By Viktor Tadijanovic, CTO, Abacus Group LLC | Article Rating: |
|
December 31, 2013 07:15 AM EST | Reads: |
7,465 |

As regulatory oversight across the financial landscape continues to drive greater transparency and stricter penalties, outsourcing to the private cloud has become an integral resource for hedge fund and private equity managers. Cloud infrastructure services are now synonymous with increased efficiency, decreased costs and added security. However, security in particular remains a key concern for many financial services firms. The costs a cloud services provider can incur in dealing with a security breach, both financially and to its reputation, can be devastating.
Infrastructure providers, particularly those catering to financial services firms such as hedge funds, must have strict policies in place and employ best practices to ensure that their clients receive the same level of security as they would achieve with an on-site network. While most participants in the financial services industry are familiar with the benefits that cloud computing offers in terms of efficiency, scalability and cost savings, two of the features that seem to be forgotten are increased security protection and risk mitigation.
The key differentiator between launching an in-house network as opposed to outsourcing to a hosted services provider is that service providers offer economies of scale that enable them to deploy institutional strength security services to ensure the client's environment is protected and secure. A large portion of spending by cloud providers goes directly into measures that ensure the highest levels of security and data protection. This will typically include services such as advanced intrusion detection, traffic monitoring, forensic analysis and incident history/investigation. These systems and processes can range into the hundreds of thousands and even millions of dollars in some cases. Therefore they are usually not deployed by a hedge fund or private equity firm's in-house IT staff.
One of the major advantages of a private cloud environment is that it can significantly reduce risks by providing secure, multi-layer segmentation of client access and data. When examining cloud providers, financial service firms should keep in mind a few key factors. The first factor is the location of your data. Clients will always have questions about where their data is being stored, who can gain access to it and how it is secured from being accessed. This may be the most important factor for cloud computing providers, but it is also something that is commonly overlooked when potential clients are reviewing data security. Most data breaches do not take place via cyber-attacks, but instead they will occur when hard disks or backup tapes are misplaced or stolen. A common best practice backup procedure for an on-site server is to rotate the tapes off-site.
Consideration must also be given to the concept of physical servers versus a shared environment. In a service provider's data center, multiple companies will share services on the same infrastructure, which in some cases may raise a red flag in the mind of a CFO or CTO. When resources in a data center are shared, security and segregation must be guaranteed at every layer, from the server to the network to the storage.
Network is the next factor that must be considered. Methods such as data encryption - where files may be encrypted prior to transmission - can prevent data from being used should it be compromised at any point during transmission. The hosted service provider is responsible for supplying the firm with a storage solution that provides secure data segmentation and enables rapid resource allocation. The hosted storage provider should provide high data availability and disaster recovery, particularly after what Wall Street firms experienced during Hurricane Sandy in October 2012. Service providers must also be able to offer data replication for off-site backup and archiving in the case of an emergency. Protecting the firm against all possible natural disasters and intrusions is now a major deciding factor for financial decision-makers.
Another factor that is now emerging as a standard business practice due to the amount of executives that are constantly on the go is the management of mobile devices. In today's fast-paced business environment, mobile devices essentially serve as an extension of a firm's offices, so they should be incorporated into all security measures. A service provider should take the necessary steps to actively manage these resources, including implementing and managing a password policy and being able to remotely wipe the device's memory of all information if it is lost /stolen.
The bottom line is that companies considering a move to the private cloud need assurance that service providers offer security standards and best practices that are better than what they can received from on-site or internal technology services. By taking into consideration the various components discussed throughout this piece, firms can ensure up front that a service provider has taken the necessary steps to provide a robust and secure platform environment for their business technology.
Published December 31, 2013 Reads 7,465
Copyright © 2013 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Viktor Tadijanovic, CTO, Abacus Group LLC
Viktor Tadijanovic is a Founding Member & CTO of the Abacus Group. He is the principal architect for Abacus's Hosted IT Platform. Previously, he was a Senior Systems Architect at the Gerson Lehrman Group (GLG). Prior to GLG, he was a Technical Director at Eze Castle Integration where he was responsible for managing technology delivery to all hedge fund clients in New York City and Connecticut. Viktor possesses accreditations from NetApp, Cisco, VMware, Citrix and Microsoft. He received a degree in Network Engineering and Data Communications from the Chubb Institute in New York.
Apr. 24, 2018 01:00 AM EDT Reads: 2,441 |
By Pat Romanski Apr. 23, 2018 11:15 PM EDT Reads: 2,822 |
By Elizabeth White ![]() Apr. 23, 2018 11:00 PM EDT Reads: 6,438 |
By Elizabeth White ![]() Apr. 23, 2018 11:00 PM EDT Reads: 1,144 |
By Liz McMillan ![]() Apr. 23, 2018 10:30 PM EDT Reads: 17,455 |
By Yeshim Deniz ![]() Apr. 23, 2018 09:45 PM EDT Reads: 6,869 |
By Liz McMillan ![]() Apr. 23, 2018 09:45 PM EDT Reads: 22,663 |
By Liz McMillan ![]() Apr. 23, 2018 07:00 PM EDT Reads: 13,674 |
By Elizabeth White ![]() Apr. 23, 2018 07:00 PM EDT Reads: 6,041 |
By Elizabeth White ![]() Apr. 23, 2018 05:45 PM EDT Reads: 5,872 |
By Elizabeth White Apr. 23, 2018 05:30 PM EDT Reads: 7,484 |
By Pat Romanski ![]() Apr. 23, 2018 04:15 PM EDT Reads: 7,066 |
By Pat Romanski Apr. 23, 2018 02:45 PM EDT Reads: 1,481 |
By Liz McMillan Apr. 23, 2018 02:15 PM EDT Reads: 1,803 |
By Elizabeth White Apr. 23, 2018 01:30 PM EDT Reads: 1,845 |
By Elizabeth White ![]() Apr. 23, 2018 01:15 PM EDT Reads: 4,144 |
By Yeshim Deniz ![]() Apr. 23, 2018 01:15 PM EDT Reads: 2,127 |
By Liz McMillan ![]() Apr. 23, 2018 12:00 PM EDT Reads: 5,306 |
By Liz McMillan ![]() Apr. 23, 2018 12:00 PM EDT Reads: 13,299 |
By Pat Romanski Apr. 23, 2018 12:00 PM EDT Reads: 2,431 |