Is privacy at the heart of your customers digital experience
As consumers, every experience matters to us. We expect all of our digital interactions to be frictionless and secure, but fraudsters tend to prey on unexpected events or challenges – like a pandemic. When normality becomes disrupted, they see an opportunity to exploit.
Privacy has always been top of mind for consumers, but even more so now as we carry out our lives predominantly through digital interactions. For the past 11 months, we have been banking online, seeing doctors via telehealth, conducting business virtually, to name but a few. As a direct impact of that, many businesses, large and small, have embraced digital transformation and are adopting cloud to enable these experiences and interactions.
With privacy being top of mind for you and I as consumers, now more than ever Chief Information Officers and Chief Security Officers are focused on data protection and privacy assurance for the trillions of digital interactions that are happening every minute. During the pandemic, cloud-based cyber-attacks rose 630% between January and April 2020 (McAfee). Every few weeks we see a security breach in the news, so it’s no wonder CIOs and CSOs are up at night thinking about how to run workloads in a cloud environment that they trust to provide frictionless and secure interactions for consumers. This is especially true in highly regulated industries like financial services, telecommunications, government and healthcare that are stewarding vital data.
Confidential computing is the way for companies to achieve that level of security.
If you are a CIO or technology leader, confidential computing enables you to have full authority and privacy in your computing, code, and data, even when running in a cloud environment. No one but you, and only you have access to that data. It provides greater assurance that the data is protected and visible only to its owner and no one else, not even the cloud vendor that is hosting the data – even during processing. Data is protected in transit, at rest and in use.
With confidential computing, you are able to run in a cloud computing environment where there are others also running workloads, but still have full privacy and authority over what you’re doing, effectively in an enclave.
One way to think about it is like an office in an office building. The office is a private, secure location where you can have a meeting. There are a number of other offices in that building too, but you can lock your door and have a private meeting in your office and no one has access to your discussions, even though you are in the same building. The owners of the office building and tenants in other offices do not know what is going on in your office. In this case of confidential computing, the cloud is the office building and the enclave is the office.
After over a decade of research, confidential computing moved quickly from projects in IBM Research to fully deployed offerings across the industry being adopted by companies including Apple, Daimler, Luminor Bank and many other businesses, a capability that is still in early stages for many cloud vendors.
We’ve built confidential computing into the IBM Hyper Protect Software Development Kit for iOS, which helps developers build healthcare applications that are HIPAA-ready running on Apple devices. For example, a developer can build an app that lets a consumer organize and manage their medical records from their phone, and the app will have confidential computing capabilities built in, so that personal health data cannot be accessed by anyone except its owner.
Another example is our work with Daimler, the corporation behind luxury vehicle brands like Mercedes-Benz and Maybach. When buying a vehicle, consumers may have to hand over significant personal information, including age, home address, drivers' license number and insurance information. Daimler is using confidential computing to protect post-sale consumer data. By using confidential computing capabilities on the IBM Cloud, consumers know Daimler is taking the utmost care possible to protect the info they have handed over to Daimler.
We also recently announced our work with Luminor Bank, the third largest bank in the Baltic region and Estonia. IBM will help Luminor meet security and regulatory compliance requirements by migrating its new digital platform to IBM Cloud for Financial Services to drive innovation, while still meeting security and compliance requirements with built-in controls in IBM Cloud for Financial Services. With IBM, Luminor will accelerate its adoption of next-generation technology.
With the massive shift and reliance on digital interactions in many aspects of life, businesses need confidence that each digital transaction they power is seamless and secure. More recently we’ve seen the extended nature of our digital supply chain threatened as well. New third- and fourth-party risks are emerging daily but with an approach of having built in controls and standards around cloud with security at its core, we can alleviate these emerging threats in the digital supply chain.
Businesses need to remain trusted stewards of other people’s data so that as consumers, we have confidence in every digital interaction and trust that our privacy and information will stay our information.