Risk Management

12:58 PM
Gilad Parann-Nissany, SAP
Gilad Parann-Nissany, SAP
Commentary
50%
50%

The Holy Grail of Cloud Computing – Maintaining Data Confidentiality

Whether a financial institution enters a public or private cloud, data privacy and confidentiality are top concerns. A financial application (or a service) must be protected, and true privacy must be maintained, says SAP's Gilad Parann-Nissany.

Breaking the Trust Paradigm

Current key management technologies, as mentioned above, are either a trust compromise, or a compromise on cloud computing features. Breaking the trust paradigm requires a new approach, specific to cloud key management.

A technology that enables such an approach is split-key management. Here's a financial metaphor which will help to explain how this works, and its benefits. Most contemporary safe deposit boxes utilize a two-key system, the bank has one key while you (the box owner) hold the second key, and both keys are required to open the access door to remove the deposit drawer. This two key system is how the bank provides some assurance that an unscrupulous employee can't enter the vault and start pilfering boxes. Split-key management implements the same concept technologically in the cloud; the "bank" – a virtual key management system – generates a unique key for you, and another key to be used by the key management system. Both keys are required to encrypt and decrypt data, yet at the same time, only you, the end user, have access to your master key, making it impossible for the cloud provider to ever seeing your most critical piece of data – your encryption keys.

[The Rise of Cloud Computing on Wall Street]

Another foundational technology that is important in cloud data security is Homomorphic Key Encryption. This protects the sensitive encryption keys themselves, when they are in use in the memory of cloud servers. The benefit is that the most sensitive information, the keys themselves, are never exposed in the cloud, even when they are actually used. Advanced "partially homomorphic" mathematics enables such innovation.

Going forward, such technologies, integrated with financial clouds and SaaS applications, lower the risk to data privacy and allow financial institutions to migrate more easily to the cloud.

Gilad Parann-Nissany, founder and CEO, is a Cloud Computing pioneer. As CTO for Small Business at SAP, Gilad built SaaS Clouds for medium and small enterprises and contributed to SAP products reaching more than 8 million users. Before founding Porticor, he created a consumer Cloud at G.ho.st – a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and applications.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
More Commentary
Wall Street CIOs Have a Vendor Management Problem
If Wall Street CIOs want to stay ahead of competition and ensure high-speed trading software doesn't start the next flash crash, they need better insight into vendor delivered software.
Technology Innovation Returns to Financial Services
Capital Markets Outlook 2015: Following a few years dominated by regulatory compliance and cost saving technology initiatives, financial organizations are finally investing in innovative technology and tools.
Voice Biometrics Improve Transaction Monitoring Fraud Detection
Why voice biometrics should be a part of your fraud prevention strategy in the call center.
Fintech Fast Forward 2015
What will shape the future of Fintech in 2015 and beyond?
Look Deeper at Business Connections
When a business person or practice crosses the line, what should a professional do?
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video
Inside Abel Noser's Trading Floor
Inside Abel Noser's Trading Floor
Advanced Trading takes you on an exclusive tour of Abel Noser's New York trading floor, where the agency broker known for transaction cost analysis, is customizing algorithms for the buy side, while growing its fixed income trading and transitions business.