How finance companies can stay secure with confidential computing

Cloud computing has transformed financial organisations and their IT infrastructure. With cloud technologies like ScaleXP, organisations can access computing resources on demand, allowing them to offload costs and the effort required to set up and manage their own on-premises infrastructure, improving agility and business value. As more finance companies adopt cloud services into their technology stack, data security in the cloud is vital.

Moving financial workloads from an on-premise setup to a public cloud infrastructure introduces a new attack surface with different risks for malicious actors to take advantage of. As the public cloud environment shares its hardware infrastructure, a flaw in the cloud’s isolation mechanisms can be detrimental to the protection of sensitive customer and financial data. The major public cloud environments tackle this by building their security following a defence-in-depth approach. Confidential computing is an additional layer of security in this environment to keep data private even when a flaw is found in the other defence mechanisms.

What is confidential computing?

Confidential computing is a cloud computing technology that isolates sensitive data in a protected CPU enclave during processing and eliminates the remaining data security vulnerability by protecting data in use. This means that data is secured while an application runs and is also invisible to anyone, even the cloud provider. It’s a compelling new technology for the sector because previous cloud techniques protected data at rest (while being stored) or in transit (while moving over a network connection), but data could still be vulnerable while in use by applications. Confidential computing plugs that gap.

The TEE is the secure enclave within the CPU, separated from the main operating system and protected by encryption. Only authorized software can use the data within the isolated data environment of the TEE, which can not be read even by the operating system running on the machine. This means that private data can’t be tampered with by other applications, including malware.

Keeping unauthorised users out

With confidential computing, organisations in the finance sector can ensure that even if the host OS is compromised, or a rogue administrator is curious about the data, the data can’t be accessed and the code’s execution can not be altered.

Confidential computing ensures both the integrity of data and the integrity of code. It offers an additional layer of security which keeps data private. This means that even if there are flaws in other pre-existing defences, businesses can feel safer in the face of insider threats, human error and credential compromise. For financial institutions, this offers the chance to use data in innovative ways, opening up new opportunities and helping to stamp down on problems such as fraud.

For financial services organisations, who are subject to large fines for data breaches, it offers them a new way to use data with confidence. For instance, Equifax was fined at least $575 million by the Federal Trade Commission in 2019 over a breach which exposed the data of more than 100 million people. By leveraging confidential computing, financial institutions can feel more secure in the knowledge that data is not being passed into bad actors’ hands and avoid these types of fines.

How financial organisations can adopt confidential computing

For regulated industries like banking, insurance and other financial services, Confidential Computing is the answer that fits their business needs. Confidential Computing use cases span regulatory compliance, secure and untrusted collaboration, prevention of unauthorised access and isolated or “blind” processing, ensuring that user data cannot be retrieved even by the service provider.

The security architecture of confidential computing enables a network of financial institutions to work together while keeping their own data safe and private, as well as helping them to adhere better to ever-evolving regulations. Confidential computing is perfect for multi-party computation (MPC). One such use case is collaboration between different banks and third parties which is essential for dealing with money-laundering investigations, where money often moves rapidly between different accounts, through different banks. To combat money laundering, businesses must be able to track the flow of money as it travels between hands.

Confidential computing allows organisations to share and process this data, without exposing their input data to anyone else. Multiple businesses can work together without exposing any of their customers’ personal data, agreeing on which analytics to run on the data set. By processing all this data in a protected setting via confidential computing, none of the banks which work together can ‘see’ the full data set, but the results allow for the ability to track a user moving money between multiple banks.

More generally, confidential computing empowers banks and financial institutions to derive value from large data sets without compromising users’ privacy or falling foul of financial regulations.

Looking ahead: the future of confidential computing

Experts are predicting that the use of confidential computing will skyrocket over the next decade. In fact, Everest Group, a global research firm, concluded that confidential computing will grow at a compound annual growth rate (CAGR) of between 90 – 95%, with the overall market being valued at $54bn by 2026.

For those working at the heart of the finance industry, confidential computing provides an essential layer of protection and assurance that the data they possess is protected while in the cloud. It also means they will be more inspired to embrace cloud technologies even for use cases that require the most sensitive of data.

Looking ahead, confidential computing has the power to bring numerous benefits to businesses and exciting opportunities for consumers, supporting a greater shift in the finance industry towards the public cloud. Data security has never been more critical, and financial institutions should be looking at new avenues, such as confidential computing, to bolster their security strategy and unlock new possibilities.

Kris Sharma

Kris is a trusted C-level advisor and a leader with a rich global consulting and business transformation experience providing advisory services to Fortune 100 and FTSE100 clients. He focuses on creating strong ecosystem partnerships and is passionate about building high performing teams. Kris sees himself as a change agent with a passion for transformation, conceptualizing and strategizing solutions by partnering closely with business and IT leaders. Kris has worked with clients in various parts of USA, Europe, Australia and Asia Pacific, building value adding strategic relationships and partnerships with key external and internal stakeholders. Kris is experienced in a wide range of industry sectors spanning Banking, Insurance, Telecom, Media and Communications, Public Sector, Hi-Tech, Automotive and Retail.

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...

The need to clean data for effective insight

David Sheldrake • 05th March 2025

There is more data today than ever before. In fact, the total amount of data created, captured, copied, and consumed globally has now reached an incredible 149 zettabytes. The growth of the big mountain is not expected to slow down, either, with it expected to reach almost 400 zettabytes within the next three years. Whilst...

What can be done to democratize VDI?

Dennis Damen • 05th March 2025

Virtual Desktop Infrastructure (VDI) offers businesses enhanced security, scalability, and compliance, yet it remains a niche technology. One of the biggest barriers to widespread adoption is a severe talent gap. Many IT professionals lack hands-on VDI experience, as their careers begin with physical machines and increasingly shift toward cloud-based services. This shortage has created a...

Tech and Business Outlook: US Confident, European Sentiment Mixed

Viva Technology • 11th February 2025

The VivaTech Confidence Barometer, now in its second edition, reveals strong confidence among tech executives regarding the impact of emerging technologies on business competitiveness, particularly AI, which is expected to have the most significant impact in the near future. Surveying tech leaders from Europe and North America, 81% recognize their companies as competitive internationally, with...