At the FinServ Consulting CTO Roundtable held this past May, we hosted 12 CTO’s from some of the top hedge hunds in the US. Of those 12 CTO’s, 11 were seriously considering a move to Office 365. The remaining CTO was already on Office 365.
Office 365, and in general cloud based office suites, have long been speculated to be taking over from the traditional MS Office client based applications. However, due to the cautious nature of the financial services industry (especially around email) it seemed like this would never happen at Hedge Funds. Over the past year FinServ has seen this tide significantly turning and Office 365 coupled with Azure AD FS are becoming a hot topic with many CTO’s. Many Hedge Funds are currently contemplating the move to Office 365, but still need to get comfortable with some key aspects of the platform. Here are the main concerns we are hearing from our clients and some of the potential solutions that they are considering.
1. Microsoft’s 99.98 % up-time for email is not good enough. How can I guarantee that our people are never without email?
Answer: As one of our client’s noted 99.98% up time means Microsoft could be down for one day every full year and that is far too much for his firm to tolerate. As of now it seems that the most common choice of a backup email insurance policy amongst our client base is Mimecast. If Microsoft has an outage Mimecast would enable a client to keep their email up and running by acting as a backup email system.
2. Single Sign-On is critical to our firm. We need a secure way to ensure that our employees can access all their applications without having to memorize a number of passwords or be prompted to re-enter passwords just to access Office 365.
Answer: This one can be a lot trickier and the key to the solution seems to be with Azure AD FS as the best solution. While vendors like OKTA claim that they are a superior solution to Azure AD FS the addition of another vendor to layer on top of the Microsoft solution does not seem necessary in this particular instance. The huge advances in capabilities that Microsoft has shown with Azure AD FS combined with its ability to integrate with so many common vendors means that single sign on should be easily attainable through Microsoft alone. The biggest area to focus on is simply ensuring that your AD FS setup for your users and groups is clean and well-organized prior to migration. There are many tools available from Microsoft that aid in ensuring that your AD FS is in good working shape to supoprt the move to Office 365.
3. How strong is Microsoft on Mobile Device Management (“MDM”)? If someone leaves our firm or if the device is lost or stolen can I wipe from a device the information related to our firm?
Answer: The short answer is a definitive yes. Microsoft, if configured, can allow you to totally manage your user’s devices so that you can selectively wipe only certain portions of the user’s device. You can use Azure AD FS as your source of inventory for all devices, which can control enrollment into Intune, access to Office 365 and connections to corporate resources.
4. We have heard a lot about SharePoint Online being a major new piece of Microsoft’s overall strategy for collaboration, but what are its real capabilities and how secure is it?
Answer: This is certainly a loaded question, and there are many topics to cover when a client asks this question. First, it is key to ensure that the client understands what SharePoint Online is, and how it works with One Drive for Business. While SharePoint Online offers Document Libraries and many other great features, for teamwork and collaboration, the One Drive for Business Sync Client is one of the major behind the scenes critical components of this solution. Microsoft has been rapidly enhancing this solution to ensure that it is secure enough to enforce key security standards, so that the financial services industry can finally start to embrace the overall solution for document, and file management. Microsoft’s approach to encryption keys is a major part of this solution, as is the ability to lock down access to the One Drive for Business and SharePoint folders by domain. Microsoft’s Data Loss Prevention (“DLP”) features can all be setup through configuration screens on Office 365, but it does need to be performed very carefully in order to ensure that the system is setup without the risk of data loss, or the risk of an employee’s sharing something that goes against your firm’s data sharing policies. The good news is this is all already in the solution and you just need a skilled and experienced partner to help configure this in your Office 365 setup. The bottom line is most if not all Hedge Funds are in the process of looking at, or are moving to Office 365. The compelling cost and resource savings of outsourcing this part of a funds infrastructure is too compelling. With that said, there are many answers that the CTO’s and fund executives want answered especially around security (including data loss prevention and up time) before they take the plunge. FinServ Consulting has partnered with the top experts in the field to gather all the critical answers that will allow our clients to make this move in the most effective and secure way possible.
To learn more about FinServ’s Office 365 and Microsoft related services, please contact us at firstname.lastname@example.org or (646) 603-3799.
About FinServ Consulting
FinServ Consulting is an independent experienced provider of business consulting, systems development, and integration services to alternative asset managers, global banks and their service providers. Founded in 2005, FinServ delivers customized world-class business and IT consulting services for the front, middle and back office, providing managers with optimal and first-class operating environments to support all investment styles and future asset growth. The FinServ team brings a wealth of experience from working with the largest and most complex asset management firms and global banks in the world.