The cost savings of moving a small RIA firm to the cloud are pretty tempting. I interviewed John Boulanger of Investment Technology Partners and Marco Naylon of MTN Group to get the story on what the risks and rewards may be for RIA firms considering moving to the cloud.
For those of you who are new to my blog/podcast, my name is Sara. I am a CFAยฎ charterholder and I used to be a financial advisor. I have aย weekly newsletterย in which I talk about financial advisor lead generation topics which is best described as โfun and irreverent.โ So please subscribe!
What RIA Firms Should Know about Cloud Security
According to Boulanger, the biggest thing that financial firms misunderstand or underestimate when it comes to cybersecurity is perception. Many firms believe they are safe if their data is up in the private cloud (i.e. Charles Schwab or Fidelity).
In reality, though, making your RIA firm safe in the cloud is more about policy and less about product. Security Best Practice requires that an organization have a comprehensive cyber security policy first. You can then determineย what cyberย products fit your policy once you have that established.
The other issue is documentation. Letโs say that you purchasedย Trend Micro for PCs and Mobile. Trend Micro does provide endpoint security, but we need to show regulators we monitor our endpoints daily for Malware, and if found we remediated it.ย All must be documented.
In Boulangerโs view, the mobile security area will sooner than later not be allowed to beย off limits in SEC audits.ย Compliance officers currently can write policy dictating that no mobile devices are allowed to communicate directly to a client. This removes mobile off the audit review. This is likely to change.
Choosing a Cloud Provider for Your RIA Firm
According to Marco Naylon, the biggest misconception with the Cloud as an IT solution is that it needs to be a binary decision between traditional on-premise IT and a Cloud provider. The Cloud is capable of incorporating a hybrid solution that maintains some data and processes on local resources and moving others to the Cloud.
Furthermore, the hybrid solution can be completely customized to meet your firmโs internal and external requirements. For example, a firm can implement an archiving solution that keeps frequently accessed files or data on local resources and move older assets to low-cost storage in the cloud. An archiving policy could be created to automate the process and freeing up local storage while meeting your firmโs record retention requirements.
Before choosing a cloud provider, an RIA firm should have an accurate assessment of their current IT needs and spending. Also, they should have a strategic plan for their firm and how IT will be used to meet their business objectives. An RIA firm should look at three things: Technology Offerings & Services, Pricing Model, and Security.
Cloud Offerings
The offerings and services of a cloud provider should fit the firmโs needs for storage, computing and processing power as well as the ability to manage the development and deployment of applications.
Cloud Pricing Model
Firmโs need to understand the pricing model for what and how usage charges occur. The cloud provider should be able to provide detailed costs reports across their various services for firms to track their usage and spending trends.
Cloud Security
Finally, a firm needs to understand the security offerings and protocols of a cloud provider. They should understand how and where their data is stored, as well as retaining full-ownership of their data. Furthermore, firm’s need to distinguish between their security responsibilities and those of the cloud provider. Cloud providers should provide the ability for a firm to set and implement security policies on their cloud environments.
To begin testing the waters of a cloud solution, Naylon recommends starting with a small non-mission critical process. Good candidates are workflows that contain repetitive processes that can be automated in the cloud.
Sara’s Upshot on moving your RIA firm to the cloud
Moving to the cloud isnโt a clean cut process for RIA firms.
Whatโd ya think? Was this blog helpful?
If yesโฆ
Learn what to say to prospects on social media messenger apps without sounding like a washing machine salesperson. This e-book contains 47ย financial advisor LinkedIn messages, sequences, and scripts, and they are all two sentences or less.
You could also consider myย financial advisor social mediaย membership which teaches financial advisors how to get new clients and leads from LinkedIn.
Thanks for reading. I hope youโll at least join myย weekly newsletterย about financial advisor lead generation.
See you in the next one!
-Sara G
