Risk Management

12:58 PM
Gilad Parann-Nissany, SAP
Gilad Parann-Nissany, SAP
Commentary
50%
50%

The Holy Grail of Cloud Computing – Maintaining Data Confidentiality

Whether a financial institution enters a public or private cloud, data privacy and confidentiality are top concerns. A financial application (or a service) must be protected, and true privacy must be maintained, says SAP's Gilad Parann-Nissany.

Breaking the Trust Paradigm

Current key management technologies, as mentioned above, are either a trust compromise, or a compromise on cloud computing features. Breaking the trust paradigm requires a new approach, specific to cloud key management.

A technology that enables such an approach is split-key management. Here's a financial metaphor which will help to explain how this works, and its benefits. Most contemporary safe deposit boxes utilize a two-key system, the bank has one key while you (the box owner) hold the second key, and both keys are required to open the access door to remove the deposit drawer. This two key system is how the bank provides some assurance that an unscrupulous employee can't enter the vault and start pilfering boxes. Split-key management implements the same concept technologically in the cloud; the "bank" – a virtual key management system – generates a unique key for you, and another key to be used by the key management system. Both keys are required to encrypt and decrypt data, yet at the same time, only you, the end user, have access to your master key, making it impossible for the cloud provider to ever seeing your most critical piece of data – your encryption keys.

[The Rise of Cloud Computing on Wall Street]

Another foundational technology that is important in cloud data security is Homomorphic Key Encryption. This protects the sensitive encryption keys themselves, when they are in use in the memory of cloud servers. The benefit is that the most sensitive information, the keys themselves, are never exposed in the cloud, even when they are actually used. Advanced "partially homomorphic" mathematics enables such innovation.

Going forward, such technologies, integrated with financial clouds and SaaS applications, lower the risk to data privacy and allow financial institutions to migrate more easily to the cloud.

Gilad Parann-Nissany, founder and CEO, is a Cloud Computing pioneer. As CTO for Small Business at SAP, Gilad built SaaS Clouds for medium and small enterprises and contributed to SAP products reaching more than 8 million users. Before founding Porticor, he created a consumer Cloud at G.ho.st – a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and applications.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
More Commentary
Itís Not About the Algorithm Anymore
Today the business priority is less on the algorithm and more on building the organization to create leverage from the algorithm.
Is Your Corporate Data Being Auctioned on eBay?
Researchers purchased 20 used Android phones to see what data they could retrieve using off-the-shelf recovery software. The results were astonishing.
Getting Social: Top Tips for Establishing a Social Media Plan
As the influence of social media channels continues to grow, organizations must have a handle on the regulations and the risks social can introduce to a firm.
Why Settle for Less in the Front Office?
Recent research shows that sell-side firms are less than satisfied with their order management system (OMS) technology. Many front offices, however, continue to make do with their current solutions. Are they selling themselves short?
BYOD Policy: Don't Reinvent the Wheel
Financial firms still feel overwhelmed by BYOD risks and challenges. But these can be addressed by a good policy, and the guidelines are already out there.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video
Inside Abel Noser's Trading Floor
Inside Abel Noser's Trading Floor
Advanced Trading takes you on an exclusive tour of Abel Noser's New York trading floor, where the agency broker known for transaction cost analysis, is customizing algorithms for the buy side, while growing its fixed income trading and transitions business.