Overcoming the Cloud Security Barrier for Financial Services

By Michael Dorf

May 10, 2013

The private industry least likely to adopt public cloud services for data storage are financial institutions. Holding the most sensitive and heavily-regulated of data types, personal financial information, banks and similar institutions are mostly moving towards private cloud services – and doing so at great cost.

A change is underway though as services in the public cloud space are beginning to offer high-end security options that align with financial market needs. Investment banking has been the most open to adopting public clouds as that industry’s ever-growing thirst for data (and the need to store it) demands lower-cost solutions. But more and more, other banking services are warming to the idea.

The old barriers to cloud adoption are evaporating. The three issues stopping banking from getting into the cloud were:

  • Data control and risks are huge in the cloud. Can a low trust environment like a public cloud really be conducive to the complex regulatory framework the financial sector works within?
  • If data in the cloud is protected, how can the local applications used by the institution make use of it without exposing that live data to others?
  • How can data be kept within regulation-required geographic storage locations and still be “in the cloud?”

In financial markets, data is becoming more fluid and often more sharable as technologies change and competitive forces push institutions away from close-vest dealings and towards faster, more responsive near-real-time decisions. This requires faster data access, deeper analysis, and better sharing methods. The cloud is perfect for this, but the security concerns remain.

Here are ways that financial institutions are overcoming the three barriers above to facilitate the advantages of cloud storage.

Overcoming Security Barriers

Cloud providers are now often offering certain customers proof of security emplacements. The best proof is a third party test and validation followed by your own in-house experts testing the service provider’s system. While first-person checking may be best for your own peace of mind, third-party verification and proof of compliance is useful for legal purposes and can shift liabilities from you to the service provider should security be breached or found inadequate by compliance audits.

Data security standards such as NIST, FFX, AES and the like offer a benchmark for security requirements, depending on your institution’s needs. Many certified third-party testing companies can verify that these standards, at minimum, are met by your provider and occasional audits to re-check compliance can keep you in standing with regulators.

By leveraging data-centric approaches to the enterprise cloud stacks, data risk and compliance standards can be solved. With proper protection, and IAA (ID, Authentication, Authorization) service layer capability, data can be shared with various applications without risky exposure.

Secure Access and Use By Local Applications

Financial institutions moving to the public cloud have tackled the problem of security in storage and transmission through multi-level encryption. Data will be stored in encrypted format so that local access at the cloud provider will not give actual data access, just access to the bits and bytes that make up that data. This ensures security on that level. During transmission from the public cloud (service provider) the private network (institution), another level of encryption is added to the data. When the data arrives at the processing machine in the financial institution’s secured network, it is de-encrypted on both levels and utilized, then re-encrypted before being sent back into the cloud for storage.

When coupled with the usual careful access controls, this has proven to be a highly secure way to utilize cloud services while minimizing security risks as much as possible.

Geographic Location of the Data

Often the most difficult thing for financial institutions to comply with when putting data into the cloud are data residency requirements from government. Multi-national financial services companies are often required by various jurisdictions to keep the personally-identifiable financial information of customers or clients in specific locations on the map. Similarly, some regulatory requirements will mean that data should not be stored in some locations because of potential security issues that local laws may create. For example, data stored in the U.S. is required to be open to government access upon request while the governments of Canada, France and other countries forbid open access by foreign powers – which disallows the storage of certain personal information in the United States. Likewise, data stored in Luxemborg is under heavier restrictions than most of the European Union and cannot be moved unless it is de-identified with individuals beforehand, making some transactions difficult.

Technically, the “cloud” is everywhere, but in the real-world, most cloud services are regional rather than global. To gain the full benefit of cloud storage, the storage should be geographically wide spread, but compliance issues will often forbid this. For this reason, most cloud services providers offer region-specific data storage guarantees that can be verified by third parties.

About the Author

Michael Dorf is a seasoned software architect and instructor with a M.S. in Software Engineering and a dozen years of industry experience. He is a co-founder of (LearnComputer LLC), an IT/Open Source training school based in San Francisco Bay Area. Our Big Data Overview training course is designed for IT managers who need a fast track to Big Data solutions available on the market today.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industry updates delivered to you every week!

Quantum Software Specialist Q-CTRL Inks Deals with IBM, Rigetti, Oxford, and Diraq

September 10, 2024

Q-CTRL, the Australia-based start-up focusing on quantum infrastructure software, today announced that its performance-management software, Fire Opal, will be natively integrated into four of the world's most advanced qu Read more…

Computing-Driven Medicine: Sleeping Better with HPC

September 10, 2024

As a senior undergraduate student at Fisk University in Nashville, Tenn., Ifrah Khurram's calculus professor, Dr. Sanjukta Hota, encouraged her to apply for the Sustainable Research Pathways Program (SRP). SRP was create Read more…

LLNL Engineers Harness Machine Learning to Unlock New Possibilities in Lattice Structures

September 9, 2024

Lattice structures, characterized by their complex patterns and hierarchical designs, offer immense potential across various industries, including automotive, aerospace, and biomedical engineering. With their outstand Read more…

NSF-Funded Data Fabric Takes Flight

September 5, 2024

The data fabric has emerged as an enterprise data management pattern for companies that struggle to provide large teams of users with access to well-managed, integrated, and secured data. Now scientists working at univer Read more…

xAI Colossus: The Elon Project

September 5, 2024

Elon Musk's xAI cluster, named Colossus (possibly after the 1970 movie about a massive computer that does not end well), has been brought online. Musk recently posted the following on X/Twitter: "This weekend, the @xA Read more…

Researchers Benchmark Nvidia’s GH200 Supercomputing Chips

September 4, 2024

Nvidia is putting its GH200 chips in European supercomputers, and researchers are getting their hands on those systems and releasing research papers with performance benchmarks. In the first paper, Understanding Data Mov Read more…

Quantum Software Specialist Q-CTRL Inks Deals with IBM, Rigetti, Oxford, and Diraq

September 10, 2024

Q-CTRL, the Australia-based start-up focusing on quantum infrastructure software, today announced that its performance-management software, Fire Opal, will be n Read more…

NSF-Funded Data Fabric Takes Flight

September 5, 2024

The data fabric has emerged as an enterprise data management pattern for companies that struggle to provide large teams of users with access to well-managed, in Read more…

Shutterstock 1024337068

Researchers Benchmark Nvidia’s GH200 Supercomputing Chips

September 4, 2024

Nvidia is putting its GH200 chips in European supercomputers, and researchers are getting their hands on those systems and releasing research papers with perfor Read more…

Shutterstock 1897494979

What’s New with Chapel? Nine Questions for the Development Team

September 4, 2024

HPC news headlines often highlight the latest hardware speeds and feeds. While advances on the hardware front are important, improving the ability to write soft Read more…

Critics Slam Government on Compute Speeds in Regulations

September 3, 2024

Critics are accusing the U.S. and state governments of overreaching by including limits on compute speeds in regulations and laws, which they claim will limit i Read more…

Shutterstock 1622080153

AWS Perfects Cloud Service for Supercomputing Customers

August 29, 2024

Amazon's AWS believes it has finally created a cloud service that will break through with HPC and supercomputing customers. The cloud provider a Read more…

HPC Debrief: James Walker CEO of NANO Nuclear Energy on Powering Datacenters

August 27, 2024

Welcome to The HPC Debrief where we interview industry leaders that are shaping the future of HPC. As the growth of AI continues, finding power for data centers Read more…

CEO Q&A: Acceleration is Quantinuum’s New Mantra for Success

August 27, 2024

At the Quantum World Congress (QWC) in mid-September, trapped ion quantum computing pioneer Quantinuum will unveil more about its expanding roadmap. Its current Read more…

Everyone Except Nvidia Forms Ultra Accelerator Link (UALink) Consortium

May 30, 2024

Consider the GPU. An island of SIMD greatness that makes light work of matrix math. Originally designed to rapidly paint dots on a computer monitor, it was then Read more…

Atos Outlines Plans to Get Acquired, and a Path Forward

May 21, 2024

Atos – via its subsidiary Eviden – is the second major supercomputer maker outside of HPE, while others have largely dropped out. The lack of integrators and Atos' financial turmoil have the HPC market worried. If Atos goes under, HPE will be the only major option for building large-scale systems. Read more…

AMD Clears Up Messy GPU Roadmap, Upgrades Chips Annually

June 3, 2024

In the world of AI, there's a desperate search for an alternative to Nvidia's GPUs, and AMD is stepping up to the plate. AMD detailed its updated GPU roadmap, w Read more…

Nvidia Shipped 3.76 Million Data-center GPUs in 2023, According to Study

June 10, 2024

Nvidia had an explosive 2023 in data-center GPU shipments, which totaled roughly 3.76 million units, according to a study conducted by semiconductor analyst fir Read more…

Shutterstock_1687123447

Nvidia Economics: Make $5-$7 for Every $1 Spent on GPUs

June 30, 2024

Nvidia is saying that companies could make $5 to $7 for every $1 invested in GPUs over a four-year period. Customers are investing billions in new Nvidia hardwa Read more…

Comparing NVIDIA A100 and NVIDIA L40S: Which GPU is Ideal for AI and Graphics-Intensive Workloads?

October 30, 2023

With long lead times for the NVIDIA H100 and A100 GPUs, many organizations are looking at the new NVIDIA L40S GPU, which it’s a new GPU optimized for AI and g Read more…

Google Announces Sixth-generation AI Chip, a TPU Called Trillium

May 17, 2024

On Tuesday May 14th, Google announced its sixth-generation TPU (tensor processing unit) called Trillium.  The chip, essentially a TPU v6, is the company's l Read more…

Shutterstock 1024337068

Researchers Benchmark Nvidia’s GH200 Supercomputing Chips

September 4, 2024

Nvidia is putting its GH200 chips in European supercomputers, and researchers are getting their hands on those systems and releasing research papers with perfor Read more…

Leading Solution Providers

Contributors

IonQ Plots Path to Commercial (Quantum) Advantage

July 2, 2024

IonQ, the trapped ion quantum computing specialist, delivered a progress report last week firming up 2024/25 product goals and reviewing its technology roadmap. Read more…

Intel’s Next-gen Falcon Shores Coming Out in Late 2025 

April 30, 2024

It's a long wait for customers hanging on for Intel's next-generation GPU, Falcon Shores, which will be released in late 2025.  "Then we have a rich, a very Read more…

Some Reasons Why Aurora Didn’t Take First Place in the Top500 List

May 15, 2024

The makers of the Aurora supercomputer, which is housed at the Argonne National Laboratory, gave some reasons why the system didn't make the top spot on the Top Read more…

Department of Justice Begins Antitrust Probe into Nvidia

August 9, 2024

After months of skyrocketing stock prices and unhinged optimism, Nvidia has run into a few snags – a  design flaw in one of its new chips and an antitrust pr Read more…

Nvidia H100: Are 550,000 GPUs Enough for This Year?

August 17, 2023

The GPU Squeeze continues to place a premium on Nvidia H100 GPUs. In a recent Financial Times article, Nvidia reports that it expects to ship 550,000 of its lat Read more…

MLPerf Training 4.0 – Nvidia Still King; Power and LLM Fine Tuning Added

June 12, 2024

There are really two stories packaged in the most recent MLPerf  Training 4.0 results, released today. The first, of course, is the results. Nvidia (currently Read more…

Spelunking the HPC and AI GPU Software Stacks

June 21, 2024

As AI continues to reach into every domain of life, the question remains as to what kind of software these tools will run on. The choice in software stacks – Read more…

Quantum Watchers – Terrific Interview with Caltech’s John Preskill by CERN

July 17, 2024

In case you missed it, there's a fascinating interview with John Preskill, the prominent Caltech physicist and pioneering quantum computing researcher that was Read more…

  • arrow
  • Click Here for More Headlines
  • arrow
HPCwire