Category: Business Continuity


HourglassWindows XP was a mainstay at many financial services firms for nearly a decade.  In keeping with the Microsoft Lifecycle Support Policy, support for Windows XP and similar aged software must eventually end.  You can learn more about the policy here.

According to Microsoft, extended support for Windows XP is scheduled to end on 04/08/2014.  If your office is using Windows XP, you should be working on plans to phase out XP by replacing those systems with new PCs or upgrading the PCs to a more recent workstation operating system in the next six to nine months.  There is no good reason to wait until or beyond April 2014 to perform these upgrades.

Why should you care?

Most security standards – for instance, 201 CMR 17.00 – require that you apply security patches on a regular basis.  It is the extended support from Microsoft that allows you to do this.  After extended support has ended, there is no guarantee that any security patches will be released for these systems.  In order to stay compliant with security standards, firms using Windows XP will need to upgrade to other systems.

Hasta la vista, Vista!

androide

Currently, we are recommending that business users implement Windows 7 Professional on workstations.  Windows 8 makes sense for home users with touch screens, but we prefer not to implement operating systems before they have become mainstream in the workplace; Windows 8 just isn’t there yet.

Vista extended support is good through 04/11/2017, but Vista has always been a dog, and any business users still using Vista should strongly consider moving to Windows 7 Professional immediately.

Server-based systems affected by the Microsoft Lifecycle Support Policy

Windows 2003 Server extended support is good through 07/14/2015.  Nevertheless, Windows Server 2008 R2 will likely be the most widely used network operating system among investment advisors by the end of 2013.  Windows Server 2012 was released on 09/04/2012 and hasn’t yet been widely implemented among SMBs we are familiar with.

Exchange Server 2003 extended support also ends on 04/08/2014.  The implications of this related to security updates are the same as those detailed above regarding XP.  If you know which version of Exchange is in use at your office, you can check Microsoft’s site here to determine when the end of extended support for Exchange will affect your firm.

Like Vista, extended support of Exchange Server 2007 is good through 4/11/2017, so there is no need to upgrade in the near term future.  Exchange 2010 adds OWA support for Firefox and Chrome.  In addition, Exchange 2010 makes better use of lower-cost disk subsystems, allowing you to get a performance boost over 2007 without spending a premium.  Those are nice features, but not nice enough to push an Exchange upgrade before a normal IT lifecycle replacement demands it.

Exchange Server 2003 will be phased out by many advisors this year, and most will move to Exchange Server 2010.  Though Exchange Server 2013 was technically released in November 2012, it may be premature for the SMBs that dominate the investment industry to adopt Exchange Server 2013 over Exchange Server 2010.  Presently, there is no direct migration path from Exchange 2003 to Exchange 2013.  A number of small investment advisors will move to hosted Exchange solutions and no longer keep Exchange servers at their offices.

With this many possible changes slated for the next ten months, now is a good time to make sure your firm has addressed the issues or has a plan to upgrade any systems affected.

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide.

For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

iStock_000003876801XSmallFive to ten years ago, talking about Software-as-a-Service (SaaS) products with my clients would have been a very short converstation: they simply weren’t interested.  Today, however, the landscape has changed.  Investment advisors are more open to using systems in the cloud because they have begun to realize that owning technology and controlling every aspect of it is expensive.  In the past, they wouldn’t have had it any other way.

Now, we live in a different time, with newfound economic pressures and more sensitive budgets.  To those managing the operational budget, the cloud looks good.  Some of my more progressive clients have been ahead of this curve.  Instead of building and implementing systems internally, they have been using outsourced technology systems through the likes of Fidelity’s WealthCentral platform.  They have enjoyed using best-of-breed technology, without paying a premium to own it.

CLOUD-BASED SYSTEM ADOPTION GROWING

Those with experience using cloud-based services are looking to expand use of that technology, and some firms who never would have considered it in the past are taking a hard look at putting some of their systems in the cloud.  No matter which group your firm fits into, you are unlikely to find a complete solution in the cloud, nor should you.  As an example, clients of mine who effectively leveraged cloud services in other areas in the past are only now thinking of using hosted Exchange services from the likes of Rackspace or Google.  I also work with advisors who moved quickly to Google for email, but wouldn’t think of moving their portfolio management system to the cloud.

Recently, some of our clients have made the move and transitioned their servers into the cloud.  Options exist for moving workstations processing into the cloud via terminal services and virtual machines, but not many advisors have taken it to that extreme yet.  Terminal services and virtual machines are frequently used in the contingency systems that most advisors implement, so using them for primary system access isn’t much of a leap.

WHY YOU MAY WANT TO MOVE YOUR SYSTEMS TO THE CLOUD

Typically, one advantage of cloud-based systems is vendor-based redundancy that eliminates the need for similar infrastructure at investment firms.  In other words, you don’t just save money on primary hardware and software systems, you also save on redundant infrastucture and simpify the requirements of your contingency systems.

Advent offers a SaaS solution through their Advent OnDemand service.  This service is available directly through Advent and other channels, such as Fidelity.  In my experience, clients utililizing Advent’s SaaS offering give up some flexibility, but save a considerable amount of money to utililze Advent’s infrastructure rather than purchasing and maintaining their own.  It is not the right solution for every firm, but it is worth looking into.

As users of Portfolio Center and Junxure consider the necessary system upgrades to support their expanding SQL server requirements, they need to understand whether the systems they implement will continue to support their growing databases.  In some cases, these users may need to incur the expense of a full SQL server license in addition to purchasing respectable server-class hardware for their next generation server.  When looking at the price tag associated with these potential upgrades, these users will do well to consider Portfolio Center Hosted, before committing to new system expenditures.  The SaaS version of Portfolio Center is scheduled to be released in April 2013.

2013 AND BEYOND

For the remainder of 2013, advisors will continue to adapt SaaS and cloud-computing systems that spare their businesses significant expense while posing relatively low security risks.  Firms will also resist the urge to move their systems into the cloud fully.  Their perceived need to actively manage security locally is too great for investment managers to entrust to these controls to the cloud for the time being, but at this rate, 2014 and 2015 could be mostly cloudy.

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide.

For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

AUTHOR’S NOTE

I touch on cloud-computing briefly in this article and may seem to use the terms SaaS and cloud interchangably.  Cloud-computing apps and SaaS apps both sit in the cloud.  They are closely related, but not the same thing.   If you want to learn more about the differences, here is a link to an article that explains it.

Dad_Vero_ClippedQuarter end reporting for Q4 2011 was a grueling task – one that still wasn’t completed for some firms in February of 2012. I am in touch with the operations staff of representative investment firms of varied disciplines and sizes. That quarter I heard it from just about everybody. Firms were transferring accounts to different custodians, embracing new trading platforms, contemplating portfolio management system changes and enhancements to client-facing reporting as well as more robust outsourcing options … but the show must go on.

The operations staff rarely gets a break. They must deal with new initiatives as they come and still manage to get their regular work done. The act of balancing the two responsibilities can be difficult and exhausting for those faced with these demands. To quote one of my clients, “Every time you turn around its quarter end.”

As a consultant to many of these firms, I have a unique view of the daily grind of typical investment professionals. In the past, they could take reasonable breaks for lunch, etc., but more and more of the people I work with are going without the niceties of lunches out and a little down-time during the day. An illness in the family can be particularly troublesome for those working in investment operations to deal with. Illnesses are seldom convenient or negotiable.

In addition to the normal challenges that I face in any given quarter, that quarter I had to deal with one that I had no control over – the death of a loved one. My father, who, at age 73, seemed to be in outstanding health had a sudden and unexpected heart attack on the evening of January 23rd, 2012. There is never a good time for something like that to happen, but the 23rd was better than the 8th would have been for me. I was on the phone with him when it happened, and heard him utter his last words, “I feel so dizzy.” Then he collapsed.

It was so quick. I could hardly comprehend it. Over the course of the next few hours my brother and sister traveled home to New York to be with my mother as quickly as possible, while I tried to think about what I needed to do to wrap up any loose ends related to my clients’ quarter end reporting, and get home as soon as possible. After a day and half of chipping away at various tasks and setting things in motion, I needed to go home and grieve our loss with my family.

Dennis_shaking_hands_DR003My father had a successful career as a financial officer in the retail and financial service industries acting as consultant to many banks and fortune 500 companies. He kept his financial dealings fairly close to the vest, and though he had shared some of what he had done with me, I was not familiar with everything. His record-keeping was meticulous and nearly perfect in all respects but one – planning for his unexpected death. He had a joint will with my mother, but we couldn’t find it. He had assets and regular income, but getting my mother access to all of their assets would take time.

Over the next week, I went over his records, which included 22 years of tax returns and similar detailed records of my parent’s finances to lend what help I could in assessing the situation for my mother. I am no stranger to investment reports, so I winced when I saw my father’s Morgan Stanley Smith Barney statements. The production of statements as meaningless as these should be a criminal offense. I first saw statements like these back in 1987. In twenty-five years very little has changed. The statements are as dull and drab as possible. The only color afforded is the dark blue line that runs along the top. These statements are difficult for people who know what they are looking for to read – never mind those less familiar. At best, these statements are an inventory of holdings.

After looking through more of the investment statements, I eventually found summary statements that get sent out about a month after each quarter end. These statements were better, but not as good as most of what we create for our clients. Given their ability to produce better statements, firms like Morgan Stanley Smith Barney should be held to a higher reporting standard.

Over the course of nearly two weeks, my brother and I stoically exchanged quips like “Good will hunting” and “Where there is a will there’s a way” in humor that my father would have appreciated. Eventually, we found the will. It was perhaps the only thing improperly filed in his office. Throughout the ordeal, I couldn’t help thinking about how my father could have made things much easier for us by leaving us a list of the top ten things to do if he died. It might have taken him twenty minutes to put together if he had ever thought about it. I half expected to find such a list, but it was nowhere to be found – apparently, my Dad wasn’t planning to die. Here is what the list might have said:

Sorry to leave you all so suddenly, but here is what you need to do:

1. Call my attorney _______________ at _______________ , and have him execute my will. For some reason, I have the original copy of my will in the file marked _________________ at our home in ________________.

2. I have three whole life insurance policies that should provide a total non-taxable death benefit of approximately ___________________ .

They are:
a. _______________________________
b. _______________________________
c. _______________________________

Call my good friend _______________________ in the insurance business at ______________ and have him help you get the forms and file them. The proceeds from my life insurance should help with the transition period.

3. In the event of my passing, Mom should have access to the following regular income sources totaling about ________ per month:
a. ________ Pension.
b. My social security not hers.
c. The annuity.

4. All of the bank accounts are jointly held and your mother is listed as the primary beneficiary.

5. My retirement account will need to be transferred to her and she is listed as the primary beneficiary.

6. There is no money hidden anywhere. It was already raining.

7. Put the funeral on the Amex and the meal afterwards on the Underhill tab.

8. Yes. I want the cheapest casket.

9. Psalm 23.

10. Swing easy.

Love,
Dad

Using my personal experience with my father as an example, we can hopefully learn something.  First and foremost, we should make sure to acknowledge our own mortality and take the steps necessary to make our passing easier on those we would leave behind.  And, of course, since this blog is about investment operations and technology, ensure that your firm has the contingency planning, documentation, staff redundancy and training necessary to survive the loss of key personnel, whether that loss is through a sudden career change, a long-term illness, or an unexpected tragedy.

The impetus for some of the best client relationships I have ever had has been the vacuum created by the loss of personnel.  I have helped firms that experienced 100% turnover in their investment operations department rebuild, assisted those trying to make sense of cryptic documentation left behind by co-workers who left abruptly, and managed to get things running again when the person who “did everything” was severely injured in an automobile accident.

Understanding your firm’s dependancy on key personnel is very important.  Even when systems are documented, that documentation’s usefulness may be questionable.  Documentation that hasn’t been reviewed and tested might be meaningful to those who created it, but not to those trying to use it to complete a process in the author’s absence.

Some of my clients have actually drafted letters to be delivered to their investors in the event of their deaths. Those letters are in their contingency plan – what’s in yours?

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide.

For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

Unless you live in a cave, you have probably heard lead-ins to the story from reporters,  “Enjoy the Internet while you have it.”  These reports make reference to Monday, July 9th, 2012 as Internet Doomsday.

Here is what you should know about the threat:

  1. It isn’t new.  This malware has been around for a while.
  2. If your PC is serviced regularly, and your antivirus program is active, it is unlikely to be a problem.
  3. There is no impending attack.  Potential outages will actually be caused by the FBI taking temporary DNS servers offline.  If your PC is infected with this malware, then you will lose Internet access until the malware is removed and the proper DNS settings are restored.
  4. According to current reports, 360,000 PCs worldwide and 64,000 PCs in the United States (US) are still infected.  Per census data (July 2011) there are over 311 million people living in the US.  So there are a relatively small number of infected PCs here.
Nonetheless, you can go ahead and check whether your system has been compromised using the following link: http://www.dns-ok.us/

 

Since servers in the corporate environment typically provide DNS information to the connected workstations in an office, your office DNS servers should also be checked. For more details on this issue, refer to the FBI article.

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide. For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.