The SEC’s Office of Compliance Inspection and Examinations issued arisk alertthat features the results of a cyber security survey of 106 broker-dealers and investment advisors and highlights cyber security awareness of these firms and their vendors.
The survey found that 93% of broker-dealers and 79% of advisors conduct periodic risk assessments to identify cyber security threats and vulnerabilities. However, far fewer firms conduct risk assessments on the vendors who access their firm networks. The majority of these incidents were related to malware or fraudulent emails.
A key finding showed that 72% of the surveyed broker-dealers incorporated cyber security risk into their vendor contracts, while only 24% of the investment advisors had such clauses. As a cloud archiving vendor, Global Relay has adopted the high levels of security demanded by our most sophisticated customers. Protecting data is at the heart of our business; we employ industry best practices at every step of our operations. Some of the data center securitymeasureswe take include:
Mirrored East Coast and West Coast Data Centersin world-class facilities
Highly secure, reliable and scalable IT infrastructure engineered by Hewlett Packard
Mirrored active/active firewalls to ensure that in the event of a failure data will remain secure
Mirrored active/active load balancers to ensure high system availability
Continually upgraded Sun operating systems ensuring performance at the highest level
Highly restricted access to customer data and stringent internal access procedures and authorizations
Systems monitored 24/7 by dedicated professionals to protect against unauthorized intrusion
Two factor Virtual-Private-Network (VPN) provides secure, remote monitoring
System alerts for unusual activities
Performance of regular security reviews and monitoring of security logs for anomalies
While we have successfully demonstrated our cyber security prowess to some of the world’s largest banks, we don’t stop there. Every year, we engage with KPMG to independently validate our internal business, operational, and security controls. The KPMG Report is designed to assist customers, partners and their auditors in the evaluation of the security of Global Relay systems and applications. As well, our private green data center undergoes regular SOC2 audits.
The KPMG and SOC2 reports can be of great assistance to customers when conducting vendor due diligence. They are available to customers upon request.
Please click here to speak to a Global Relay specialist and find out more about our security practices.
Global Relay is the leading provider of cloud archiving, compliance, information governance and eDiscovery solutions for the global financial sector and other highly regulated industries. Global Relay delivers services to over 23,000 customers in 90 countries, including 22 of the top 25 banks. Global Relay Archive supports email, IM, Bloomberg®, Thomson Reuters, social media, mobile messaging and more - with mobile, Outlook and web access.