Data Security In Financial Services

Financial data protection with in-use encryption opens new business opportunities

A lot has been written about data security in financial services and cyberattacks. When we read these articles, the emphasis usually focuses on the financial costs and reputation risk that companies face when they experience data breaches.

Though these, obviously, are serious concerns, there is another angle to the story that rarely gets discussed . . . the one in which financial services companies often dismiss valuable business opportunities due to data security concerns.

A bright spot for financial data protection is that new data encryption technology, called in-use encryption, enables companies to protect sensitive data in ways that previously were unattainable. This new data encryption technology delivers three breakthroughs that change the game for data security in financial services:

1. Data-in-use encryption that keeps data encrypted while it is in being used.

2. Data-in-motion encryption that keeps data encrypted while it is being shared with downstream systems.

3. Advanced cloud data protection that allows companies, rather than cloud application administrators, to hold the encryption keys.

Here are two examples of how financial services companies are employing Sotero’s in-use encryption technology, to pursue previously-unattainable business opportunities.  (Also, here’s a whitepaper for more on in-use encryption.)

1. A global financial technology company needed to strengthen their data security in order to retain their European customers. With the emergence of GDRP and other privacy regulations, was critical to their successful operations. They needed a solution that would allow them to collect data in several geographies and store it in the U.S., while ensuring that no unprivileged users could access to the data.The company chose the Sotero Platform, which enables them to anonymize and secure EU data stored in the U.S., and make it available in a secure manner to EU consumers. Sotero enables the organization to encrypt data during collection and then keep the data encrypted while they moved the data to the U.S. location. This enabled them to meet their regulatory and compliance objectives, as well deploy a scalable solution that enables them to attract new customers from around the globe.

2. Recognizing the value of data, a major financing company was seeking a way to enable companies to use their data as collateral in order to raise capital. If the company could establish the necessary level of data security, it would be able to accept data as collateral and, therefore, underwrite more loans.The company employed an innovative way to solve the problem by using the Sotero Data Security Platform to secure the data while the data was in motion to the company’s platform, and to secure the data once on the Sotero platform even while the data was in use.  This gave both parties a level of comfort that the data would have the highest level of security, while enabling dual-party ownership of the data.By enabling loan underwriters to stay in control of the data for the duration of the loan, the company had the confidence they needed to use the company’s assets as collateral and underwrite more loans.

These are just two examples – and there are more. The bottom line is that data security in financial services is not only about guarding against what we can lose – it’s also about enabling opportunities that were not previously attainable.