Q&A with Grigoriy Milis, CTO at RFA: Grigoriy Milis talks to HFMWeek about the advantages of next-generation data security.
Historically, encryption was the best way for hedge funds to keep data secure. Encryption is the process of encoding data so that only authorized parties can have access and focuses on controlling access to data rather than controlling the data itself. To achieve a higher level of data security, more restrictions around behaviour would have to be set. But in today’s mobile world, employees need to be able to transport files outside of the corporate network in order to travel and work from home efficiently. As a result, hedge funds are left struggling with the conflict of being able to achieve data security while still maintaining a flexible and efficient work environment. Next generation data security has come about as a result of this.
How does next generation data security provide a stronger defense against challenges that traditional forms of data security were more susceptible to?
Next generation data security focuses on controlling data at the file level as opposed to controlling the data’s location. Traditional forms of data security, such a disk and file encryption, restrict location, and are difficult to accommodate the flexible, mobile work environment required by most hedge funds. With traditional data security, once the file leaves the network, the administrator loses control, and the only way to combat this risk is by setting up cumbersome, location based permissions. With newer forms of data security, administrators can control and protect information independent of where it is located, whether that be in file shares, emails, laptops, or the cloud, and revoke access at any given time. This allows employees to work flexibly while still providing appropriate levels of security, and is especially helpful in the case of employee leaving the hedge fund.
How important is it that hedge funds adapt to this next generation of data security?
It is very important that hedge funds adapt to this next generation of data security if they want to keep up the technology demands of the hedge fund industry. Despite many hedge funds adopting policies that prohibit cloud based file sharing or USB drives, many employees will still find a way to use them if makes their life easier. Hedge funds must accept and adapt to this challenge. Next generation data security acknowledges the need for workplace efficiency while still meeting the new regulatory requirements pertaining to data security and control.
What assistance and guidance can RFA offer funds looking to implement next generation data security?
RFA has recently released a new, next generation data security service that goes beyond the capabilities of traditional disk and file encryption so that hedge funds can securely share and store files on any device. Administrators receive direct insight into where and how information is being used, and can revoke access or delete files regardless of location. The new service directly responds to the SEC requirements relating to data control and builds upon our existing cybersecurity offering which includes data governance, user training, and testing capabilities.