Information Systems 

Fund Management Application

  • We are currently relying on TEA computers PIMS, which is a Real-Time portfolio management and accounting system that handles day-to-day transactions of portfolios. This is the platform which is responsible to calculate the Net Asset Value (NAV) usually this operation takes usually one hour to be concluded


Certificate Holder Application

  • Servfund is aware of its responsibility to be the sole repository for investment certificate holder data.

  • We are relying on ICSS application which is a web-based software application that fully covers Mutual Fund Management investment certifications operations; from tracking IC daily transactions to automatic distribution of dividends to shareholders based on IC holdings.

Network Architecture

  • Network segregation and segmentation: the network architecture complies with the principle of segregation of different networks having different security levels. The segregation applies to all production and test environments.

  • The segregation is implemented at both layer 2 (Ethernet) and layer 3 (routing) by means of VLAN definitions and routing switches with access rules between VLANs.

Integrating Primary and Disaster Recovery Sites

  • The two sites are interconnected by a reliable connection. The bandwidth is upgradeable to 2Mbps, which is the limit imposed by the Internet Service Provider.

  • Seamless Site Switching: Redundancy mechanisms and site rotation/disaster recovery have to be totally transparent to participants. This can be achieved by means of a backup DNS, combined with alternate DNS IP addresses in the participant banks workstation configuration DNS configuration.

Information Security Architecture

Data Exchange with customers

Servfund infrastructure design offers multiple data exchange facility with customers, those methods ensures the full integrity, confidentiality and encryption of transmitted data. The methods are as follows:

  • Site-to-Site VPN tunnel using IPSEC Our security appliance are equipped to enable the establishment of encrypted tunnel between Servfund and any customer providing 1024bit key length of encryption.

  • Secure File Transfer Protocol using SSH to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing passwords and sensitive information from being transmitted in the clear over the network.

  • Secured web portals; Servfund is ready to enable access to customer for exchanging confidential information via a two-factor authentication (RSA secured) portal, the access to portals shall be enabled using security tokens which provides one time password (OTP) that changes every 60 seconds.

Information Security Management

  • Servfund has deployed a hierarchical information security management structure which provides the maximum assurance for the protection of customers’ data.

  • Those tiers are varying from the early employees screening up to a state-of-the-art Information Security architecture with network segregation and a 24/7 logging capabilities.


Information Access Control

  • Access to mission critical application is granted based on a comprehensive job description.

  • All users are requested to fill-in formal user registration for granting them access to all information systems and services.

  • All access are governed to mission critical applications which are governed by top management.

  • All access attempts are logged and reviewed on daily basis.

  • Dedicated employees are granted access to customers’ data.

  • Strong password policies are implemented on all information systems resources.