How IBM is building the secure cloud platform for financial services

0
12


By Hillery Hunter, vice president and chief technology officer, IBM Cloud

IBM recently announced that BNP Paribas has committed to join the IBM Cloud for Financial Services as an anchor client, along with 30 independent software vendors (ISVs) who will build applications for the cloud platform. And other organizations are just behind — IBM is in discussions with Japan’s Mitsubishi UFJ Financial Group (MUFG) to explore how it can adopt the IBM Cloud for Financial Services. This marks a milestone in the modernization of the global financial industry — one that signifies the readiness of cloud computing to support the strict regulatory environment in which financial services organizations operate.

To understand how we got here, it’s worth considering how the industry is evolving. Even before COVID-19, global financial companies were rapidly moving beyond a traditional brick-and-mortar model in response to growing customer demand for mobile banking experiences that are fast, robust, and secure.

The pandemic has seemed to accelerate this change, as more banking customers are demanding contactless services and more employees are working remotely. We have also seen that much of banks’ own mission-critical work is also increasingly moving from in-house systems to cloud platforms. Banks have had to stand up emergency loan systems and expand and contract their existing applications at the drop of a hat.

This major transformation is one banks can’t do alone. They need a partner that knows both the intricacies of their business and how to apply cutting-edge technologies like AI, automation, and blockchain within a hybrid cloud model to build that future of financial services and banking.

Why IBM Cloud? 

Modern life relies on sophisticated financial services. Because of its crucial role in the economy and society, this industry operates in a legal and regulatory system more complex and intricate ­than any other. Compliance and regulatory regimes change from region to region; security needs are among the most stringent in the world. Personal and confidential data often needs to be housed in the country of origin, and applications must be accessible anywhere in the world — in an instant.

Enabling financial institutions to meet these rigorous demands is why last year we launched IBM Cloud for Financial Services — the first cloud specifically for the industry built on IBM public cloud, powered by the same industry-leading security found in IBM Z. It was created to address banks’ unique needs in regulatory compliance, security, and resiliency — and to speed future innovation.

We’ve been growing the ecosystem ever since. To further improve IBM Cloud’s security capabilities, IBM recently acquired Spanugo, a US-based cloud cybersecurity posture management company — a major step forward in differentiating IBM’s financial services cloud from other offerings. And we’ve made our offering the most open and secure public cloud for business, featuring the only commercially available cryptographic technology.1Our “Keep Your Own Key” service gives banks sole control of their own encryption keys — and the hardware security modules that protect them — so customers can control who accesses their data.

On top of that, we’ve invested in Confidential Computing for over a decade. We first announced our generally available confidential cloud computing capabilities in 2018 with Confidential Computing offerings in the cloud, underpinned by the family of IBM Cloud Hyper Protect Services and backed by the highest level of security certification commercially available.2The Confidential Computing concept has moved from research projects into fully deployed offerings from numerous vendors, along with community groups like the Confidential Computing Consortium. In IBM Cloud for Financial Services, we deliver the same industry-leading Confidential Computing technology found in IBM Z as cloud services, enabling our clients in financial services and other industries to secure their data at the industry’s highest standard of protection.

And now, with the entrance of BNP Paribas, one of Europe’s largest banks and more than 30 ISVs, IBM Cloud for Financial Services has taken a major step in expanding its ecosystem and accelerating cloud adoption for mission critical workloads in this highly regulated industry.

Other initiatives to guide cloud adoption in regulated industries

Because secure hybrid cloud environments are increasingly becoming a vital part of banks’ infrastructure, IBM also announced the formation of the Financial Services Cloud Advisory Council. The council will be focused on bringing major financial institutions together, including Bank of America, to oversee IBM’s financial services cloud policy framework and help drive the strategic evolution of cloud security.

Other initiatives are underway. This month we plan to launch the IBM Cloud Security and Compliance Center — a built-in dashboard that lets banks continuously monitor and audit their compliance and security posture. IBM Research has been the engine behind myriad innovations in this security — from Confidential Computing to homomorphic and quantum-secured cryptography, and to further their engagement with our core financial services clients, they have also created the IBM Research Cloud Innovation Lab. This lab will enable financial services companies to experiment with new cloud technologies alongside IBM’s top experts in the field.

IBM Cloud for Financial Services is the world’s first product of its kind. With our growing roster of big institutions, we aim to build the best, most trusted cloud platform in financial services. The addition of BNP Paribas is the next major milestone on that journey.

Learn more about IBM Cloud for Financial Services here.

This post was created by IBM with Insider Studios.


Statements regarding IBM’s future direction or intent are subject to change or withdrawal without notice and represent goals and objectives only.
1 Encryption keys and cryptographic operations are protected with highest level certified HSM with Hyper Protect Crypto services: FIPS 140-2 Level 4.
2FIPS 140-2 Security Level 4 provides the highest level of security defined in this standard. At this security level, the physical security mechanisms provide a comprehensive envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.See https://csrc.nist.gov/projects/cryptographic-module-validation-program/standards and https://csrc.nist.gov/Projects/cryptographic-module-validation-program/Certificate/3410. 

LoadingSomething is loading.

Read More

LEAVE A REPLY

Please enter your comment!
Please enter your name here