Dynamo Platform Helps Alternative Investment Firms Comply with the Massachusetts Standards for the Projection of Personal Information (201 CMR 17)

Share Article

Data Security Features of Integrated CRM and Investor Portal Safeguard Sensitive Information

Netage Solutions, Inc., a premier provider of software for the alternative assets industry, announced that its Web-based CRM and investor portal products include robust data security features that help alternative investment firms comply with the Massachusetts Standards for the Protection of Personal Information (201 CMR 17). This data protection law went into effect on March 1, 2010, and requires companies to employ specific administrative, physical, and technical controls to protect the personal information of Massachusetts residents.

201 CMR 17 defines personal information (PI) as the name of a Massachusetts resident in combination with a Social Security number, financial account number, or other data points less commonly tracked by alternative investment firms. The law applies to all organizations that maintain PI, regardless of where they are based. Thus, any hedge fund, private equity firm, or alternative asset manager that manages information about Massachusetts investors falls under its jurisdiction.

To comply with 201 CMR 17, firms must implement a Written Information Security Policy (WISP) that contains appropriate administrative, physical, and technical safeguards. Specific technical requirements include restricting access to records containing PI to those who need such information to perform their job duties; encrypting PI that travels across public networks; and monitoring systems for unauthorized access to PI. 201 CMR 17 also urges firms not to send unencrypted PI via e-mail, and instead recommends using a secure website that requires a unique username and password.

“Because the stringent data security requirements of major alternative investment firms predate Massachusetts 201 CMR 17, the Dynamo™ platform already contained many of the features needed to comply with the new regulation,” said Netage CEO and Co-Founder Krassen Draganov. “We have taken additional measures to enhance our security capabilities, and are confident that client data hosted in our Software-as-a-Service (SaaS) environment is protected around the clock.”

Specific security capabilities of the Dynamo™ platform include:

  • Rules-Based Security – Dynamo’s rules-based security model allows firms to safeguard PI by limiting access only to users that need-to-know. Access to system records can be restricted by their unique properties (e.g. field values) or by user group (e.g. the investor relations team).
  • Audit Trail – The Dynamo™ Audit Trail automatically maintains a complete history of system changes, including when records were edited, by whom, and what fields were edited. Users can monitor changes to subsets of records (e.g. their clients) with a News Feed on their homepage.
  • Physical Security – The hosting facility where client data resides includes physical features, such as unmarked buildings, bulletproof walls, security cameras, biometric palm scanners, on-premise guards, visitor screening and escort, locked cages, and sophisticated key management.
  • Encryption & Network Security – All information stored in Dynamo™ is securely transmitted using state-of-the-art encryption technology. To prevent against external attacks, Netage servers are protected by the latest anti-virus software, as well as a redundant firewall with built-in intrusion detection functionality.
  • Application Security – Dynamo™ administrators control password requirements at the firm level, but cannot see individual passwords, which are encrypted. User accounts are automatically locked after three unsuccessful login attempts, and can only be reactivated by an administrator.
  • Secure Investor Portal – With Dynamo™ Online Reporting, firms can avoid sending PI via e-mail by uploading sensitive documents (e.g. statements, capital call/distribution notices, and tax documents) to a secure portal. In addition to requiring a secure login, the portal safeguards information with document watermarking, copy/print disabling, and password protected PDFs.

201 CMR 17 Resources
The Complete Law: http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf
Frequently Asked Questions: http://www.mass.gov/Eoca/docs/idtheft/201CMR17faqs.pdf
Compliance Checklist: http://www.mass.gov/Eoca/docs/idtheft/compliance_checklist.pdf

About Netage Solutions
For more than a decade, Netage Solutions, Inc. has been the premier provider of CRM software and online reporting systems for the alternative assets industry, including private equity and venture capital firms, hedge funds, real estate investment firms, funds of funds, prime brokers, and institutional investors. Intuitive and highly configurable, the Dynamo™ Suite has improved the productivity of deal, research, and investor relations teams worldwide. Collectively, our clients manage nearly $400 billion in assets. For more information, visit http://www.NetageSolutions.com.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ed Hadley
Visit website