Blog Post Banner Image
22 June 2020

Compliance and Technology: Restoration Tips Post Covid-19

By Shana Bruner

Webinar: Compliance and Technology During and After COVID-19

The adversity no one saw coming has raised many questions for RIAs, most commonly:

  • Are our business continuity plans robust enough to cover an extended pandemic?
  • Can we meet compliance obligations with everyone working from home?
  • How do we secure sensitive client data from cybercriminals outside the firewall?
  • What will our workplaces look like when we’re finally allowed to return to them?

A panel of experts explores these questions more in-depth in our recorded webinar, Key Compliance & Technology Considerations During and After the COVID-19 Pandemic. Moderated by Caleb Diaz of compliance consultant Focus 1 Associates, and kicked off by SS&C’s Lisa McLaughlin, Vice President and Security Executive, the panel discusses not only how to deal with the immediate impact of work-from-home orders, but how firms might want to rethink many practices as business emerges from the crisis. The discussion focuses on four key areas:

Optimizing and securing the virtual office: Tom DeMayo, a principal in the cyber risk practice at accounting firm PKF O’Connor Davies, discusses a wide range of issues arising from the sudden shift from offices to home-based work. Before the crisis, many firms had adopted technologies that enabled remote work, but these were never intended to serve as a full back-up to the workplace infrastructure. Meanwhile, compliance obligations, particularly those pertaining to protecting clients’ personal data, have not gone away. Tom delivers practical guidelines for managing everything from video conference security to bandwidth limitations, vendor oversight and increased helpdesk volume.

Cyber-criminal tactics: As Lisa explains thoroughly, bad actors have had a field day capitalizing on the fears and uncertainties created by the pandemic. FBI cybercrime reports have shot up from 1,000 to as many as 4,000 per day, and malicious emails have reportedly increased more than 600%. Thieves are targeting the at-home workforce with phishing bait, ranging from fake stimulus checks and contract-tracing notices to offers of cheap masks, vaccines, and testing kits. Lisa details these tactics and threats so that firms can warn and train employees on what to expect and how to react.

Redefining the landscape: The network perimeter as we’ve known it no longer exists. As Tom explains, organizations must shift their security focus from perimeter firewalls to application, user and endpoint security. Firms must evolve toward a “zero trust” model, with solutions for identifying and verifying every device and user that attempts to connect with the network. Firms should use the pandemic as a “teachable experience,” prompting a reevaluation of business continuity and disaster recovery plans and how they can be improved for the future.

Planning for restoration: There are a variety of business reopening scenarios regarding what firms are likely to face. For example, many firms are already talking about hybrid remote and onsite working models and will need to adapt their technology accordingly. Cloud and mobile computing will likely see a surge as firms don’t want to be caught unprepared by another sustained disaster. Office spaces may not be conducive to social distancing, which may require workforce rotation. Firms may want to invest in intelligent technologies like robotic process automation (RPA) to perform routine tasks so that fewer people are needed in the office.

The key takeaway is that firms have an opportunity to come out of this crisis in a stronger position, from an operational and compliance perspective, than they had going in. Watching this webinar is a great starting point, with valuable advice on how to manage the current crisis as well as how to be better prepared for the inevitable next time. For more information from SS&C please visit our Resource Center.