Red Deer Connected Surveillance

Description Permissions Security & Compliance

Red Deer combines your market abuse and communications monitoring in one responsive system, increasing coverage and accuracy, improving confidence, and saving you time.Combining trading, communication, market events and news in one simple stream means faster resolution and a simpler workflow with lower impact on your investment team.Adaptive rules and parameterised filtering, tailored to the specifics of your business, and a combined feed of your firm’s data all combine to deliver better accuracy, coverage and future flexibility.

Permissions

Red Deer Connected Surveillance will be able to do:

Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.

General

Privacy & data governance

Data retention policy

Red Deer must ensure that all data that is required for normal business operations, or could be requested for examination by regulatory bodies is securely retained and accessible on request. What to keep Red Deer discourages the retention of personal data for longer than required. Considerable amounts of data are collected on staff and clients, both current and historical. However, once a member of staff or client association with Red Deer terminates, it will not be necessary to retain all the information held on them. Some data may be kept for longer periods than others. In general, electronic records containing information about clients and individuals associated with Red Deer will be kept 5 years beyond termination of association. In the case of Staff this would typically include information such as name and address, DOB, salary, position etc. Client information may include statements of account, contract notes, subscription documents etc., and we would also expect to hold information relating to individual financial transactions, third parties such as trading partners, etc.

Data archiving and removal policy

Disposal of data In the relatively short history of corporate electronic data retention, earlier default policies have been straightforward - if in doubt, delete it. This is no longer a satisfactory strategy, as statutory requirements may require Red Deer to provide records of associations and transactions under threat of legal action. Therefore, our policy is to securely store data for a period of 5 years or until it has been confirmed that such data are no longer required. Such confirmation will be initiated by the COO, coordinated by the compliance group and Security Officer and implemented by the IT group. Clients of Red Deer may request the deletion of their data from time to time, approval of such requests will be subject to any individual agreements with the client and internal Red Deer compliance sign-off. Data, in particular personal, data must be disposed of in such a way that protects the rights and privacy of data subjects, and care must be taken to ensure that appropriate security measures are in place for the deletion or disposal of this data. We must ensure that all media are considered and accounted for whilst removing equipment from active service. Not just hard drives from redundant servers, desktops, and laptops should be wiped, but also PDA, Blackberries, and various removable media devices such as USB flash-ram, floppy drives etc. Data backups on tape Drives must be held in secure locations off- site and erased as part of a defined tape reclamation schedule.

Data storage policy

Confidential and highly-sensitive data must be either encrypted whilst stored or secure storage is used to accommodate such data within Red Deer. Data encryption is a preferred way of storing data (over secure storage) and must use strong encryption algorithm without known weaknesses. Backup and Restore All backups and restores are performed in accordance with the Red Deer Backup Procedures and must follow the same encryption standards as the original copy of the data. All data that leaves the premises in the form of backup media is encrypted and can only be read with the necessary encryption key. Please see the relevant Secure Encryption Standard document and research external resources, such as http://en.wikipedia.org/wiki/Strong_cryptography, for definition of strong encryption algorithm (AES256 is an example of a strong algorithm). Non-sensitive data (i.e. data which is not classified as confidential or restricted) can be stored in clear text format and managed using insecure storage within Red Deer. Redundant Storage Data must be stored in such a way that it can be accessed in the event of failure or user error with minimal disruption to Red Deer operations. Files/Data must be stored on technology that can deal with physical failure of one or more computer components; i.e. RAID Implementation, Cluster services, database replication, Distributed File Systems etc. As our preferred cloud services provider, Amazon offer a number of highly available storage solutions, such as Amazon S3 (object storage), Amazon Glacier (archival, including WORM archival) as well as Amazon EFS (block storage).

Data center location(s)

Ireland

Data hosting details

Cloud hosted

Data hosting company

AWS

App/service has sub-processors

Certifications & compliance

Security