When the pandemic hit the world and people were forced to stay at home in order to stay safe and minimize the number of casualties, a major bank faced serious dilemmas on how to let its floor traders continue their work. Floor traders rely heavily on financial and economic data from various sources. This data is often of sensitive nature and banks do whatever possible to safeguard this and to avoid data breach by users. This is one of the reasons why the security of IT assets is paramount as this is where much of the data resides. So when floor traders could no longer go to their office and desk, the bank had to immediately find ways to make the necessary adjustments to their IT infrastructure in order to ensure business continuity without compromising on their security policies.
Floor traders rely daily on their Bloomberg terminals. The Bloomberg terminal is a computer software system that enables professionals in the financial service sector (and other industries)to access Bloomberg Professional Services through which users can monitor and analyze real-time financial market data and place trades on the electronic trading platform. The system also provides news, price quotes, and messaging across its proprietary secure network.
IT Architecture and Special Keyboards
The terminal implements a client-server architecture with the server running on a multiprocessor Unix platform. Due to the high cost and its sensitive data, these servers are located in a highly secure area to prevent unauthorized access. The client, used by end users to interact with the system, is a Windows application that typically connects directly through a router provided by Bloomberg and installed on-site. Each server machine runs multiple instances of the server process. Using a proprietary form of context-switching, the servers keep track of the state of each end user, allowing consecutive interactions from
a single user to be handled by different server processes. The terminal’s keyboard layout was designed for traders and market makers, are similar to an ordinary computer keyboard, but with several enhancements which help users navigate through the system quickly. Each keyboard has a price tag of around $300.
Raritan KVM-over-IP and IP User Stations
Raritan, a brand of Legrand, and world’s leading KVM-over-IP technology innovator had already been providing their highly reliable and award-winning solution to this major bank prior to the pandemic outbreak. Each of the trader desks fitted with dual displays and Bloomberg keyboard additionally has a Dominion® KX User Station for high performance secure IP access to the Bloomberg servers connected to ultra-fast switching Dominion KX3-808 (DKX3-808) KVM-over-IP appliances via RDP, VNC and SHH. Deployed using standard Cat5 cabling and Ethernet/IP technology, users can simultaneously access, view, and control multiple servers, spread across one, two, or three monitors.
Military Grade Security and Reliability
The Dominion® KX3-808 with Java-free BIOS-level control and Absolute Mouse Synchronization® meets widely used U.S. government security mandates like: FIPS 140-2 certified cryptographic module, smart-card/CAC authentication, two factor RSA SecurID and IEEE 802.1X authentication, as well as IPv6 and AES-256 data encryption. With dual power supplies and dual gigabit Ethernet ports, it is the most reliable and secure digital KVM switch in the industry. In this specific instance, the solution is being integrated to LDAP for central authentication. CommandCenter® Secure Gateway was deployed for centralized login and access to the trading floor.
Trading Floor Benefits
When choosing the Raritan KVM-over-IP and User Station solution, there were a number of both financial and practical benefits:
The moment the pandemic lockdown took place, there was an immediate requirement to get floor traders performing their daily routines as quickly as possible. With social distancing legislation in place, the Raritan KX User Station appliances turned out to be a life-saver for business continuity.
Raritan Made Teleworking Possible
Dominion KX3 User Stations where shipped to trade floor staff home addresses together with mini hardware VPN connecting these user stations to the hardware VPN (appropriate ACL and security functions pre-configured). Given the easy installation, the entire team of bankers could subsequently instantly access their environment as if they were in the office or on the trading floor whilst staying safe. Plus there was no need to buy additional Bloomberg licenses. To ensure security is being maintained, their IT department monitors user activity, access writes etc from audit logs on the KVM switch via Raritan’s centralized system CommandCenter Secure Gateway. With additional access control policies implemented, thereby denying access to certain servers outside of a pre-set schedule.
Other than the relative low CAPEX investment and ensuring the company could ensure staff could safely work from home,the financial benefit has proven to be tremendous. Downtime of business operations could be kept to an absolute minimum allowing employees to continue their contributions to the bank’s growth plans. Without the KVM-over-IP solution the financial impact could have meant a loss of revenue that easily could have been in excess of tens of million dollars.
The other important benefits the Raritan KVM-over-IP solution has given this major bank is that the moment people are allowed back into the office, they can do so without any further disruption. From an employee perspective it also has opened up the opportunity to more frequently work from home should this be desired.