Baffle, Inc. announced that Saxo Bank is deploying Baffle Data Protection Services “to protect sensitive customer data, ensure compliance with stringent regulations, and support the bank’s migration to a highly scalable cloud and microservices architecture.”
Saxo Bank will also be “integrating Baffle into its customer-facing products.”
With the threat of breaches and the potential for significant non-compliance fines, Saxo Bank must “ensure the high volume of data under management is available on demand to its internal and external stakeholders, and secure.”
As a first step, Paul Makkar, Saxo’s director of data, and his team “adopted an ‘event-driven’ operations approach powered by Confluent Kafka on Microsoft Azure and AWS cloud platforms.”
Along with that, Makkar needed “to implement a new data mesh architecture.” Data encryption was tedious and difficult to manage in the past, “especially considering that the bank has many different legal entities worldwide, each with unique privacy requirements.”
In selecting the Baffle Data Protection Services platform, Saxo Bank now “runs a data-centric security platform” that includes the following:
- Protection for each of its 25 data domains, using a centralized and standardized encryption service.
- A record-level data mesh to securely publish and consume data via Kafka data streams.
- Format-preserving encryption (FPE) capabilities to avoid breaking any applications that were unauthorized consumers of the Kafka data streams.
- Multiple data encryption keys to create the appropriate segregation and fine-grained authorization.
“With Baffle, we could successfully collaborate and influence the short-term and long-term roadmap. Baffle enabled us to securely transform to a modern event-driven cloud data mesh. For the first time, we could use multiple encryption keys seamlessly and provide our internal applications a simplified, centralized way to de-identify sensitive data.”
Ameesh Divatia, co-founder and CEO of Baffle, remarked:
“Saxo Bank sets the bar for adopting a more proactive approach to data-centric security. As the bank continues to modernize its architecture, it is not only protecting data at rest but also as it moves in the cloud and is shared across the entire analytics pipeline. Privacy by design emerged as a key tenet of this new architecture, ensuring security and privacy is baked in from the start. Paul and his team illustrate how organizations should be considering their internal security posture and ways in which they can help their own end users differentiate with their customer base.”
Headquartered in Denmark, Saxo Bank is “a global investment bank specializing in online trading and investment.”
Its platform “powers 200+ banks and brokers and 400+ financial intermediaries, and processes 200+ million API requests per day.” The Saxo Bank Group is “authorized and regulated in multiple jurisdictions, holds more than $90 bn in client assets and employs more than 2,500 staff worldwide.”