ECHO builds resilience in client I.T. systems
Resilience is a fashionable term in homeland security circles these days. The idea is simple. It’s impossible to predict or plan for every kind of emergency situation. What you can do, however, is to plan for the time after an emergency comes.
If there are structures and procedures in place to get things back up and running, that allows for a faster return to normal. In contrast to the older concept of readiness, resilience focuses on absorbing a blow rather than deflecting it.
One of ECHO’s clients, a financial management firm, was looking to become more resilient. In part, they wanted to get out ahead of SEC regulations and best practices which they knew were going to take some time to comply with. At the same time, they just felt it was good business practice. Creating resilient systems would give clients and investors confidence that the firm had their best interests in mind.
The firm approached ECHO with two concrete goals – securing their I.T. systems against cyberattacks, and building a disaster recovery mechanism. ECHO’s security experts and engineering staff met with the firm’s management and technical staff, crafting a strategic plan which would meet their needs and comply with SEC regulations as well.
ECHO’s system architects then crafted a disaster recovery infrastructure that is both fault-tolerant and scalable, allowing it to grow as the firm’s operations evolve over time. ECHO created a disaster recovery “run book” designed around an automated, system-led recovery process which would get everything up and running less than thirty minutes after an incident. This process will be tested on a set schedule every year, ensuring that any changes in I.T. systems won’t impact its ability to function properly.
ECHO also provides the firm with a 24/7 network operations center, staffed by experts who can be easily reached in the event that a disaster strikes. This off-site support ensures that the firm’s resources are spread out, reducing the likelihood that any one point in the system will fail when recovery time is at a premium.
With SEC guidelines in mind, ECHO also developed a cybersecurity system tailored for the needs of private equity. The system includes intrusion protection and detection services, along with logging and monitoring through the network operations center. In anticipation of future SEC requirements, ECHO also implemented a solution to prevent data loss, supplementing the network operations center’s watchful eye with a security incident response plan.
The firm’s spotless security record allowed it to pass an SEC audit with flying colors, but that’s really only half the story. The firm’s management now has the confidence to pitch its secure systems as a competitive advantage. In an age where we are so dependent on I.T. systems to maintain our records, the firm’s clients can be assured that their information and their assets are secure.