The following article originally appeared in Hedgeweek and was written by James Williams.
The modern-day hedge fund typically consumes vast amounts of data and leverages its IT providers for next-generation tools and analytics to keep it at a competitive edge.
And whereas the private cloud was deemed an ideal environment in which to run hedge fund activities, the pace of innovation in the public cloud arena, the inherent scalability it offers, and the vast army of technology professionals at its disposal mean that hedge funds are now questioning the virtues of using private cloud managed services providers.
“One thing we’ve witnessed over the past year is that organisations using private cloud offerings have been challenged,” comments Vinod Paul, Chief Operating Officer of Align. “The biggest issue is their demands aren’t being met because the pace of innovation isn’t happening as quickly as in the public cloud.”
An existential choice
John Araneo, Managing Director at Align, brings a legal perspective to the current public versus private cloud debate and looks at it through the prism of regulatory compliance. In his view, some MSPs are facing an existential question: Do they let go of the past and embrace this new frontier of the public cloud which requires a different business model or not?
“Over the past seven years, a lot of MSPs have built private clouds and face legacy problems. We’ve definitely seen a lot of dominant players who have invested in their own private cloud begin to lose pace with those MSPs who have embraced the public cloud,” argues Araneo.
As hedge fund managers scrutinize their operating expenses, the ability to pivot from the unknown, variable costs and significant ongoing fees for management, administration, labor, etc., that come with the private cloud, to a more reliable, fixed cost arrangement where they pay only for the services they use, is hugely attractive. Private cloud providers must factor in future growth, future upgrades and all the other non-tangible costs such as more rack space, air conditioning in data centers, employing more people and so on; those costs eventually lead to higher prices that the client ends up paying.
Michael Merrigan is the Founder of Shadmoor Advisors, Inc., an ODD specialist in the alternative fund industry. He confirms that Shadmoor recently appointed Align as its new MSP and public cloud provider. Although Shadmoor is a boutique consulting firm, its existing and prospective clients expect Shadmoor’s IT infrastructure to be on par with that of its most sophisticated clients and the investment managers it completes ODD upon.
“We met the folks at Align and quickly realized they had a lot of expertise across a variety of IT subject matters, including cybersecurity. I felt they would be a highly capable IT partner as Shadmoor’s business continues to grow along with the complexity of our IT requirements,” says Merrigan.
Lack of innovation change
Paul confirms that the biggest frustration with the private cloud based on conversations he has with portfolio managers is that the legacy providers are not changing quickly enough.
“The market has understood that the public cloud is the future. How do you embrace that when some legacy MSPs have invested a great deal into the private cloud? It’s not easy for private cloud MSPs to swing over to the public cloud that quickly. And that is the biggest challenge I’m hearing from CFOs and CEOs,” says Paul.
There are myriad of legacy problems being faced by those using private cloud platforms. Not only are there limited cybersecurity features because MSPs have limited capital and human resources to deploy, but users have no control or authority over critical data and systems. Additionally, they have problems accessing documents on the network using public WiFi when travelling, they have limited innovation to draw upon and typically, they suffer from sporadic outages, potentially having a significant dollar impact on their trading strategies.
On the outage problem, Paul comments:
“The public cloud offers tremendous elasticity. If you use a private cloud, typically you will be tied to two or three data centers. The public cloud allows you to transfer data and workloads from data centers across the globe. There is no data center dependency with the public cloud; it gets taken out of the equation and gives you scalability without added cost.”
Access control
He says that lack of control over accessing data is one of the key complaints Align hears from organisations who switch to its public cloud platform.
“Some service providers are holding hostage data and servers on the private cloud. We do not share common systems or hardware across multiple clients; there is zero dependencies between clients. They operate as a single tenant. If they want, in the future, to take ownership in-house, it’s a straightforward process,” adds Paul.
A large part of ODD relates to cybersecurity but also disaster recovery and business continuity. Investors want complete reassurance that the manager has sufficient controls in place to deal with unforeseen outages and continue trading as though it is business as usual, at no cost to the strategy. 
When speaking to investment managers, Shadmoor’s Merrigan feels there are two key areas that are causing investment managers to be more open to use of the public cloud than ever before.
“One is that in the private cloud there can be limited processing capacity. For example, if a small investment manager is running models that include data sets of an enormous size, you cannot do that easily under that configuration; the infrastructure you would need is simply too expensive to build and maintain. The flexibility to use that processing power only during the time you require it and for the capacity that you require is undeniably compelling. It’s leveling the playing field from an investment perspective, for smaller investment managers using quantitative strategies.”
“Secondly, concerns around data security that existed several years ago have been increasingly addressed to the satisfaction of the end users. What was once largely a consumer market has grown exponentially due to the embrace of the business and government sectors, and increasingly, the financial services industry,” opines Merrigan.
Cybersecurity ~ Perimeter complacency
Cybersecurity is another key differentiator between the private and public cloud.
Simply put, Microsoft, Amazon and Google have the depth and breadth to employ the best cyber specialists in the business. They have limitless resources and greater economies of scale with respect to workforce and innovation development that no private cloud provider can ever hope to compete with.
This instantly removes the threat of ‘key man risk,’ which many private clouds have to contend with, given that their technology teams are that much more limited. If a lead engineer leaves, it can have a detrimental effect on the perceived client experience.
“The fact is, every day thousands of hackers are pounding the public cloud providers,” says Paul. “The layers of protection they have put in place cannot be matched by any private cloud provider. AWS and Microsoft seek out the best cybersecurity professionals and pay them well because they regard them as an integral part of their business.
“Another issue is something referred to as ‘perimeter complacency.’ Some MSPs believe that if everything remains in the internal network, then it must be secure but this is not the case with the public cloud. They are looking at security internally, externally, and give full 360-degree consideration to evolving threats. Also, the public cloud is able to perform constant vulnerability and penetration tests, at all points in time, not just once or twice a year, which might be the case with a private cloud MSP.”
Araneo believes that a multi-disciplinary approach is needed to keep on top of cybersecurity.
To achieve pure cybersecurity compliance is not unlike conducting an orchestra, as to accomplish this, one must create a working harmony among otherwise dislocated elements, such as emerging technologies, prevailing security standards, evolving threat vectors and active workflows. It’s a multifactorial challenge that requires an active, dynamic response.
“If a new risk alert gets issued by the SEC and a new prevailing threat is identified,” says Araneo, “the public cloud is able to respond quickly. There’s an element of passive innovation whereby the end user knows they can benefit from huge cyber/IT resources and collaborative tools in the public cloud.”
With all the challenges related to cybersecurity, from a regulatory standpoint through to myriad real-world threats affecting the modern investment manager, the public cloud has been able to innovate cybersecurity features and tool-sets that constantly evolve as part of the overall solution.
“Align is a key partner of ours. Now we are in an excellent position and better poised to scale our business. That’s the key difference between using the private cloud and the public cloud. We can address our clients’ needs, not just today but tomorrow,” adds Merrigan.
So what does this mean for the private cloud, going forward?
“I think we are on the cusp of a new frontier of the public cloud and what it means to investment advisors; not just from an IT perspective and how it provides a construct from which operational cybersecurity controls can be built upon, but also that they are no longer tied to a legacy system that no longer holds muster,” suggests Araneo.
Paul concludes:“I think hedge funds of all shapes and sizes are shedding the false of security they once had with their legacy IT providers.”
For more information about Align's award-winning Managed IT Services, please contact our IT and cloud specialists today.
