Hedge Funds and the adoption of Cloud Computing Systems
|September 25th, 2009||
|Contributed by: Natalie Kaminski, FinCode Solutions|
|As many newly launched hedge funds establish their infrastructures, they are increasingly considering cloud computing as an opportunity to gain fast access to best-of-breed software applications at a fraction of the cost.|
According to a study conducted by Applied Research-West, more than 80% of respondents are either in trial, implementation, or usage stages of public or private cloud computing deployments. Further, as many as 71% expect cloud computing budgets to grow over the next two years, as new services and platforms move to the cloud.
Despite its growing popularity and cost effectiveness, cloud computing is still seen by many financial service firms as a risky undertaking. While most understand the advantages of cloud computing, such as low infrastructure investment, accelerated deployment with lower risk, scalability, efficiency, and higher ROI at a lower TCO, hedge fund professionals are also overwhelmingly concerned with data security, reliability, and performance. While these are certainly valid concerns, there are currently ways to alleviate the risks while enjoying the benefits of the cloud.
It is important to understand that unlike traditional, in-house run applications, which put the maintenance and the security on the customer, the cloud computing model places the responsibility to deliver reliable and secure services on the vendor. The vendor knows that in order to succeed they must invest in state-of-the-art service and delivery technologies as well as certification programs. Such programs require cloud vendors to implement rigorous and well-documented security practices that govern their data facilities and personnel.
For example, ISO/IEC 27001 and ISO/IEC 27002 provide foundations for independent audits of cloud service providers and implement standards that govern security of information and network systems.
Another important factor to consider is that security and reliability are relevant terms and cannot be easily measured. A study of Fortune 1000 companies by Infonetics Research found that on average there are over 500 hours of network downtime per year, which works out to 94% uptime rate. This is 5% less uptime than guaranteed by most hosting companies. Similarly, internal data theft and loss are far more common in an environment where data servers are hosted internally, because when a user logs off from a cloud-based application, data is no longer accessible from their computer.
With this in mind, the customer, of course, must carefully assess a potential service provider. Gartner, a leading IT research and advisory firm, recommends paying close attention to the following areas: privileged user access, regulatory compliance, data location, data segregation and encryption, recovery practices, investigative support, and long-term viability. In addition, cloud service providers often work with a number of third party firms, so it is highly recommended to inquire about all third parties that may have access to sensitive data.
Cloud computing will continue to grow and gain widespread acceptance due to its benefits and the changing competitive forces. As the technology matures, cloud vendors will continue to address the remaining security and privacy issues, while users continue to adopt this new paradigm.
Natalie Kaminski is the Founder and CEO of FinCode Solutions, a boutique software development and consulting firm that focuses on the alternative investment industry. For more information on Ms. Kaminski and FinCode Solutions, please click here.