Almost 75% of hedge funds using private cloud
Nearly three quarters of hedge funds are using a private cloud while half are using a private cloud exclusively, according to research by Eze Castle Integration.
Of those cloud users, 93% said they believed a private cloud set-up was more secure or just as secure as an on-premise infrastructure. Data security has been at the forefront of the minds of financial institutions amid several highly embarrassing leaks.
Earlier this year, 260 gigabytes of confidential data containing information on 120,000 offshore entities was leaked from the offices of Portcullis Trustnet, a Singapore-based fund administrator, to the International Consortium of Investigative Journalists prompting concern about client data security.
“Private clouds are more robust in terms of security and there are mechanisms in place to prevent data being leaked or stolen. There are enormous protections in place, which firms will not find on a public or hybrid cloud structure,” said Bob Guilbert, managing director at Eze Castle Integration in Boston.
The importance of data security was evidenced in a recent paper on systemic risk by the Depositary Trust & Clearing Corporation (DTCC), which identified cyber-crime as the biggest threat to market stability, putting it ahead of counterparty risk and concentration risk at central counterparty clearing houses (CCPs).
Cyber-threats can take many forms. The most obvious include denial of service, unwanted disclosure of non-public material data and the corruption of books and records. A DTCC survey of exchanges reported 53% had experienced a cyber-attack in the last 12 months. The reputational risk and potential systemic risk of falling victim to one of these attacks is enormous.
Business drivers for increased cloud adoption include easy access and simplified application management, greater control over IT costs, reduced complexity and management of IT and improved disaster recovery and business continuity planning (BCP), said the Eze Castle Integration survey. The latter is of particular concern to regulators and investors following Hurricane Sandy in 2012 when a number of disaster recovery and BCP systems were found wanting.
The Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC)’s Division of Swap Dealer and Intermediary Oversight and the Financial Industry Regulation Authority (FINRA) have all advised firms to prepare for widespread disruption by ensuring they have fully functioning secondary locations to work from, communication plans and regular stress testing of these procedures. It also recommended firms improve their recovery time after disruptive events.
“Regulators urged asset management firms to ensure they had the correct systems in place for BCP and disaster recovery planning. We find that cloud services tick many of the regulators’ boxes on this issue,” commented Guilbert.
Institutional investors have also made it no secret they expect hedge funds to have quality cloud infrastructure. “Institutional investors are more accepting of the private cloud and many are conducting rigorous operational due diligence on how managers’ disaster recovery and BCP systems work in practice, as well as their security procedures. Service providers such as us are routinely questioned by investors about how our cloud product works,” said Guilbert.