Security - From the Ground Up

Protecting the information and intellectual property of our clients is a principal objective of Beacon’s products and services. As a cloud-native platform, Beacon has invested in leading security measures at every point of the platform’s development, deployment, and operations.

Move to the Cloud With Confidence

Our comprehensive cloud infrastructure, financial engineering tools, and transparent source license are innovation accelerators, enabling quantitative developers to securely integrate with existing systems and build, test, and deploy cloud-native financial services applications with confidence.

Challenge

Security in the cloud has some different challenges from security in data center or on-premise operating models – protecting data and intellectual property while getting the full benefits of cloud infrastructure and elastic compute capabilities

Solution

A security model with two elements that span product planning through client operations, and work together to deliver the highest levels of protection:

  • Secure software development lifecycle process, based on DevSecOps methodologies
  • Shared responsibility model for cloud infrastructure and operations with secure installation and isolation of each customer’s operating instances

Result

Segregated and controlled cloud infrastructure that forms the backbone of our platform, delivering the security, scalability, speed, and connectivity financial services firms need to build differentiating strategies and develop a competitive edge

Build Securely

DevSecOps (Development, Security, Operations) is a combination of culture, processes, and technologies that treats security as an integral part of and shared responsibility throughout the entire software development lifecycle.

Beacon’s DevSecOps processes are supported and automated by the company’s integrated development environment (IDE), which is based on Visual Studio Code (VSCode). Standardization and automation of development and deployment workflows enhances compliance with best practices, company controls, and regulatory requirements.

Benefit From the Protection Of:

By providing an enterprise-class developer experience with robust controls, we ensure that data, code, and intellectual property are always protected, so developers and quants can focus on building differentiating tools and strategies.

Cloud Infrastructure and Operations:

Powerful, Sophisticated, Integrated

Beacon Cloud follows the shared responsibility model between cloud provider, Beacon, and customers that leverages the capabilities and resources of each participant to deliver effective security coverage. Cloud infrastructure has been certified and is in use by major organizations around the world, including for data and workloads covered by stringent privacy and confidentiality regulations and top-secret classifications. Data is protected by encryption at rest and in transit, with client-specific and managed keys.

Each Beacon instance is installed directly into a customer’s own cloud account, virtual private cloud, or as a segregated but Beacon-managed domain. Security of each instance is delivered with a layered architecture that provides consistent installation, access controls, data protection, and automated processes. Customers are responsible for the security aspects of their individual and isolated instances, such as user roles and identities, data flow, and custom development, using a combination of Beacon components and existing corporate security processes and tools. This includes:

  • Management of and authentication against preferred identity and access management system
  • Design and security of data flows to customer-hosted or external data sources
  • Additional firewall, virus scanning, and other security technologies and processes
  • Security of custom code, leveraging Beacon’s secure software development life cycle tools
  • Beacon may take on additional Client Responsibilities as part of a Managed Hosting Services Agreement

Beacon is responsible for the virtual machine images, code, containers, data encryption, and some configurations within the cloud infrastructure that each customer uses in their individual, isolated Platform instances. This includes:

  • Security-by-design coding practices, including digital signatures to securely identify binary images 
  • Customers control when to pull updated images into their specific instance
  • Standardized container, operating system, network, and firewall configurations
  • Multi-package support to add new capabilities without risking core functionality
  • Encryption of data at rest and in transit with secure storage of keys and access tokens
  • Centralized monitoring, logging, and alerting tools
  • Beacon may take on additional Client Responsibilities as part of a Managed Hosting Services Agreement

The cloud provider is responsible for security of the cloud infrastructure, including physical equipment and locations, identity and access controls, and the software that delivers the compute, storage, database, and networking functionality. This includes:

  • Physical and environmental security and access controls of cloud data centers and facilities
  • Identity services that securely manage and control access to cloud resources
  • Visibility and control of where data is stored and workloads are processed
  • Privacy and confidentiality of data, including key management and encryption 
  • Security audits and third-party validations of the cloud operating environment

Discover the Power
of an Open, Cross-Asset Platform

Confident in the security and flexibility of our cloud infrastructure, our capital markets clients are maximizing the power of their full technology stack while building industry-leading applications, analytics, and reports, and scaling securely in the cloud.

Cloud Infrastructure

Gain the security, scalability, speed, and connectivity needed to build differentiating strategies and develop a competitive edge

Developer Experience

Supercharge developer productivity with an open and customizable code base, a collaborative suite of tools, and a robust, controlled production environment

Applications

Cross-asset trading and risk management applications with a transparent code base, integrated analytics, and an underlying suite of financial data models

Our Security in Action

News and perspectives on how our security build confidence while enhancing productivity and speeding time to market for financial services firms

Resilience: the capacity to recover quickly from unexpected events or challenges Resilience is a critical attribute of financial systems. There have certainly been no shortage

The release of ChatGPT by OpenAI late last year has taken the world by storm. Enterprises around the world have seen the tremendous potential of

Very few companies want to maintain their own computers—it’s just not part of their competitive advantage. Eventually the cloud came along and made it feasible