Overcoming the Cloud Security Barrier for Financial Services

By Michael Dorf

May 10, 2013

The private industry least likely to adopt public cloud services for data storage are financial institutions. Holding the most sensitive and heavily-regulated of data types, personal financial information, banks and similar institutions are mostly moving towards private cloud services – and doing so at great cost.

A change is underway though as services in the public cloud space are beginning to offer high-end security options that align with financial market needs. Investment banking has been the most open to adopting public clouds as that industry’s ever-growing thirst for data (and the need to store it) demands lower-cost solutions. But more and more, other banking services are warming to the idea.

The old barriers to cloud adoption are evaporating. The three issues stopping banking from getting into the cloud were:

  • Data control and risks are huge in the cloud. Can a low trust environment like a public cloud really be conducive to the complex regulatory framework the financial sector works within?
  • If data in the cloud is protected, how can the local applications used by the institution make use of it without exposing that live data to others?
  • How can data be kept within regulation-required geographic storage locations and still be “in the cloud?”

In financial markets, data is becoming more fluid and often more sharable as technologies change and competitive forces push institutions away from close-vest dealings and towards faster, more responsive near-real-time decisions. This requires faster data access, deeper analysis, and better sharing methods. The cloud is perfect for this, but the security concerns remain.

Here are ways that financial institutions are overcoming the three barriers above to facilitate the advantages of cloud storage.

Overcoming Security Barriers

Cloud providers are now often offering certain customers proof of security emplacements. The best proof is a third party test and validation followed by your own in-house experts testing the service provider’s system. While first-person checking may be best for your own peace of mind, third-party verification and proof of compliance is useful for legal purposes and can shift liabilities from you to the service provider should security be breached or found inadequate by compliance audits.

Data security standards such as NIST, FFX, AES and the like offer a benchmark for security requirements, depending on your institution’s needs. Many certified third-party testing companies can verify that these standards, at minimum, are met by your provider and occasional audits to re-check compliance can keep you in standing with regulators.

By leveraging data-centric approaches to the enterprise cloud stacks, data risk and compliance standards can be solved. With proper protection, and IAA (ID, Authentication, Authorization) service layer capability, data can be shared with various applications without risky exposure.

Secure Access and Use By Local Applications

Financial institutions moving to the public cloud have tackled the problem of security in storage and transmission through multi-level encryption. Data will be stored in encrypted format so that local access at the cloud provider will not give actual data access, just access to the bits and bytes that make up that data. This ensures security on that level. During transmission from the public cloud (service provider) the private network (institution), another level of encryption is added to the data. When the data arrives at the processing machine in the financial institution’s secured network, it is de-encrypted on both levels and utilized, then re-encrypted before being sent back into the cloud for storage.

When coupled with the usual careful access controls, this has proven to be a highly secure way to utilize cloud services while minimizing security risks as much as possible.

Geographic Location of the Data

Often the most difficult thing for financial institutions to comply with when putting data into the cloud are data residency requirements from government. Multi-national financial services companies are often required by various jurisdictions to keep the personally-identifiable financial information of customers or clients in specific locations on the map. Similarly, some regulatory requirements will mean that data should not be stored in some locations because of potential security issues that local laws may create. For example, data stored in the U.S. is required to be open to government access upon request while the governments of Canada, France and other countries forbid open access by foreign powers – which disallows the storage of certain personal information in the United States. Likewise, data stored in Luxemborg is under heavier restrictions than most of the European Union and cannot be moved unless it is de-identified with individuals beforehand, making some transactions difficult.

Technically, the “cloud” is everywhere, but in the real-world, most cloud services are regional rather than global. To gain the full benefit of cloud storage, the storage should be geographically wide spread, but compliance issues will often forbid this. For this reason, most cloud services providers offer region-specific data storage guarantees that can be verified by third parties.

About the Author

Michael Dorf is a seasoned software architect and instructor with a M.S. in Software Engineering and a dozen years of industry experience. He is a co-founder of (LearnComputer LLC), an IT/Open Source training school based in San Francisco Bay Area. Our Big Data Overview training course is designed for IT managers who need a fast track to Big Data solutions available on the market today.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Ohio Supercomputer Center Dedicates ‘Owens’ Cluster

March 29, 2017

In a dedication ceremony held earlier today (March 29), officials from Ohio Supercomputer Center (OSC) along with state representatives gathered to celebrate the launch of OSC’s newest cluster: Read more…

By Tiffany Trader

EU Ratchets up the Race to Exascale Computing

March 29, 2017

The race to expand HPC infrastructure, including exascale machines, to advance national and regional interests ratcheted up a notch yesterday with announcement that seven European countries – Read more…

By John Russell

Data-Hungry Algorithms and the Thirst for AI

March 29, 2017

At Tabor Communications’ Leverage Big Data + EnterpriseHPC Summit in Florida last week, esteemed HPC professional Jay Boisseau, chief HPC technology strategist at Dell EMC, engaged the audience with his presentation, “Big Computing, Big Data, Big Trends, Big Results.” Read more…

By Tiffany Trader

Bill Gropp – Pursuing the Next Big Thing at NCSA

March 28, 2017

About eight months ago Bill Gropp was elevated to acting director of the National Center for Supercomputing Applications (NCSA). Read more…

By John Russell

HPE Extreme Performance Solutions

Leveraging the Power of Big Data to Improve Customer Satisfaction & Brand Loyalty

In the dynamic world of retail, retailers must find ways to recognize and effectively respond to shopping behaviors, patterns, and trends in order to succeed. Read more…

UK to Launch Six Major HPC Centers

March 27, 2017

Six high performance computing centers will be formally launched in the U.K. later this week intended to provide wider access to HPC resources to U.K. Read more…

By John Russell

AI in the News: Rao in at Intel, Ng out at Baidu, Nvidia on at Tencent Cloud

March 26, 2017

Just as AI has become the leitmotif of the advanced scale computing market, infusing much of the conversation about HPC in commercial and industrial spheres, it also is impacting high-level management changes in the industry. Read more…

By Doug Black

Scalable Informatics Ceases Operations

March 23, 2017

On the same day we reported on the uncertain future for HPC compiler company PathScale, we are sad to learn that another HPC vendor, Scalable Informatics, is closing its doors. Read more…

By Tiffany Trader

‘Strategies in Biomedical Data Science’ Advances IT-Research Synergies

March 23, 2017

“Strategies in Biomedical Data Science: Driving Force for Innovation” by Jay A. Etchings is both an introductory text and a field guide for anyone working with biomedical data. Read more…

By Tiffany Trader

Data-Hungry Algorithms and the Thirst for AI

March 29, 2017

At Tabor Communications’ Leverage Big Data + EnterpriseHPC Summit in Florida last week, esteemed HPC professional Jay Boisseau, chief HPC technology strategist at Dell EMC, engaged the audience with his presentation, “Big Computing, Big Data, Big Trends, Big Results.” Read more…

By Tiffany Trader

Bill Gropp – Pursuing the Next Big Thing at NCSA

March 28, 2017

About eight months ago Bill Gropp was elevated to acting director of the National Center for Supercomputing Applications (NCSA). Read more…

By John Russell

HPC Compiler Company PathScale Seeks Life Raft

March 23, 2017

HPCwire has learned that HPC compiler company PathScale has fallen on difficult times and is asking the community for help or actively seeking a buyer for its assets. Read more…

By Tiffany Trader

Quantum Bits: D-Wave and VW; Google Quantum Lab; IBM Expands Access

March 21, 2017

For a technology that’s usually characterized as far off and in a distant galaxy, quantum computing has been steadily picking up steam. Read more…

By John Russell

Trump Budget Targets NIH, DOE, and EPA; No Mention of NSF

March 16, 2017

President Trump’s proposed U.S. fiscal 2018 budget issued today sharply cuts science spending while bolstering military spending as he promised during the campaign. Read more…

By John Russell

CPU-based Visualization Positions for Exascale Supercomputing

March 16, 2017

In this contributed perspective piece, Intel’s Jim Jeffers makes the case that CPU-based visualization is now widely adopted and as such is no longer a contrarian view, but is rather an exascale requirement. Read more…

By Jim Jeffers, Principal Engineer and Engineering Leader, Intel

US Supercomputing Leaders Tackle the China Question

March 15, 2017

Joint DOE-NSA report responds to the increased global pressures impacting the competitiveness of U.S. supercomputing. Read more…

By Tiffany Trader

New Japanese Supercomputing Project Targets Exascale

March 14, 2017

Another Japanese supercomputing project was revealed this week, this one from emerging supercomputer maker, ExaScaler Inc., and Keio University. The partners are working on an original supercomputer design with exascale aspirations. Read more…

By Tiffany Trader

For IBM/OpenPOWER: Success in 2017 = (Volume) Sales

January 11, 2017

To a large degree IBM and the OpenPOWER Foundation have done what they said they would – assembling a substantial and growing ecosystem and bringing Power-based products to market, all in about three years. Read more…

By John Russell

Quantum Bits: D-Wave and VW; Google Quantum Lab; IBM Expands Access

March 21, 2017

For a technology that’s usually characterized as far off and in a distant galaxy, quantum computing has been steadily picking up steam. Read more…

By John Russell

Trump Budget Targets NIH, DOE, and EPA; No Mention of NSF

March 16, 2017

President Trump’s proposed U.S. fiscal 2018 budget issued today sharply cuts science spending while bolstering military spending as he promised during the campaign. Read more…

By John Russell

HPC Compiler Company PathScale Seeks Life Raft

March 23, 2017

HPCwire has learned that HPC compiler company PathScale has fallen on difficult times and is asking the community for help or actively seeking a buyer for its assets. Read more…

By Tiffany Trader

TSUBAME3.0 Points to Future HPE Pascal-NVLink-OPA Server

February 17, 2017

Since our initial coverage of the TSUBAME3.0 supercomputer yesterday, more details have come to light on this innovative project. Of particular interest is a new board design for NVLink-equipped Pascal P100 GPUs that will create another entrant to the space currently occupied by Nvidia's DGX-1 system, IBM's "Minsky" platform and the Supermicro SuperServer (1028GQ-TXR). Read more…

By Tiffany Trader

Tokyo Tech’s TSUBAME3.0 Will Be First HPE-SGI Super

February 16, 2017

In a press event Friday afternoon local time in Japan, Tokyo Institute of Technology (Tokyo Tech) announced its plans for the TSUBAME3.0 supercomputer, which will be Japan’s “fastest AI supercomputer,” Read more…

By Tiffany Trader

IBM Wants to be “Red Hat” of Deep Learning

January 26, 2017

IBM today announced the addition of TensorFlow and Chainer deep learning frameworks to its PowerAI suite of deep learning tools, which already includes popular offerings such as Caffe, Theano, and Torch. Read more…

By John Russell

Lighting up Aurora: Behind the Scenes at the Creation of the DOE’s Upcoming 200 Petaflops Supercomputer

December 1, 2016

In April 2015, U.S. Department of Energy Undersecretary Franklin Orr announced that Intel would be the prime contractor for Aurora: Read more…

By Jan Rowell

Leading Solution Providers

Is Liquid Cooling Ready to Go Mainstream?

February 13, 2017

Lost in the frenzy of SC16 was a substantial rise in the number of vendors showing server oriented liquid cooling technologies. Three decades ago liquid cooling was pretty much the exclusive realm of the Cray-2 and IBM mainframe class products. That’s changing. We are now seeing an emergence of x86 class server products with exotic plumbing technology ranging from Direct-to-Chip to servers and storage completely immersed in a dielectric fluid. Read more…

By Steve Campbell

Enlisting Deep Learning in the War on Cancer

December 7, 2016

Sometime in Q2 2017 the first ‘results’ of the Joint Design of Advanced Computing Solutions for Cancer (JDACS4C) will become publicly available according to Rick Stevens. He leads one of three JDACS4C pilot projects pressing deep learning (DL) into service in the War on Cancer. Read more…

By John Russell

BioTeam’s Berman Charts 2017 HPC Trends in Life Sciences

January 4, 2017

Twenty years ago high performance computing was nearly absent from life sciences. Today it’s used throughout life sciences and biomedical research. Genomics and the data deluge from modern lab instruments are the main drivers, but so is the longer-term desire to perform predictive simulation in support of Precision Medicine (PM). There’s even a specialized life sciences supercomputer, ‘Anton’ from D.E. Shaw Research, and the Pittsburgh Supercomputing Center is standing up its second Anton 2 and actively soliciting project proposals. There’s a lot going on. Read more…

By John Russell

HPC Startup Advances Auto-Parallelization’s Promise

January 23, 2017

The shift from single core to multicore hardware has made finding parallelism in codes more important than ever, but that hasn’t made the task of parallel programming any easier. Read more…

By Tiffany Trader

HPC Technique Propels Deep Learning at Scale

February 21, 2017

Researchers from Baidu’s Silicon Valley AI Lab (SVAIL) have adapted a well-known HPC communication technique to boost the speed and scale of their neural network training and now they are sharing their implementation with the larger deep learning community. Read more…

By Tiffany Trader

US Supercomputing Leaders Tackle the China Question

March 15, 2017

Joint DOE-NSA report responds to the increased global pressures impacting the competitiveness of U.S. supercomputing. Read more…

By Tiffany Trader

CPU Benchmarking: Haswell Versus POWER8

June 2, 2015

With OpenPOWER activity ramping up and IBM’s prominent role in the upcoming DOE machines Summit and Sierra, it’s a good time to look at how the IBM POWER CPU stacks up against the x86 Xeon Haswell CPU from Intel. Read more…

By Tiffany Trader

IDG to Be Bought by Chinese Investors; IDC to Spin Out HPC Group

January 19, 2017

US-based publishing and investment firm International Data Group, Inc. (IDG) will be acquired by a pair of Chinese investors, China Oceanwide Holdings Group Co., Ltd. Read more…

By Tiffany Trader

  • arrow
  • Click Here for More Headlines
  • arrow
Share This