Follow on Google News
News By Tag
* Finra And Sec Compliant Backups
* Broker-dealer Data Archiving
* Broker-dealer Disaster Recovery
* 17a-3
* 17a-4 Bcp Sec
* More Tags...
News By Location
* Ontario
  Canada
* More Locations...

Country(s)
United States
Australia
India
Hong Kong
England
China
- - -
More Countries


Industry News





March 2025
MoSuSaFrThWeTu
321
February 2025
28272625

Follow on Google News

A Practical Disaster Recovery Guide for Small Broker-Dealers

I often ask customers, “If your office burned down to ashes, what would you do?” This particular question is aimed to get the DR juices flowing and help paint a complete picture of the worst case scenario. SEC and FINRA are looking for a plan.
By: AdvisorVault.org
 
July 20, 2010 - PRLog -- Disaster Recovery (DR) for Small Firms
By Allan Lonz, AdvisorVault.org

As a backup provider to independent securities firms, I often ask customers, “If your office burned down to ashes, what would you do?”  This particular question is aimed to get the DR juices flowing and help paint a complete of the worst case scenario.  In reality though, answering this question is not easy, but  as members of FINRA regulated under the SEC broker-dealers must create a Business Continuity Plan describing in detail how they will respond to events that significantly disrupt their business.

For larger brokerages this is not a problem and a clear method exists for them: assign the proper resources to build a secondary DR site that replicates critical systems at the main office. Then in the event of a disaster simply failover to this pre-configured infrastructure and continue operations as normal.

But for small broker-dealer firms (BD’s) the above scenario is just too costly. While they must meet the same demands of their larger counter parts, independent BD’s simply lack the budgets and expertise to build and maintain their own secondary DR sites.

For example, a typical small securities firm may have an email server such as Microsoft Exchange, a centralized file server for shared documents as well as various databases, perhaps QuickBooks or other applications. A method must be established to recreate these systems elsewhere and promptly restore the current data sets. Best practice is to have this accomplished within a 48 hr time frame and to have this data available to employees.

At the other end of the scale are those firms who host critical systems with thirds parties. In this case they could run their email server with a provider and will have virtually no difficulty in the event of a major failure at head office. Employees simply need to go do different computers and access email as if they were at head office, either from home or temporarily from an internet café.

Thankfully, the various methods of using technology gives small firms a great degree of flexibility when creating their DR plans. But three methods exists for small firms to achieve the required data compliance demands surrounding the.


Three Recovery Methods for Small Firms:

Three viable options exist today for small firm to achieve today’s data compliance regulation surrounding DR.

1. Virtual disaster recovery
2. Recover to a branch office or the home of an employee
3. Use the Small Firms Disaster recovery program

Virtual Disaster Recovery:

Virtual disaster recovery is a relatively new method for small firms to achieve the same level of DR as larger firms. This is accomplished without the upfront investment in hardware or a secondary site. It is called virtual for two reasons. Firstly, when a customer declares a disaster the virtual disaster recovery provider creates the site immediately. Then once the DR site is up, current data is restored. Access to the data at the virtual DR site provided through the internet. It is not an actually physical site where employees occupy during the disaster.

And secondly, virtual server technology is used by the provider so that they can keep cost down.  By using one physical server to host several of its customer’s servers virtually, they essentially make a replication of a customer’s physical hardware using virtual software technology.

The advantage of using the kind of recovery strategy is that a replication of some or all of the brokers systems can be created quickly and on-demand at the time of the disaster. The provider does not charge its customers anything until the disaster is declared.  Usually costs are only incurred in the event of a disaster and the space is only for a short time while head office is rebuilt. Once the systems resume virtual DR site is shutdown and the head office functions as normal.

On the downside, the success of a virtual disaster recovery strategy depends highly on the skills of the provider and their failure to fully understand the recovery of their customers systems will greatly impact its effectiveness. Thorough testing must be done ahead of time to ensure smooth recovery during a disaster. Virtual disaster recovery is also a service combined with a remote backup product and the same provider usually must be used for the virtual disaster recovery as the one performing the remote backup of data.

Branch Office or Home of an Employee:

In many cases a small firm can simply setup their disaster recovery site at branch office or at the home of an employee. This is probably the simplest method for providing failover in the event of a disaster. But DB’s must be careful and select a site geographically separate from the main office. They must also ensure this secondary site has the proper amount of space, power and internet connectively to accommodate critical systems.

The success of this strategy depends on the complexity of the IT systems at head office. If a firm is using an internal Microsoft Exchange server for email, the amount of expertise to reconfigure this type of complex system can slow down recovery in the event of a disaster. Even setting up a replacement file server can be difficult and requires an amount technical expertise.  Very few small firms have these capabilities available during a disaster. However a BD can spend time testing this kind of recovery scenario at the branch or home office very easily and can increase the chance of success they will have if a disaster is declared.

Small Firms Disaster Recover Program:

This program created by FINRA is a good option for firms that don’t what to rely on the Virtual disaster recovery option or do not have a second office use. Essentially it allows firms to choose a pre-established partner firm unaffected by the disaster and use each other's office during the recovery process.

This is an excellent way to keep the cost of DR low because firms will simply provide a backup to each other as an always ready recovery site. The key to this method is choosing the right partner. For example, they msut be geographically separate and have the means to support access to critical systems. And in some cases data will need to be restored to the partner firms systems during the disaster. Access to this data must be made possible and ensuring a partner firm has the available systems will be key. For example, data critical for restore in the event of a disaster may include customer files, databases and emails. A good level of expertise will be needed to make sure this recovery process is successful to the partner firm’s office.

Summary:

Disaster recovery is a critical component of a broker-dealers business continuity planning process. As members of FINRA regulated by the SEC ensuring the recovery of critical systems and data is paramount to achieving these main compliance demands. In he end the goal is to successfully pass regular SEC audits as well as maintain customer confidence. An effective DR strategy lays the foundation to achieve this goal. Today, small firms face a unique challenge ensuring they meet these demands because they lack adequate budgets and in-house technical expertise.

While they need to achieve the same level of recovery as larger firms in the event of a disaster they have three options available to accomplish this. (1) Virtual disaster recovery, (2) Using a branch or home office, (3) the FINRA Small Firms Disaster Recovery Program.

By choosing one of these methods Small firms have an effective method to achieve today’s business continuity planning requirements simply and inexpensively. However picking the right option depends on the kind of technology used, the availability of secondary DR sites as well as the expertise needed to restore complex systems and their related data.

Contact info:
Allan Lonz, President
http://www.advisorvault.org
1-866-925-1941
alonz@advisorvault.org

# # #

AdvisorVault - A FINRA designated storage provider that helps small broker-dealer firms achieve the requirements of 17a-3 & 17a-4, simply and inexpensively. The TURNKEY solution includes secure remote backup, long-term archiving and disaster recovery.
End
Source:AdvisorVault.org
Email:***@advisorvault.org Email Verified
Tags:Finra And Sec Compliant Backups, Broker-dealer Data Archiving, Broker-dealer Disaster Recovery, 17a-3, 17a-4 Bcp Sec
Location:Ontario - Canada
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
Page Updated Last on: Aug 17, 2010
AdvisorVault News
Trending
Most Viewed
Daily News

Most Viewed
Daily News

Jul 20, 2010 News



Like PRLog?
9K2K1K
Click to Share