New technology is emerging, cloud computing is becoming the new norm and cybersecurity threats are growing exponentially, but how does this impact investment management firms across the globe? Eze Castle Integration surveyed 150 senior-level executives with IT decision making responsibility to find out how the current landscape has shaped their strategies and attitudes on cybersecurity, IT spend and third-party outsourcing.
Our newest infographic explains the findings: see it here!
More than ever before, technology has become a key element of the already thorough due diligence processes that businesses go through, in order to secure funding from investors. Thus, being able to illustrate a strong and resilient infrastructure is vital for both start-up and established firms operating in today’s wider professional services landscape.
Today’s blog article will take a look commonly asked investor due diligence questions (DDQs), as well as share best practices on how firms can leverage technology to win the trust of investors and subsequently unlock the capital needed to help their business flourish.
Download a copy of our whitepaper ‘Outsourcing in the Alternative Investment Management Industry’ to learn more about managing third-party vendor relationships effectively.
A report by leading global researcher, Gartner, found that 91% of all cyber attacks start with phishing. This reinforces the argument that human error is perhaps the weakest link in the security chain of any organization. In our most recent webinar, we illustrate the value of investing time and money to make employees your strongest security asset.
Social Engineering: The art of manipulating people so they give up confidential information
Phishing: Typically through email, but can also be via telephone or other communications where a user is tricked into browsing a malicious URL designed to appear like a site they trust, or provided with other fabricated content such as an attachment containing malware
Continue reading for a recap of the webinar.
In today’s investor landscape, operational due diligence (ODD) can eliminate a manager from consideration, regardless of a positive investment management analysis. With ODD teams increasingly using this veto-power in the decision-making process, it is important for asset managers to be cognizant and well-prepared for thorough operational due diligence tests.
Together, leading accountancy and advisory firm, EisnerAmper, and trusted global provider of managed IT services, Eze Castle Integration, hosted a breakfast seminar to share secrets to operational due diligence excellence with investment firms, in London last week.
Today’s blog article will round-up the technology considerations concerning ODD, covered at the event by Dean Hill, Executive Director at Eze Castle Integration.
If there’s one thing we’ve learned over the years when it comes to cybersecurity, it’s that there’s a whole lot more to creating a secure investment firm than robust technology. Before identifying infrastructure components and implementing operational policies, a firm must first be clear on what its attitude is toward security. This attitude will filter through the company from the top down, and will therefore dictate how employees and the business as a whole operate on a daily basis.
To give you a clearer understanding of what we mean, we’ve created three security profiles that cover a wide spectrum in terms of security attitudes and practices.
Under the Radar: Low Security
If you’re attitude toward security is low, odds are you’re barely scraping the surface in terms of what practices and policies you should be employing to maintain proper security firm-wide. You likely rely on quick fixes to solve problems instead of looking at the bigger picture and thinking strategically about how security can both benefit and protect your business. You’ve employed minimal preparedness efforts and could be in for a difficult task if faced with a serious security incident. You probably take a “it won’t happen to me” attitude and don’t take security seriously enough – a stance that could endanger your firm in the long term.
You can also check out our latest Whitepaper on the required safeguards for 2019 and how to pursue a "security-first" posture.
Technology plays a vital role in determining how successful organisations are in meeting their goals. Together, the right technology and IT strategy enables a firm to practice agility through adapting its business models to changing needs of the firm, as well as enhancing existing services and products to meet the ever-evolving needs of the market. Having the right security practices in place is also fundamental to ensuring a firm’s reputation remains intact no matter how aggressive the cyber threat landscape may become.
This blog article will share steps to building the best technology platform to deliver your organisational goals in today’s digital age.
If you live in an area that often receives snow, you know and expect what the winter season will bring: disruption, delays, cancellations, and closures of roads, busses, trains, boats and subways that transport people to and from work. With this in mind, you should also be prepared for something more such as power outages, force evacuations, impact deliveries, and state travel ban.
In today’s article, we will take a look at some tips to help mitigate, prepare, respond, and recover during the winter weather.
In a recent webinar, members from the Eze Castle team talked about the security layers that are essential to cloud security for all investment firms. Topics for discussion include:
How to approach a security-first strategy to cloud systems
Defining the essential security layers from the outside in
Must have security safeguards from multi-factor authentication to employee training techniques
To start, we typically find three points in time when it makes the most sense for an existing firm to evaluate a move to the cloud. This includes during an office relocation, adding new applications, and an IT refresh.
Office relocation: This is an ideal time to evaluate your IT environment to determine if a refresh is around the corner. Often it doesn’t make sense to invest in moving a Comm. room that will require a refresh in the near term. We have found that migrating to a cloud environment prior to a relocation can be ideal because it makes the move very low risk and simplifies the process.
New applications: The cloud, of course, is great for applications because it gives firms flexibility to add on as their businesses grow.
Technology refresh: Hardware will typically run a lifecycle of 3 or 4 years before it needs to be refreshed. If you’re getting to that point where your servers and other hardware are getting stale, and if you’re going to be investing in new technology and upgrades anyway, it’s the perfect time to evaluate a cloud solution.
This article first appeared on Hedgeweek as part of Eze Castle Integration's Technology Resource Center.
A string of high-profile ransomware attacks in recent years, led by the WannaCry attack in May 2017, has led to a growing awareness among the business community on the importance of proper patch management.
Just as your iPhone regularly alerts us to a new system upgrade, so computer networks must update their software to address vulnerabilities, which left unattended could lead to a serious cyber breach.
The importance of patch management was highlighted in a recent webinar featuring Scott Reardon, Director of Global Technical Services at Eze Castle Integration.
Beyond simply complying with expectations, patch management is an essential line of defence in cybersecurity protection. As Microsoft’s President, Brad Smith, once noted, as cyber criminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems.
Otherwise, they are literally fighting the problems of the present with tools of the past.
“Patch management is really applying new or changing existing code to a software program,” said Reardon. “It stems from enhancements to bug fixes and in today's world it's more popularly associated with security fixes. It is definitely a lot more complex than when I started out in the IT industry.”
For alternative investment firms, there a number of business and operational challenges to navigate on a daily basis. With the evolving IT landscape and new technologies and best practices emerging, it can be difficult to stay up to speed. Here, we’ll outline four common IT challenges for alternative investment firms.
With the security landscape becoming more complicated, it can be a challenge for alternative investment firms to stay up to date with the latest and greatest trends and technologies in security. Hackers are becoming more sophisticated, and social engineering attacks are on the rise, so it is crucial to ensure that your firm has the right protections and level of security to keep your confidential information safe.
To decipher which means of security are right for your firm, you need to look at your company size and risk profile. Suffering a breach or acybersecurity incident can be harmful to your organization’s reputation, which in turn is harmful to your bottom line. You can use our Cybersecurity Checklist to see the technologies and safeguards Eze Castle offers based on which tier you choose, Standard or Advanced.
2.) Adopting New Technology
Technology adoption is a common challenge for firms of all sizes. Smaller firms may not have the budget or resources to dedicate to the adoption of new technology, while larger firms face their own set of challenges, with more end-users, and potentially bandwidth restrictions of their own.
Whether adopting new applications or migrating to the cloud, having a trusted third-party vendor to guide you through the selection and implementation process can be invaluable. Using these vendors as consultants can help your firm navigate IT and technology decisions and choosing the best fit for your firm. When choosing a vendor for your technology needs, be sure to choose a firm with industry leading, best-of-breed solutions and 24x7x365 support.