SC Magazine diversity ICMCP

The MIAX Security team was honored to be a case study on deploying a real-world, fully integrated Privileged Access Management solution.

The MIAX Options Exchange needed more than a way to appease regulators, it also required security assurance. Greg Masters reports.

Show me the money! Well, for the MIAX Options Exchange, it’s all done electronically and under the supervision of a management team that includes several former top executives from Nasdaq and other exchanges.

The options trading exchange was approved by the SEC on December 3, 2012 and commenced operations four days later as the 11th U.S. equity derivatives market. But as part of the approval process to open as a national securities exchange, it had to satisfy a multitude of security criteria expected by regulators. Auditing and logging were two critical requirements. It needed a way to perform full keystroke logging of any activity on its critical systems while ensuring high availability and near-zero performance impact for the hosts.

The MIAX Options Exchange now accounts for more than eight percent of the national market share, and with a major equity rights deal early in 2015 with seven major firms, including Citadel Securities and Morgan Stanley, it is predicting to triple its market share. It now lists and trades options on more than 2,300 multi-listed classes and its system throughput is in excess of 38 million quotes per second with an average latency for a single quote being 15.89 microseconds.

The MIAX executive offices, technology development center and national operations center are all located in Princeton, N.J. Additional executive offices, as well as a multipurpose training, meeting and conference center are now being developed in a state-of-the-art facility in Miami, where it intends to locate its equities sales, membership, marketing and listing operations.

Recent growth and expansion into other business ventures mandated that it expand its privileged access management capabilities to enterprise password management, says John Masserini, CSO at the MIAX Options Exchange. “We needed to provide regulatory assurance of total separation of the technical and operational environments. We also saw this as an opportunity to enhance the entire privileged access management process – and enable auditability for the separation of our technical and operational various environments.”

Read the entire article:

Copyright © 2002-2024 John Masserini. All rights reserved.


Leave a Reply

Your email address will not be published. Required fields are marked *

Chronicles of a CISO