Solutions for Financial MarketsWhether it is keeping your cryptocurrency assets safe, reducing the dwell time of Advanced Persistent Threats, detecting data poisoning, enabling the transition to cloud or bringing regulatory compliant archiving to data lakes, Guardtime’s solutions deliver high value to our financial markets customers.
Cryptocurrency Asset ManagementCryptocurrencies are stored securely in distributed ledgers – blockchains. A digital key gives access to the cryptocurrency asset stored on a blockchain. These keys need to be kept safe because if lost or stolen so is the asset.
Most banks and financial-services providers still lack the necessary technology to store, process and trade these keys without risk. This is of particular concern to private banks whose customers increasingly demand this new asset class to diversify their portfolios. Where a service is offered, it is highly manual, expensive, inefficient and insecure. As a result, customers are turning to rival services from fintech start-ups, which control at least half the market.
SILO is a cryptocurrency custodian solution designed specifically for banks and other financial institutions wanting to participate efficiently in this new market.
The need to store cryptocurrency keys and move assets securely is a regular part of financial services today - with SILO, banks will be able to introduce and deliver this service efficiently, seamlessly and cost effectively.SILO is an integrated software / hardware solution that has been developed in cooperation between Guardtime and Metaco, a company with a successful history of managing cryptocurrencies and building digital wallets / custodian solutions for retail customers.
Enterprise SecurityModern security is based on the need to search for vulnerabilities. That search can be in the form of firewalls scanning each packet that enters the network, signature-based malware detection schemes, of using sandboxes (or multi-vector virtual execution) to run code inside a protected environment. These are very sophisticated technologies but they all suffer from one fundamental problem: there is no mechanism to verify that they are working; they are useless against unforeseen attacks.
KSI is based on different assumptions: That the state of a network can be independently verified with mathematical certainty. The key word is “independently”. It means that the configuration of every switch and router, the state of every event log and data item in data stores can be verified without the need for trusted administrators or in the procedures that define the security of the network.
The implication is that if you can guarantee the state of your network then any unauthorized change in the state of that network represents an attack, the impact of which can be mitigated. This is a fundamentally different assumption and is the difference between searching for needles in a haystack and having real-time situational awareness of every stalk of hay.
Enabling the Cloud TransformationDriven by proven cost-efficiencies, cloud computing remains very appealing to financial institutions. However the challenges of moving mission critical processes to the cloud remain unsolved. Specifically “how do I comply with the law and trust my mission critical processes to an outsourced vendor who has little if any accountability?”
KSI provides that accountability. Integrated into the cloud infrastructure KSI provides a level of assurance not previously possible, providing complete traceability, accountability and transparency for the cloud. Entities who are either using or administrating the cloud can be held responsible for their actions, regulators get to audit all processes and everyone involved can verify what happened when.
- Whitepaper: Cloud insecurity and true accountability
- BlockCloud: re-inventing cloud with blockchains
- Google, subrogation and cloud data residency
- Re-thinking cloud forensics
- Addressing CIO concerns over the public cloud
- Trust and truth in the public cloud
Hadoop: Automated Verification of ComplianceIt would be an understatement to say that the financial markets regulatory environment has become more severe in recent times. Financial Institutions spend billions of dollars every year supporting audits, legal compliance and internal audits. What if there was a different way? What if there was a software approach that could automate verification of compliance?
Consider Hadoop and HDFS. It would represent a huge cost saving for financial markets if they could use this a primary and sole data store. This is impossible today as in order to meet compliance regulations certain types of data (customer data, transactions) must be moved to regulatory compliant archives. With KSI integration for big data this problems is comprehensively solved representing a huge cost saving.