Did you know that Porfolio BI is an institutional provider of MSP and MSSP (Security) services? With its ‘Follow the sun’ (24/7) service model and in-house cybersecurity offerings (EDR/XDR, SIEM, SOC team, AI offensive testing), it competes with some of the best in the industry.
In this article, Jonathan White, CEO of Portfolio BI, explores the most common gaps and misconceptions fund managers encounter when evaluating or engaging managed IT services.
Drawing on direct conversations with industry professionals, he highlights five key observations that reveal a disconnect between perceived and actual cybersecurity readiness, underutilization of Microsoft’s enterprise security tools, and a widespread tendency to undervalue IT as a strategic function.
From inadequate multi-factor authentication practices to the risks of relying on a single provider for both IT and cybersecurity, Jonathan presents a compelling case for rethinking how IT is managed across the fund management ecosystem. He also underscores the importance of dedicated client relationship management, not just ticket-based support, and outlines what a truly institutional-grade IT and cyber program should look like.
As firms scale and investor scrutiny intensifies, the article serves as both a warning and a guide for managers seeking to future-proof their operations through smart, responsive, and secure IT partnerships.
Jonathan initially notes: “What strikes me is how many managers rely on the implied security of the cloud platforms (read Microsoft), and don’t fully understand their firms’ cyber stance.”
.
1. Fund managers are not utilizing the full potential of their Microsoft E5 license
While most corporate tenants are set up adequately, many fall short when it comes to establishing end device security policies and mobile device management, which are both crucial parts of protecting your organizations data.
The Microsoft E5 license is powerful and has many security controls available, but these controls are useless if they are not configured or are configured incorrectly. Advanced Next gen tools such as Entra ID, Microsoft Defender XDR, Defender for Cloud and identity are a few examples of solutions that can keep your systems safe and secure – when properly utilized.
.
2. Lack of proper multi-factor authentication (MFA) implementation
MFA is the ‘biggest bang for your buck’ in the world of cyber and should be properly established for all manager employees, with no exceptions. Firm founders are the VIP users of technology but are also the highest-level targets of bad actors.
A small ‘inconvenience’ in authentication translates to a huge improvement in security. However, not all MFA methods are created equal – it’s recommended to avoid SMS-based authentication, as these are more vulnerable to attacks. Instead, configure MFA through a secure authentication app for maximum protection.
.
3. The misconception that “IT is a cost; it’s commoditized and brings no value.”
Many fund managers view IT as a commoditized expense rather than a strategic asset. However, lack of responsiveness, lack of proactive service and concerns around security are all frustrations that arise without proper IT infrastructure.
As a SaaS and IT provider, we service clients across the entire data spectrum, helping build future-proof cloud strategies, helping with the adoption of AI, and advising managers more broadly about how they should build to remain competitive.
We help our clients along every step of their journey, regardless of firm size. Whether it’s a two person startup or a global fund with hundreds of users looking for the latest security and AI solutions, PBI can help.
.
4. No dedicated client relations management
While managed IT is built on automated support tickets, processes and SLAs, it’s essential to ask:
- Who do you regularly communicate with?
- Who serves as the main point of contact for your relationship?
- Who guides you through best practices and identifies areas for improvement?
At a certain point, the dedicated service of a small boutique provider becomes unsustainable, and the proactive approach expected in the industry begins to fade.
.
5. “Our Managed IT partner does everything, including our security policies and pen testing.”
Would you ask your fund administrator to audit your books and records? The same principle applies here. Investors are increasingly scrutinizing these conflicts of interest.
While a one-stop IT partner may seem convenient, it’s important to understand what a true Institutional IT and cyber program should entail.
.
Portfoio BI: Flexible, responsive, agile
At Portfolio BI, we believe that managed IT services should deliver the institutional standard of what’s expected, as you would expect from the in-house model. Flexible, responsive, agile and without the back and forth about what is and is not in scope.
IT is complex, most managers outsource the function for a reason, they’re seeking scale without building an in-house team. In a world of choices, it’s important to gain the trust that your provider will be able to support you long term, and help you evolve in an ever-changing world.
.
Key takeaways
To truly future-proof their operations and meet institutional expectations, fund managers must reassess their IT partnerships with a sharper focus on security, scalability and service – now is the time to engage a provider who can deliver more than just the basics.
Get in touch to find out how we can support your business.
