Secure Remote Access: Why It’s Important and How Your Investment Firm Should Do It Right
COVID-19 forced SEC and FINRA registered firms to transition their employees to a work-from-home policy. BCPs were put to the test in real life.
Why Remote Access Is Necessary for RIAs and Hedge Funds. These seems pretty obvious. The world is closed but markets are still open. IT Administrators are under increasing pressure to provide access to individuals who can’t access firm assets physically. Remote access is especially concerning for those of you who have custody of physical access or connections to trading platforms capable of making trades.
How to Ensure Secure (Secret) Remote Access to Your Firm's Critical Infrastructure.
RIAs and Hedge Funds should lay the groundwork for secret remote access by not enabling remote access by default. This means that firms need to view remote access as the exception, not the rule.
Those working to ensure secure remote access should consider leveraging guidance such as NIST SP 800-82. These standards can help firms designate which systems need remote and how to secure that access with 2 factor authentication (2FA).
2FA is the biggest deal here!
Use it or lose it!
I don't care if you use RDP or Teamviewer or RealVNC. USE 2FA. It solves a lot of problems.