How finance companies can stay secure with confidential computing

Cloud computing has transformed financial organisations and their IT infrastructure. With cloud technologies like ScaleXP, organisations can access computing resources on demand, allowing them to offload costs and the effort required to set up and manage their own on-premises infrastructure, improving agility and business value. As more finance companies adopt cloud services into their technology stack, data security in the cloud is vital.

Moving financial workloads from an on-premise setup to a public cloud infrastructure introduces a new attack surface with different risks for malicious actors to take advantage of. As the public cloud environment shares its hardware infrastructure, a flaw in the cloud’s isolation mechanisms can be detrimental to the protection of sensitive customer and financial data. The major public cloud environments tackle this by building their security following a defence-in-depth approach. Confidential computing is an additional layer of security in this environment to keep data private even when a flaw is found in the other defence mechanisms.

What is confidential computing?

Confidential computing is a cloud computing technology that isolates sensitive data in a protected CPU enclave during processing and eliminates the remaining data security vulnerability by protecting data in use. This means that data is secured while an application runs and is also invisible to anyone, even the cloud provider. It’s a compelling new technology for the sector because previous cloud techniques protected data at rest (while being stored) or in transit (while moving over a network connection), but data could still be vulnerable while in use by applications. Confidential computing plugs that gap.

The TEE is the secure enclave within the CPU, separated from the main operating system and protected by encryption. Only authorized software can use the data within the isolated data environment of the TEE, which can not be read even by the operating system running on the machine. This means that private data can’t be tampered with by other applications, including malware.

Keeping unauthorised users out

With confidential computing, organisations in the finance sector can ensure that even if the host OS is compromised, or a rogue administrator is curious about the data, the data can’t be accessed and the code’s execution can not be altered.

Confidential computing ensures both the integrity of data and the integrity of code. It offers an additional layer of security which keeps data private. This means that even if there are flaws in other pre-existing defences, businesses can feel safer in the face of insider threats, human error and credential compromise. For financial institutions, this offers the chance to use data in innovative ways, opening up new opportunities and helping to stamp down on problems such as fraud.

For financial services organisations, who are subject to large fines for data breaches, it offers them a new way to use data with confidence. For instance, Equifax was fined at least $575 million by the Federal Trade Commission in 2019 over a breach which exposed the data of more than 100 million people. By leveraging confidential computing, financial institutions can feel more secure in the knowledge that data is not being passed into bad actors’ hands and avoid these types of fines.

How financial organisations can adopt confidential computing

For regulated industries like banking, insurance and other financial services, Confidential Computing is the answer that fits their business needs. Confidential Computing use cases span regulatory compliance, secure and untrusted collaboration, prevention of unauthorised access and isolated or “blind” processing, ensuring that user data cannot be retrieved even by the service provider.

The security architecture of confidential computing enables a network of financial institutions to work together while keeping their own data safe and private, as well as helping them to adhere better to ever-evolving regulations. Confidential computing is perfect for multi-party computation (MPC). One such use case is collaboration between different banks and third parties which is essential for dealing with money-laundering investigations, where money often moves rapidly between different accounts, through different banks. To combat money laundering, businesses must be able to track the flow of money as it travels between hands.

Confidential computing allows organisations to share and process this data, without exposing their input data to anyone else. Multiple businesses can work together without exposing any of their customers’ personal data, agreeing on which analytics to run on the data set. By processing all this data in a protected setting via confidential computing, none of the banks which work together can ‘see’ the full data set, but the results allow for the ability to track a user moving money between multiple banks.

More generally, confidential computing empowers banks and financial institutions to derive value from large data sets without compromising users’ privacy or falling foul of financial regulations.

Looking ahead: the future of confidential computing

Experts are predicting that the use of confidential computing will skyrocket over the next decade. In fact, Everest Group, a global research firm, concluded that confidential computing will grow at a compound annual growth rate (CAGR) of between 90 – 95%, with the overall market being valued at $54bn by 2026.

For those working at the heart of the finance industry, confidential computing provides an essential layer of protection and assurance that the data they possess is protected while in the cloud. It also means they will be more inspired to embrace cloud technologies even for use cases that require the most sensitive of data.

Looking ahead, confidential computing has the power to bring numerous benefits to businesses and exciting opportunities for consumers, supporting a greater shift in the finance industry towards the public cloud. Data security has never been more critical, and financial institutions should be looking at new avenues, such as confidential computing, to bolster their security strategy and unlock new possibilities.

Kris Sharma

Kris is a trusted C-level advisor and a leader with a rich global consulting and business transformation experience providing advisory services to Fortune 100 and FTSE100 clients. He focuses on creating strong ecosystem partnerships and is passionate about building high performing teams. Kris sees himself as a change agent with a passion for transformation, conceptualizing and strategizing solutions by partnering closely with business and IT leaders. Kris has worked with clients in various parts of USA, Europe, Australia and Asia Pacific, building value adding strategic relationships and partnerships with key external and internal stakeholders. Kris is experienced in a wide range of industry sectors spanning Banking, Insurance, Telecom, Media and Communications, Public Sector, Hi-Tech, Automotive and Retail.

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...