[et_pb_section bb_built="1" _builder_version="3.0.47"][et_pb_row _builder_version="3.0.48" background_size="initial" background_position="top_left" background_repeat="repeat"][et_pb_column type="4_4"][et_pb_text _builder_version="3.6"]

We are pleased to announce that our recent submission to the CSA Star registry, for our Security self-assessment document, was successful. The Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and harmonization of standards. Companies who use STAR indicate best practices and validate the security posture of their cloud offerings.

The STAR registry documents security and privacy controls provided by popular cloud computing offerings. This publicly accessible registry allows cloud customers to assess their security providers in order to make the best procurement decisions.

As a member of this registry we:

  • Provide our customers with a high level of transparency and confidence that we use best cloud security practices
  • Help customers make the best procurement decision for them
  • Define gaps and improve our security posture
  • Continuously improve and reach higher, third-party audited, security level and certification

With the successful submission of our self-assessment document to the CSA registry, we have completed our first step on the road to the full STAR Level 3 Goal.

For more information click here: https://cloudsecurityalliance.org/star/

 

[/et_pb_text][et_pb_text _builder_version="3.17.6" custom_margin="-35px||-2px" custom_padding="0px||0px"]

 

[/et_pb_text][et_pb_image src="https://3bb4f13skpx244ooia2hci0q-wpengine.netdna-ssl.com/wp-content/uploads/2019/09/STAR-Table.jpg" _builder_version="3.17.6" custom_margin="||40px|" /][et_pb_text admin_label="Text 2" _builder_version="3.17.6"]

About Hentsū

We have the breadth and depth of knowledge and experience to design, build and manage every aspect of your hedge fund technology. We offer next generation Corporate IT with cloud-based offerings such as O365 and OneDrive, Cloud Strategy Roadmap Design and Implementation, Data Science as a Service and Regulatory Technology solutions.

Talk to us about your public cloud strategy today. Contact us at hello@hentsu.com

[/et_pb_text][et_pb_cta title="Talk to us about your public cloud strategy today" button_url="https://hentsuprod.wpengine.com/contact" url_new_window="on" button_text="Contact Us Today" _builder_version="3.16" button_text_size__hover_enabled="off" button_one_text_size__hover_enabled="off" button_two_text_size__hover_enabled="off" button_text_color__hover_enabled="off" button_one_text_color__hover_enabled="off" button_two_text_color__hover_enabled="off" button_border_width__hover_enabled="off" button_one_border_width__hover_enabled="off" button_two_border_width__hover_enabled="off" button_border_color__hover_enabled="off" button_one_border_color__hover_enabled="off" button_two_border_color__hover_enabled="off" button_border_radius__hover_enabled="off" button_one_border_radius__hover_enabled="off" button_two_border_radius__hover_enabled="off" button_letter_spacing__hover_enabled="off" button_one_letter_spacing__hover_enabled="off" button_two_letter_spacing__hover_enabled="off" button_bg_color__hover_enabled="off" button_one_bg_color__hover_enabled="off" button_two_bg_color__hover_enabled="off"]

Need to improve how you run your hedge fund technology? Concerned with your legacy private cloud provider? Not getting the service you need?

Hentsū can help!

[/et_pb_cta][/et_pb_column][/et_pb_row][/et_pb_section]

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY
[et_pb_section fb_built="1" _builder_version="3.0.47"][et_pb_row _builder_version="3.0.48" background_size="initial" background_position="top_left" background_repeat="repeat"][et_pb_column type="4_4" _builder_version="3.0.47" parallax="off" parallax_method="on"][et_pb_text _builder_version="3.6"]

We are pleased to announce that the 2019 AITEC DDQ is now available to all AITEC and AIMA members and we are now formally on the AITEC vendor list. The AITEC-AIMA DDQ for Vendor Technology and Cyber Security was created to streamline the process of conducting due diligence on vendors servicing the alternative asset management industry. We are proud to join this list of innovative solution providers as we continue to offer top expertise to our clients.

Do not hesitate to reach out to us for more information on the AITEC DDQ.

Click here, for more information on our memberships and partnerships: https://hentsu.com/solutions/ and additional information on AITEC can be found here: https://www.aitec.org.

 

[/et_pb_text][et_pb_text admin_label="Text 2" _builder_version="3.6"]

About Hentsū

We have the breadth and depth of knowledge and experience to design, build and manage every aspect of your hedge fund technology. We offer next generation Corporate IT with cloud-based offerings such as O365 and OneDrive, Cloud Strategy Roadmap Design and Implementation, Data Science as a Service and Regulatory Technology solutions.

Talk to us about your public cloud strategy today. Contact us at hello@hentsu.com

[/et_pb_text][et_pb_cta title="Talk to us about your public cloud strategy today" button_url="https://hentsuprod.wpengine.com/contact" url_new_window="on" button_text="Contact Us Today" _builder_version="3.16" button_text_size__hover_enabled="off" button_one_text_size__hover_enabled="off" button_two_text_size__hover_enabled="off" button_text_color__hover_enabled="off" button_one_text_color__hover_enabled="off" button_two_text_color__hover_enabled="off" button_border_width__hover_enabled="off" button_one_border_width__hover_enabled="off" button_two_border_width__hover_enabled="off" button_border_color__hover_enabled="off" button_one_border_color__hover_enabled="off" button_two_border_color__hover_enabled="off" button_border_radius__hover_enabled="off" button_one_border_radius__hover_enabled="off" button_two_border_radius__hover_enabled="off" button_letter_spacing__hover_enabled="off" button_one_letter_spacing__hover_enabled="off" button_two_letter_spacing__hover_enabled="off" button_bg_color__hover_enabled="off" button_one_bg_color__hover_enabled="off" button_two_bg_color__hover_enabled="off"]

Need to improve how you run your hedge fund technology? Concerned with your legacy private cloud provider? Not getting the service you need?

Hentsū can help!

[/et_pb_cta][/et_pb_column][/et_pb_row][/et_pb_section]

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY
[et_pb_section bb_built="1" _builder_version="3.17.6" custom_padding="0px||0px"][et_pb_row _builder_version="3.17.6"][et_pb_column type="4_4"][et_pb_text _builder_version="3.17.6"]

We have provided cloud solutions to asset managers for the past three years and in this time completed various types of email migrations to Office 365. These migrations include a mix of moving clients from an on-premise Exchange or a third-party legacy private cloud provider entirely to Office 365 to working with hybrid solutions that span both own on-premise and Office 365. 

During these migrations we noticed a range of issues with clients who opted to set up their Office 365 accounts via a more economical re-seller or through bundled packages with other services. 

Here are a few things to be wary of when setting up your Office 365 accounts with the wrong partner:

  1. Some of these providers offer what is called a “Syndication Tenant”. Microsoft retired this type of subscription but it is still offered by many existing re-sellers. With a Syndication Tenant agreement, the Office 365 account, Azure AD tenant and data is held by the re-seller and can’t be easily migrated away. In this setup, a multiple step process is required to hand over the account to another partner. The data needs to be backed up, the account deleted, and the data re-imported into a new account. All of this means extra complexity, user upheaval and extended downtime. 
  2. Some re-sellers, especially the syndicated tenant providers, do not offer the account holder true admin rights which means only a subset of the Office 365 functionality and management is available. 
  3. You could end up locked into a strict contract when negotiating your agreement. Sometimes your contract could last up to two or three years with no variations possible on the user services and license counts. 
  4. Security options are limited when compared to native Office 365 solutions or conditional access policies.
  5. Interface solutions from these re-sellers often lack basic functionality such as single sign on tools. 

With issues like these it is important to do your due diligence when exploring your options before committing. More likely than not you will find that your safest and most efficient option is to partner with a trusted and experienced service provider or go to Microsoft directly.

How Hentsū does it differently

We are a Tier 1 Microsoft Cloud Service Provider (CSP) and work directly with Microsoft. We are also a Silver partner and specialists in the asset management industry. All of this allows us to provide a range of flexible solutions tailored to the world of fund management. 

A good time to reach out to us is when your fund is about to be registered (SEC, FCA, etc). We know the industry requirements and can provide guidance on best practices and compliance. We also have the ability to work earlier with startups to ensure that they have all the tools in place from day one and can scale as they grow. 

Generally, we advise to take the following steps when setting up cloud services: 

  • Create a native Office 365 account through Microsoft directly, or use one of the Hentsū starter packages. We create client accounts directly with Microsoft so you hold the keys to the Azure AD tenant.  Your data is always your data so you can migrate to another provider at any time.  
  • Validate that you hold ownership over your Office 365 account and email domain. 
  • Purchase license subscriptions and set up users and groups.
  • Don’t go for 12 month commitments until you are sure of which services you actually need. We offer all of our clients the same 12 month discounts but on a monthly rolling basis. 
  • Set up data loss prevention and data retention policies and be aware of two factor authentication and mobile device security. We enable all these features by default as you on-board to our setup.

So be sure to carefully consider all the possibilities before signing on with Office 365 re-sellers or bundled solutions, as there are a range of options for your Office 365 needsIf you are unsure of where to go next for your Office 365 solutions, reach out today to learn how we can best support you. 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version="3.17.6"][et_pb_column type="4_4"][et_pb_cta title="Talk to us about your Office 365 needs" button_url="https://hentsuprod.wpengine.com/contact" button_text="Contact Us Today" _builder_version="3.17.6"]

[/et_pb_cta][/et_pb_column][/et_pb_row][/et_pb_section]

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY
More questions around cyber security and the safety of the cloud arose this week when it was revealed that the personal information of almost 200 million citizens had been left exposed for anyone to access on the Internet. More than a terabyte worth of personal details such as home addresses, phone numbers, and even voter registration details, collected by the US-based conservative data firm Deep Root, were stored on the Amazon cloud server, and were publicly accessible via a URL.  According to the firm, the data was left exposed after an update to their security system. A simple mistake, easily preventable, and yet it’s evident that the necessary procedures in place to mitigate these breaches in security were lacking.

THE REPERCUSSIONS OF OVERSIGHT

The news of the Deep Root leak made international headlines because of the scale of the leak and the magnitude of the political ramifications, however, they are certainly not the first and only firm to have a lackadaisical attitude towards storing and protecting its data.  Major leaks from big companies or organisations, from Yahoo, to Target, and even the NHS, have all been the centre of media scrutiny in the past, and it seems fresh news of data security breaches are hitting our newsstands almost weekly. According to a recent survey by Thread Stack, 73% of companies (out of the 200 surveyed) have at least one critical security misconfiguration that would leave their environment vulnerable and wide open to the Internet. If that weren't cause enough for concern, firms are also paying the price, quite literally, for their passive approach to security and data-encryption. Some disgruntled clients who have had their sensitive information stolen or exposed are demanding compensation, and are filing class action lawsuits, with the pay-outs sometimes ranging in the millions, leaving smaller firms with no choice but to close down. A hefty price to pay for a mistake so easily avoidable with the right procedures set up by those with the appropriate skills and experience.

CLOUD SECURITY PROCEDURES

Even though sensitive information was left exposed on the web for anyone to access, human error and lack of procedures should not put people off using cloud-based systems and services.  Additionally, on-premise hardware is not any less likely to be subject to security errors and oversights.The reality is, thousands of firms are currently using cloud-based systems, and realistically the numbers are only going to increase. Cloud platforms allow for several benefits, like flexibility in the cost of backup solutions, and the ability to process large amounts of data more cost effectively than traditional physical hardware. They also have the further benefit of exercising more granular control and auditing of the security.

CONSEQUENCES OF INEXPERIENCE

Nonetheless, using the cloud is only profitable if the necessary procedures are set up correctly and with security in mind. A bit like an Ikea flat pack, servers like AWS give you the tools to build an infrastructure, however, assembling it so it lasts long-term, is efficient, and doesn’t crumble under duress, is up to you. If the object you’re building is something small, like a side table, doing it yourself doesn’t seem like that big of a deal. Yet, if we think on a much larger scale, say a wardrobe, suddenly security, longevity and efficiency are at the top of your priorities. The consequences of inexperience are simply not worth the risk, which should be taken seriously. When using a cloud-based platform like AWS, numerous processes should be put in place to limit the chances of a safety breach. Simply relying on AWS or Microsoft to provide the level of security needed to avoid breaches and mistakes from occurring is simply not enough.  Even Ian Massingham, Amazon Web Services' (AWS) chief evangelist for Europe, Middle East and Africa, has stated that AWS are "not the owners or custodians of the data - we just supply the resources" adding. "we don't control how the data is protected, customers do".  Essentially, AWS cannot be held accountable in the event of a leak if the client didn't build the necessary infrastructure and processes to maintain and protect the data stored within its system. It boils down to who is responsible for the security within the cloud (the client) and who is responsible for the security of the cloud (AWS).

HOW HENTSU HELPS

Keeping this in mind, Hentsū helps build secure infrastructure for its clients by storing it behind multiple layers within the AWS platform or any other cloud platform. Each layer securely locked and accessible only through specific security requirements, such as location access, trusted devices passwords, and two-factor authentication. Doing this minimises the chances of simple and avoidable mistakes leaving data vulnerable and exposed on the web. Cloud-based platforms can only run efficiently if the correct infrastructure is built within them. For those firms who do not possess the knowledge and experience to correctly set up secure procedures within a cloud platform, Hentsū can ensure the correct systems are in place to minimise the circumstances in which a breach in security could occur.

YOUR NEXT STEPS

Questions around the protection of data and secure servers will always be relevant. By taking the necessary steps and ensuring secure procedures are in place as a safety net, there should be no reason to fear cloud-based platforms. Most importantly, you need to be confident that your systems were built to run by experts with the experience and knowledge in constructing secure servers and databases. Minimising human error by setting up and establishing proper security procedures goes a long way in ensuring systems run both efficiently and securely.

Contact Us

How secure is your infrastructure? Contact us for a security analysis and strategy: hello@hentsu.com

Date/Time

Date(s) - 01/01/1970
12:00 AM - 12:00 AM

Location

600 5th ave. NY, NY