In a recent webinar, members from the Eze Castle team talked about the security layers that are essential to cloud security for all investment firms. Topics for discussion include:
How to approach a security-first strategy to cloud systems
Defining the essential security layers from the outside in
Must have security safeguards from multi-factor authentication to employee training techniques
To start, we typically find three points in time when it makes the most sense for an existing firm to evaluate a move to the cloud. This includes during an office relocation, adding new applications, and an IT refresh.
Office relocation: This is an ideal time to evaluate your IT environment to determine if a refresh is around the corner. Often it doesn’t make sense to invest in moving a Comm. room that will require a refresh in the near term. We have found that migrating to a cloud environment prior to a relocation can be ideal because it makes the move very low risk and simplifies the process.
New applications: The cloud, of course, is great for applications because it gives firms flexibility to add on as their businesses grow.
Technology refresh: Hardware will typically run a lifecycle of 3 or 4 years before it needs to be refreshed. If you’re getting to that point where your servers and other hardware are getting stale, and if you’re going to be investing in new technology and upgrades anyway, it’s the perfect time to evaluate a cloud solution.
With the new year now upon us, what better time to create your 2019 resolutions for your firm's IT strategy! As we know, the threat landscape is constantly evolving, cloud computing has gained momentum and is now widely accepted in the investment management industry, and new technologies and trends are emerging to support firms with their IT and operational needs.
Continue reading for Eze Castle Integration's recommendations for IT resolutions for 2019:
1.) Create a Cybersecurity Incident Response Plan
As the experts in the industry say, it's not if, but when, a cybersecurity incident will occur. According to a recent report by TechCrunch, cyber attacks are set to spike again in 2019, meaning firms need to continue to stay on top of cybersecurity best practices, utilizing layers of security to protect sensitive data, of course, have a Cybersecurity Incident Response Plan. This includes creating an Incident Response Team consisting of members throughout different departments in the organization, and mapping out the steps to take before, during and after a security incident.
Building on this, developing a Written Information Security Plan, or a WISP, is critical to securing your information, but also required if your firm is registered with the SEC. Having documentation of your firm's plan and systems in place to protect personal information and sensitive company information can help mitigate threats and risk against and protect the integrity, confidentiality, and availability of your firm's data.
3.) Create a comprehensive employee security training program
If you don't have an employee training program, it is critical that you create one in 2019. If you already have an existing employee training program, you must periodically audit this program, ensuring it is both effective and current. Having a managed phishing and training program is an effective way to train employees on how to spot and report phishing and social engineering attempts. These simulated phishing attacks against your employees provide real-time and interactive training.
As we wrap up 2018 and start looking forward to 2019, we thought it would be helpful to share some of our favorite cybersecurity articles from this year!
You may also want to check out the launch of our online Cybersecurity Information Center, three new whitepapers and a series of educational webinars.
Now is the perfect time for firms to reflect on what’s often classed as a key contributing factor to cyber breaches – its employees. We hate to admit it, but human error tends to be the weakest link of any defense practices firms have in place. The IBM X-Force Threat Intelligence Index 2017 advises that simply having the right technology is not enough to ensure protection from threats we’ve seen grow in frequency and sophistication, of late. Reputable airline, British Airways, is one of many businesses to fall victim to a reputation damaging data breach in 2018, compromising the personal and financial details of approximately 380,000 customers.
Read more on how to build a strong human firewall for your firm here.
As hedge funds continue to grow and prosper, the need for a “one-stop shop” IT
provider is becoming increasingly necessary. As a fund manager, your job is demanding enough; therefore, finding one company that can hone in on your technology needs and quickly provide solutions is a smart investment, as well as a good relief. Here are a few of the main benefits firms can realize in working with a single, all-inclusive IT provider.
For investment management firms, downtime caused by technology or application failure is not an option. Efficiency and speed are critical functions in this industry, and if your firm doesn't have the in-house experience to manage and troubleshoot IT issues, unnecessary downtime is inevitable. Continue reading for four signs that your investment management firm could benefit from an IT help desk partnership.
1.) Teams are suffering from downtime.
2.) Processes are stagnant.
3.) The firm doesn't have the in-house experience.
4.) Your IT team doesn't have the bandwidth to support the firm's employees.
If your firm is showing any of the signs above, you could be operating at lower efficiency and wasting valuable time and resources. This is not only frustrating for employees, but bad for the bottom line. Utilizing a help desk partnership is an excellent way of streamlining processes, creating additional resources for employees, improving efficiency and even increasing morale.
When evaluating partners for your help desk, make sure that they have deep financial services industry knowledge and experience, are well known and recognized in the industry, and come with raving reviews. If your firm is global, make sure that they offer global support, and have engineers live 24x7x365. On top of this, having a partner who utilizes a service management system, or a ticketing and tracking system, will keep your tickets organized and helps streamline the client support.
For more information on Eze Castle's Help Desk, contact us here.
It’s no secret that technology is the key to seamless business operations. This explains the increase in IT needs and spend we have seen over the years. Moreover, a report from Gartner predicts that spend will increase by up to three percent by 2020, and more so thereafter.
Being cost savvy whilst reaping the benefits of technology and infrastructure advances is the ultimate balance Finance Directors across the globe wish for. Is this possible to achieve, you ask? Yes, we say. Keep reading for three four considerations.
As many of us are preparing to feast this Thanksgiving and start preparing for the unofficial start to holiday shopping, retail stores are getting ready for their biggest days yet- Black Friday and Cyber Monday. While many are searching the internet high and low for the best deals, cyber criminals and hackers are searching high and low for their next victims. Black Friday and Cyber Monday are the perfect time for these cyber criminals to take advantage of those who aren't aware of the risks.
Here are some additional quick tips for cyber safety during the holiday shopping season:
Do not click on a link unless it is from a trusted source
Make sure the destination URL is where you were intending to go
Make sure your phone and other devices are password protected
Use unique passwords for every online account
Do not enter personal information over public Wi-Fi networks
Use a credit card instead of a debit card when making purchases
Check the 'To', 'From' and 'CC' fields of an email
Determining when the right time to move to the cloud is a challenge that many firms can face. The “real” answer is that it is never too early to outsource your IT. The future is cloudy, but that’s a good thing. Here are our 5 signs that it is time to outsource your IT.
Your Business Is in the Midst of Growth/Office Re-location
Moving to a new office securely, effectively and without complications takes a lot of planning and strategy. There are many technology areas that a firm should consider before, during, and or after a move. One of them includes outsourcing your IT. It is important that your firm takes the time to account for all the technology and data in its current office space and how much equipment you are bringing to the new space, so you can have enough space and power. Some firms might realize that the space they are moving to won’t be big enough, or that it is not fiscally logical to move outdated technology.
An office move or relocation is an ideal time to switch to the cloud. Many firms are understandably reluctant to take on the expense of moving a massive, expensive, and often outdated infrastructure to a new location – particularly if the company expects to phase out certain portions or components in the following 24-36 months. In such cases, migrating to the cloud before relocating an office can be a smart move.
For alternative investment firms, there a number of business and operational challenges to navigate on a daily basis. With the evolving IT landscape and new technologies and best practices emerging, it can be difficult to stay up to speed. Here, we’ll outline four common IT challenges for alternative investment firms.
With the security landscape becoming more complicated, it can be a challenge for alternative investment firms to stay up to date with the latest and greatest trends and technologies in security. Hackers are becoming more sophisticated, and social engineering attacks are on the rise, so it is crucial to ensure that your firm has the right protections and level of security to keep your confidential information safe.
To decipher which means of security are right for your firm, you need to look at your company size and risk profile. Suffering a breach or acybersecurity incident can be harmful to your organization’s reputation, which in turn is harmful to your bottom line. You can use our Cybersecurity Checklist to see the technologies and safeguards Eze Castle offers based on which tier you choose, Standard or Advanced.
2.) Adopting New Technology
Technology adoption is a common challenge for firms of all sizes. Smaller firms may not have the budget or resources to dedicate to the adoption of new technology, while larger firms face their own set of challenges, with more end-users, and potentially bandwidth restrictions of their own.
Whether adopting new applications or migrating to the cloud, having a trusted third-party vendor to guide you through the selection and implementation process can be invaluable. Using these vendors as consultants can help your firm navigate IT and technology decisions and choosing the best fit for your firm. When choosing a vendor for your technology needs, be sure to choose a firm with industry leading, best-of-breed solutions and 24x7x365 support.