Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  Equities  >  Nasdaq  >  SS&C Technologies Holdings, Inc.    SSNC

SS&C TECHNOLOGIES HOLDINGS, INC.

(SSNC)
  Report  
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
News SummaryMost relevantAll newsOfficial PublicationsSector newsAnalyst Recommendations

SS&C Technologies : Beyond basics – three enhanced practices to protect customer records

share with twitter share with LinkedIn share with facebook
share via e-mail
0
06/05/2019 | 01:53am EDT

In response to existing and emerging security risks to your customers' records, you should implement, maintain and evidence three enhanced practices within your internal technology environment. Furthermore, you should demand the same of your critical third-party vendors.

Security Concerns

Registered investment advisors (RIAs) and broker-dealers face advanced, persistent cyber threats. As incidents continue to escalate, firms and regulators have prioritized cybersecurity resilience. Recently, the Security and Exchange Commission's Office of Compliance Inspections and Examinations (SEC OCIE) published an alert that outlined concerns and recommendations to ameliorate risks inherent in network storage of customer records. The alert covered the broad environment where customer data lives - across internal firm and external-hosted service provider systems (including cloud-based storage). These network storage concerns include:

  • Misconfigured internal solutions: The OCIE highlighted the risk of absent or weak policies and procedures related to initial and ongoing security configuration of internal network devices.
  • Inadequate oversight of vendor-provided solutions: OCIE concern extended to the lack of oversight or weak enforcement of contractual requirements by firms over their critical third-party service providers.
  • Insufficient data classification policies and procedures: Unfortunately, select firms did not demonstrate mature data classification practices. This deficiency makes it difficult for firm and vendor technology teams to identify and protect systems requiring enhanced vigilance.

Beyond Baseline Practices

In response to the above observations, the OCIE cited examples of effective practices. These practices include implementing policies and procedures covering the configuration of security standards (e.g., password protection, encryption, etc.) of network devices - whether internal to the firm or external to a service provider. The OCIE also recommended governance over the implementation of software patches and hardware updates. While these observations are all effective practices, they should be considered baselines.

We believe firms should expect more from their internal teams and demand more from their trusted partner vendors. Keep in mind:

1) Trust but verify. To show compliance, good vendors provide details upon request. Great vendors proactively seek to offer ongoing evidence to provide preemptive assurance that firm policies and procedures are followed. Furthermore, given their scale, critical vendors should provide thought leadership and guidance from what they are observing across the industry to help enhance their clients' internal firm policies and procedures.

2) Functionality is also critical. While defensive configuration of network storage devices is critically important, it is only part of providing a great customer experience. Network storage configuration sits at the fundamental intersection of how firms bring their people and processes together to service their customers. Misconfigured devices, poor on-going management, and the misuse of network devices to temporarily cover-over application code shortcomings can lead to needless complexity and operational outages. Robust change management processes across internal and external devices is an absolute. Critical vendors should provide documentation that these processes are in place across shared production and disaster recovery environments.

3) Practice makes perfect. Not only do your regulators, board, shareholders and customers expect you to plan and prepare, they also expect you to execute, assess and demonstrate your capability to safeguard customer data and minimize operational disruptions. We recommend you combine preemptive configuration management best practices with a broader, realistic exercise program that stress tests your business continuity, disaster recovery and cyber resilience. This program should include actively exercising with your critical vendors across the shared ecosystem where your customers' records transit and are stored.

Bringing It All Together

Rightfully, the SEC OCIE is concerned about the risks inherent in poor internal and vendor network storage device configuration. Certainly we recommend following their examples of effective practices; however, we endorse firms moving beyond simply configuring storage devices to a full-spectrum risk management program.

As you look to demonstrate effective cyber resilience, learn more about how you can meet this key OCIE priority for 2019 and see how SS&C can help you safeguard records while providing a great customer experience.


Asset Management, Fund Administration, Regulation

risk management , OCIE , customer records , network storage , security risks , risk alert , cloud-based storage , data classification

Disclaimer

SS&C Technologies Holdings Inc. published this content on 05 June 2019 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 05 June 2019 05:52:01 UTC

share with twitter share with LinkedIn share with facebook
share via e-mail
0
Latest news on SS&C TECHNOLOGIES HOLDINGS
05:01aSS&C GLOBEOP FORWARD REDEMPTION INDI : July notifications 2.69%
PR
04:50aSS&C TECHNOLOGIES : 4 considerations for selecting property management software
PU
07/19SS&C TECHNOLOGIES : IMN West Real Estate CFO & COO Forum
PU
07/18SS&C TECHNOLOGIES : Assessing and addressing fraud - An SS&C Deliver Conference ..
PU
07/17SS&C TECHNOLOGIES : Federal Home Loan Bank of Chicago Selects SS&C to Enhance Au..
PR
07/16SS&C TECHNOLOGIES : Is blue sky compliance like the SEC or the IRS?
PU
07/12SS&C : to Release Second Quarter 2019 Earnings
PR
07/12SS&C TECHNOLOGIES : GlobeOp Hedge Fund Performance Index and Capital Movement In..
PR
07/12CHALLENGES FACING FAMILY OFFICES : what is holding you back?
PU
07/11BUSINESS PROCESS MANAGEMENT : A journey in 3 stages
PU
More news
Financials (USD)
Sales 2019 4 708 M
EBIT 2019 1 759 M
Net income 2019 419 M
Debt 2019 7 105 M
Yield 2019 0,69%
P/E ratio 2019 39,5x
P/E ratio 2020 29,9x
EV / Sales2019 4,64x
EV / Sales2020 4,26x
Capitalization 14 719 M
Chart SS&C TECHNOLOGIES HOLDINGS, INC.
Duration : Period :
SS&C Technologies Holdings, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends SS&C TECHNOLOGIES HOLDINGS
Short TermMid-TermLong Term
TrendsBullishNeutralBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus BUY
Number of Analysts 14
Average target price 72,85  $
Last Close Price 58,18  $
Spread / Highest target 34,1%
Spread / Average Target 25,2%
Spread / Lowest Target 10,0%
EPS Revisions
Managers
NameTitle
William Charles Stone Chairman & Chief Executive Officer
Rahul Kanwar President & Chief Operating Officer
Patrick John Louis Pedonti Chief Financial Officer & Senior Vice President
C. V. Channagiri Chief Information Officer
Anthony Caiafa Chief Technology Officer
Sector and Competitors
1st jan.Capitalization (M$)
SS&C TECHNOLOGIES HOLDINGS, INC.28.97%14 719
MICROSOFT CORPORATION34.51%1 044 187
ATLASSIAN CORPORATION PLC50.78%32 341
SPLUNK INC31.75%20 745
CADENCE DESIGN SYSTEMS INC.67.71%20 493
SYNOPSYS60.24%20 235