We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Any business that deals with consumers will tell you their two biggest priorities are customer experience and data privacy. The first one gets customers in the door, the second keeps them there.
We’ve seen the role virtual reality and artificial intelligence are playing to meet consumers’ ever-changing demands for a great experience. But what about the lesser-known technologies that are also at work to protect our data and identity from security breaches?
A study conducted by the Ponemon Institute, sponsored by IBM Security, revealed the average cost of a data breach in the U.S. last year was a whopping $4.24 million. Security breaches ultimately affect the price consumers pay for products or services, as businesses pass on the costs of legal, regulatory, technical, and other measures. More importantly, it can impact customers’ confidence in your ability to protect their data in a digital experience.
I believe the key to winning and maintaining confidence in your data protection capabilities includes your ability to secure both data and the applications that process it from the rest of your IT infrastructure. That way, even when your network is compromised, your data is not.
What I’ve described is a cloud-based technology known as ‘confidential computing’ that promotes greater privacy protection. Confidential computing allows an organization to have full authority and control over its data, even when running in a shared cloud environment. Data is protected and visible only to its owner and no one else, not even the cloud vendor hosting the data – even during processing.
Think of it as a safe deposit box in a hotel room. When you stay in a hotel, the room is yours, but the hotel staff has access. Therefore, it’s a best practice to keep your valuables like your passport and money in the safe deposit box within the room. Only you have the code to this extra layer of protection, even though the room itself can be accessed. Now imagine that the locker does not have a master code to break in — that is how confidential computing can be designed.
How you can leverage technology to control who has access to your customer’s confidential data
1. Securely manage digital assets and currencies. As the adoption of cryptocurrency grows, so does the need to secure the technology it can be accessed through. Maintaining customer trust and privacy in this arena remains paramount for the world’s top banks, exchanges and fintech companies. Confidential computing plays a crucial role in helping these financial institutions securely manage the growing market demand for digital assets. For example, fintechs can provide banks and other financial institutions digital asset solutions to manage cryptocurrencies, tokens and bitcoin.
Those solutions can leverage security-critical infrastructure and confidential computing technology so that it can help protect the keys and data associated with those digital assets, as well as to process them with security protections. Such security capabilities are designed to mitigate the risk associated with malicious actors receiving access to these assets or confidential data associated with it.
2. Keep money in the bank. Banks face an array of digital theft, fraud, and money laundering threats. All banks are subject to Know Your Customer, the process that identifies and verifies a client’s identity when opening an account. Without exposing private data, such as your bank account details, financial firms need an avenue to determine and draw trends and inferences about theft and money launderers.
Confidential computing can be leveraged alongside AI and predictive models that help identify potential fraudsters. Taken together, banks can be more protected when able to detect threats while allowing the data to remain in the cloud without risk of being shared with other parties.
3. Help protect patient privacy. Mobile health apps and other connected devices, including sensors and wearables, can store medical data and enable proactive tracking of health data. From a privacy perspective, it would be desirable to move all patient data to a central location for analysis, but the security risks of data replication and the complexities of data synchronization can bring additional costs and challenges.
Confidential computing technology can help address these issues through performing computation in a secured enclave, isolating the data and code to protect against unauthorized access.
As management of our confidential data becomes increasingly distributed — with much of it on mobile devices and the increasing prominence of remote healthcare consultations and digital banking now the norm for consumers — it is imperative to understand more about how the technology behind the scenes works to better protect and benefit us in our daily activities.
Nataraj Nagaratnam is the CTO of IBM Cloud Security.