing are numerous, but the true measure of a successful service provider relationship comes when an investment firm’s level of risk in using that provider is low.Service Provider Risk
 
Risks are everywhere, particularly in today’s cyber-focused environment. But the risk a hedge fund undertakes when outsourcing a function of its business to a third-party is enormous. Not only is the firm relinquishing control to an outside company, it also takes on the added burden of managing that company, in addition to its own.
 
It’s one thing to put faith in your service providers to do their jobs effectively. It’s another to ignore your own firm’s responsibility to manage that third party as a means of protecting your own firm. Successfully managing risk associated with third-party service provider relationships is a full-time job, especially for financial services firms working with dozens of various parties. Here are a few tips to help your firm properly manage third-party service provider risk:

Categorized under: Hedge Fund Operations  Launching A Hedge Fund  Cloud Computing  Security  Infrastructure  Trends We're Seeing 



Cybersecurity, Cloud Top List of Private Equity Investment Areas for 2017

By Kaleigh Alessandro,
Tuesday, January 17th, 2017

As you probably recall, our 2016 Private Equity CTO Survey – which we released at the end of November – highlights key IT priorities and investment areas driving private equity firms in 2017. And while we shared some high-level findings at the outset, we’d like to take the opportunity to dig a little deeper into some of the survey results over the next two weeks. Since the survey itself covered four primary areas, our next four Hedge IT articles will examine each of these areas independently and highlight some of the most interesting and thought-provoking findings.

To kick us off, let’s start by taking a look at some critical business priorities for private equity firms in 2017.

Drivers for Private Equity IT Investments

We all know and appreciate how technology can impact our day-to-day operations. For private equity firms, advances in technology have enabled their businesses to become more efficient and drive growth across the entire organization.

When asked to identify the top drivers impacting IT spend in the next 12 months, survey respondents highlighted the need for increased protection against growing cybersecurity threats, a desire to improve the investor/client experience, and the goal of improving efficiencies by refreshing outdated or legacy technology.

Categorized under: Private Equity  Cloud Computing  Security  Disaster Recovery  Outsourcing  Infrastructure  Trends We're Seeing 



View earlier posts in the archive

Recent Posts / All Posts