By Vanessa Malone
With the world’s sudden and expedited transition to remote operations due to the COVID-19 pandemic, it has never been more timely to re-approach how your firm is managing and protecting its data.
While many modern workplaces have undergone significant changes to adopt a cloud-first data management strategy, those in heavily regulated environments like broker-dealers, investment advisory firms, and other financial services firms have been slower to adopt.
Yesterday, KPMG International and HFS research shared the results of two global, cross-industry quantitative surveys comprised of 900 technology executives at Global 2000 enterprises.¹ The survey studied the current and future state of emerging technologies.
59% of executives surveyed say that COVID-19 has created an impetus to accelerate their digital transformation initiatives but about 4 in 10 say they are halting investment in emerging technology as a result of COVID-19.
At first this sounds like a paradox. How can you halt investment in the solutions that will position your company to succeed in the new digital climate?
A deeper dive shows that companies are focusing on “must-have” solutions with 56% of those surveyed highlighting cloud migration as an absolute necessity during COVID-19.
While a necessity, this data management project needs to be carefully planned and executed, especially with firms who have strict regulatory and compliance obligations. As a fintech company offering a turnkey data management solution, we wanted to provide some items to consider as you work to migrate your company’s data and operations to the cloud.
1. Make data management a priority today
Even before COVID-19, there has been a gradual shift in data management and protection. As the network perimeter for company’s expanded and information became more distributed, the nature of attacks on data changed. Increasingly, malware-less attacks have become normal. These take the form of phishing, password-spraying, social engineering and the grabbing of credentials.
The consensus was that information within the modern enterprise perimeter could no longer be secured at a network level but instead must be secured at the resource level. For example, a document opened at a physical office could be opened securely on an employee’s phone or laptop from home. This ensures that the information is protected no matter where the data is or how it is being used or accessed.
The COVID-19 pandemic has expedited this transition and will undoubtedly leave an everlasting impact on how companies operate moving forward. Managing clients sensitive information, employee communication, and important firm data can not be covered with a band-aid solution. It demands a thorough and comprehensive approach.
2. Compliance is key
As you know financial institutions are subject to compliance regulations and guidelines from the Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), the Federal Financial Institutions Examination Council (FFIEC) and the Commodity Future Trading Commission (CFTC). In addition, they are also subject to laws such as Dodd-Frank and the Sarbanes-Oxley Act of 2002, to name but a few.
The depth and complexity involved in managing data compliantly makes the transition to cloud-based solutions more complicated, but not impossible. In fact, the right data management platform could help your firm meet and exceed compliance and security demands. It’s crucial to identify data management services that have a strong understanding of your compliance obligations in order to tailor a solution that best suits your needs.
3. Leave it to the experts
Firms typically maintain costly information technology skills. Since it is not their core business, it is very easy for inexperienced staff to misconfigure a system, forget an important patch or be unaware of a new risk.
Operating information systems is complex work. At no time in the past has the pace of change in information security ever been higher. Equally, never have the expectations of customers ever been higher. They demand flexible, open, but secure systems. Keeping on top of the technology and knowing how to map and implement security controls to meet regulations is time-consuming and something best left to the experts.
Horizon’s turnkey data management services
Horizon was an early adopter of a cloud-first strategy and moved its entire operation into the Cloud back in 2016. We’ve spent years developing our own risk-based governance program based on the National Institute of Standards and Technology (NIST) framework for all of its operations and services. In doing so, we realized we could benefit other firms by sharing what we’ve learned.
We took careful consideration for the configuration and deployment of collaboration tools and security controls, including:
- Risk assessment of common organizational collaboration and business process scenarios
- Information protection and data governance requirements
- Cybersecurity and insider threats
- Regulatory compliance requirements
What we produced was Hosting Compliance, a risk-based data management and protection platform consisting of processes, procedures and cloud hosted products built to protect your firm’s sensitive data wherever it may go.
You could attempt to implement all of this yourself without severely disrupting your organization’s productivity, or your firm could bring in experts to integrate and manage this for your firm.
Either way, the protection of data, identities, devices and applications is critical to businesses functionality, and right now is the time to begin planning and executing on your data management strategy.
To learn more about hostingCompliance and our turnkey data management services, please visit https://hostingcompliance.com/. To request a demo or if you have any questions, please email us at firstname.lastname@example.org.