Setting the 2021 IT Priorities for Your RIA

Most of us will be happy to see 2020 in the rear-view mirror. Despite the challenges, 2020 did provide some clarity for IT priorities moving into 2021. It shone light on some obvious shortcomings and reinforced the need for the average small or midsized RIA to stay on top of emerging technologies.
The good news is that technology really is an equalizer. There use to be a time when being a big firm meant you had access to technology that gave you the upper hand. That’s not the case anymore. What we like to refer to as “enterprise level” IT infrastructure and services is highly affordable and accessible even for a firm with only a handful of employees.
We’ve outlined three things (plus one bonus) that should be your big picture IT priorities in 2021. This isn’t a deep dive into the technology itself, just a high-level overview so you understand what’s out there, why it’s important for your RIA, and why you should be thinking bigger.
There is no reason to be limited by your network, security, or IT tools. In 2021 we encourage you to put the best of the best in place for your firm and get on with focusing on your clients and employees.
Clean up your remote work environment
Some RIAs had a smooth transition to working from home. Others didn’t. Regardless of how easy it was (or wasn’t), 2021 will be the time to step back, evaluate how it all went, and clean up the loose ends.
2021 is also the time to think about making a remote work environment a permanent option for employees. Some people thrive in that scenario, while others will be lining up at the door to get back to the office. Being able to offer options instead of an all-or-nothing setup keeps employees happy and might help you with recruitment and growth down the road.
The top 2 things you should be looking for:
1. Can employees use the apps, files, and data at home like they do in the office?
When you log into your computer at home, it should look and function exactly the same as it does in the office. There should be no additional logins or steps to get to the apps and data you need. In fact, if things are set up properly, logging into your network from any device should give you the exact same experience.
This can be managed with
Simplify but upgrade your collaboration tools
2020 likely put your collaboration tools to a big test. And now you know what got a passing grade and what didn’t. You may even have identified a few gaps that you didn’t know existed until everyone was forced to work from home.
For a lot of RIAs, they turned to 3rd party apps for internal chats, file sharing, and screen sharing to help employees stay connected and work collaboratively. In some cases, these apps work well and make life easier. In other cases, they don’t work well, don’t play nice with the rest of your system, or even threaten your security and compliance requirements.
The top 2 things you should be looking for:
1. What tools are employees using and how are they connecting to your network and data?
Think about every time you download an app on your phone. It asks for permissions to access things like your photos, contacts, files, location etc. Business apps aren’t a lot different.
Every collaboration tool you use is going to require access to some part of your network. Whether its to send messages to clients or access files to share with colleagues, that app is connected to your data and your network. That’s why you shouldn’t be relying on mainstream, consumer-grade apps to run your business. Those apps aren’t built to meet the security requirements of an RIA. Plus, they might not integrate well with the other tools you’re using, and it might be very difficult to archive or audit activity on them.
This can be managed with
2. Can you meet compliance requirements for auditing and archiving activity on your collaboration tools?
The SEC has specific requirements for you to archive communications regardless of how it’s done. So, if you’re using IM tools for example to share information that needs to be archived, then you need to ensure that your apps will allow for that. And it’s not just about the SEC requirements, it’s a best practice for your RIA to be able to create a paper trail for all the communications and file editing your team does. For example, if there are files shared with staff in a OneDrive folder, can you tell for certain what the latest version is, who edited it, or who downloaded it? Do you have an official record of recommendations made to a client via your IM app? Are all these files archived for the right period of time with the right level of security?
Your archiving and data security go hand in hand. And it can be very complex. Some data is highly confidential and should have serious restrictions on how it’s used. Some data needs to be kept for an extended period in order to be compliant. There is a lot to manage when data is everywhere. However, it’s very possible to set up your network so this appears seamless to all your users.
This can be managed with
Move to enterprise-level security (it’s easier than you think)
As an RIA, you require a more complex IT security structure than an average business of the same size. You’re managing several millions in investments for your clients, and the average IT setup for a small or midsized business doesn’t cut it. Enterprise-level security should be your biggest priority for 2021 if you haven’t already gone down this path.
“Enterprise-level” does not mean expensive. In fact, security tools like those from Microsoft are highly accessible and affordable – they simply need to be configured properly for the needs of an RIA. The big thing is you need more than just antivirus and firewalls – the hackers have gotten far to sophisticated for you to rely on just that to protect you.
The top 2 things you should be looking for:
1. Can you prevent data loss?
Data loss happens in a lot of ways. Some of it is intentional, and some of it is accidental. Regardless, the results are the same and could be catastrophic. This is especially the case if the compromised data is private or sensitive in nature like social security numbers or banking information. Loss of this data could lose you clients and credibility and result in action from the SEC.
This can be managed with

2. Are you using the latest advanced threat protection tools?
Today’s threat are a mix of highly sophisticated attacks and old but effective tactics. One of the most fundamental things you can do, is train your employees to recognize things like phishing or websites with malware. However, it’s also important for you, as a business, to do as much as possible to limit the possibility of those employees making an honest mistake. Modern, advanced tools help you close the door to most of today’s threats.

Email is one of the most common ways for hackers to access your network. It’s often (but not always) in the form of a phishing scam, which asks a user to click a link that takes them to a site infested with malware. However, it’s also common for hackers to create very convincing emails that look like they’re legitimately from a colleague, requesting money to be forwarded to a specific bank account or perform activities that give the hacker access to their login credentials. Not all phishing scams have the tell-tale signs of bad grammar and spelling mistakes anymore. They’ve gotten better.
But it’s not enough to just safeguard your email. Every “endpoint” (as we discussed earlier) that has access to you network needs to be proactively managed against those same threats.
This can be managed with
BONUS for the early tech adopters – move to a cloud platform
Not to be confused with running your apps like Outlook and Excel in the cloud (aka a cloud workspace), a cloud platform separates your operating system, data, and apps from any local device. Everything is run on a remote server in the cloud. This has been around for a while but was complex, expensive, and didn’t always provide a good user experience. Today’s technology however makes it possible even for small or midsized RIAs.
A full cloud platform uses virtual machines (VM) which you can think of like a computer in your cloud-based server. These VMs run the operating system, deploy your apps, and store your data so the device you’re working on doesn’t have to. You can have multiple members of your team accessing a single VM to do their day-to-day activities instead of them relying on an operating system, apps, and data being available in their individual devices. The user experience is much the same as it would be for a cloud workspace.
Why would you want to go to a cloud platform like this?
Setting IT priorities for 2021
IT changes constantly. It’s important your IT tools and infrastructure don’t sit still. Your IT team should be on top of the emerging technology that best suits your RIA. And as we said in the opening of this blog, there is very little technology out there that’s exclusively in reach of only those large enterprise. Your RIA can and should have the best the industry has to offer.
If you have questions about any of these priorities or want some advice on how to implement them in your own RIA, we’re happy to help. You can fill out the form on our Contact Us page to get started. Good luck with your IT priorities in 2021.