Smarsh & Entreda: A Shared Vision to Help Wealth Management Firms Meet Compliance and Security Requirements
Today we announced the acquisition of Entreda, a company that provides comprehensive cybersecurity compliance solutions for broker-dealers and investment advisors. Its Unify platform helps firms monitor and address many aspects of digital security in one place, through a centralized, easy-to-use dashboard.
The combination of Smarsh solutions for meeting electronic communications compliance mandates and Entreda’s Unify platform for comprehensive cybersecurity is a natural step forward in our shared mission to help protect our valued customers.
Cybersecurity Risk for Financial Firms
Cybersecurity is the single largest risk facing organizations of all sizes in the financial services industry. Small and midsized firms are especially vulnerable because they are often unequipped to manage the full spectrum of potential security threats across devices, networks, users and vendors. In a business where confidential financial information is being shared and processed, it is paramount to have sufficient safeguards in place to ensure the protection of investor data.
Large financial firms typically have more sophisticated IT departments and technical resources to administer a suite of hardware, software, and policy-based protections. Meanwhile, small and midsized organizations are challenged by the unapproachable economics of piecing together the long list of security solutions needed to achieve industry best practices. Or, they simply don’t implement enough protections, leaving investor and business information at risk.
This can get really complicated for small firms and their limited (or nonexistent) IT teams that don’t have a central way to monitor cyber risk. Their employees may use personal devices that aren’t secure for business or store sensitive files on a hard drive without proper backup or encryption, for example.
The Unify platform is easy for organizations to deploy and provides IT and compliance professionals a unified dashboard view across multiple threat vectors. Designed to address the National Institute of Standards and Technology (NIST) Cybersecurity Framework followed by FINRA and the SEC, the suite has compliance features and reporting that financial services organizations need to fully satisfy their regulatory and security requirements.
Cybersecurity and Compliance Risks
Just a few years ago, I met Entreda’s founder and CEO, Sid Yenamandra. We had a shared interest in the intersection of compliance and cybersecurity for financial firms. Particularly for independent broker-dealers or smaller financial advisors, who have the same duty as large firms to protect confidential financial information, but don’t have comparable resources.
We began to informally discuss these issues together, with customers and with regulators who wanted to see a solution to help businesses address the expanding list of risks. We learned quickly that a solution had to be both affordable and simple to manage, otherwise firms would resist using the tools they needed. It eventually became clear that Smarsh and Entreda were uniquely positioned to offer that solution.
The Entreda product suite comprehensively addresses cybersecurity needs. Smarsh has been serving financial firms with our electronic communications compliance solutions for the last two decades. By combining forces, we can provide one stop for firms looking to simplify and strengthen both electronic communications compliance and cybersecurity compliance.
A Unified Solution for Cybersecurity Compliance
There are plenty of point solutions available to manage individual aspects of cybersecurity — across devices, networks, users and vendors. Entreda provides insight into firms’ vulnerabilities in all of those areas and helps customers strengthen their risk postures accordingly. They don’t have to procure, install and support 10 or more cybersecurity products — each of which can cost thousands of dollars.
A unified dashboard monitors risk down to the individual level. Every employee device can be scanned for security measures such as file backup, data encryption and the use of a VPN, just to name a few. Compliance and IT can set accessibility thresholds that can prevent employees or independent contractors from accessing sensitive information if they don’t meet security standards.
Why It’s Important Today
It’s probably no surprise that recent work-from-home trends have accelerated the need for this type of solution. Not only do the typical threats for any business exist — things like phishing, email fraud or account takeover attempts. But for financial firms, new challenges are becoming more apparent. People are using their personal devices for work at one moment and helping a child with online homework on the same computer the next. If they’re not signed into a VPN, their network connection may not be secure. If they’re using new collaboration tools, that data may not be properly captured and preserved for compliance.
Independent broker-dealers with any number of branches, employees and independent contractors have a duty to make sure that all the devices being used for their business are fully protected. Additionally, these parent companies still bear the reputational and financial risks of compliance. A data breach, even at the individual advisor level, and even from a device that the company didn't issue, is still a liability for the firm. It is in their best interest to make sure that all these professionals are securing their information. Unify offers transparency and peace of mind.
Official announcement of the acquisition and our plans for the future: "Smarsh Acquires Entreda, Leader in Cybersecurity Risk and Compliance Software for Wealth Management Industry"
Share this post!
Archiving and Compliance Blog
Our Blog explores the news, trends and best practices in electronic recordkeeping. It’s about managing and getting value from your electronic communications data. It’s about satisfying legal and regulatory obligations. It’s all about turning compliance liability into business insight.