Lacero Combines Policy Enforcement with Blockchain to Deliver Unprecedented Security

3 min read

Digital assets are entering the mainstream as financial institutions around the world strategize about how to engage with this exciting new source of value.

But while these organizations will already have policies for traditional financial instruments, they will inevitably fall short of the demands of digital assets (with their 24/7 markets operating with instant settlement finality).

Lacero is bridging the gap between policymakers and emerging technology, introducing a control, integration, governance and compliance meta-layer for all digital assets and data objects. IBM Cloud Hyper Protect Virtual Servers and IBM Cloud Hyper Protect Crypto Services are at the heart of our platform, helping us build a confidential computing environment that unites with our unique policy creation and enforcement capabilities to enable unmatched security.

Recognizing the power of policy

Discussion of digital assets goes hand-in-hand with conversations about security. All too often, however, the conversation goes as far as encryption and key management — and then stops.

At Lacero, we believe that there are three legs of the stool when it comes to security of digital assets — encryption, key management and policy. Policy is a powerful tool, giving organizations the opportunity to introduce nuanced, layered rules that serve their specific goals while minimizing risk. For example, a financial institution may want to introduce extra authorizations for trades above a particular size or incorporate Know Your Customer (KYC) or Anti-Money Laundering (AML) requirements.

While financial institutions devote a lot of resources to developing policy — reports show it is as much of 15% of their costs — it is often a retrospective exercise. Organizations look back at their mistakes and adjust policy to try and prevent them happening again.

We saw a chance to change that, offering clients a real-time view of policy in their organization and the ability to adjust it on a dynamic basis. Specifically, we wanted to offer artefacts: audited smart contract modules published on the blockchain. We are building a marketplace for artefacts — for any industry and any policy — enabling enterprises to build their own or select one off the shelf.

Through our SecureFlow platform, we enable clients to use these artefacts to define policy and integrate with external sources of information. Lacero enforces the policy, acting as an external gatekeeper. When we were designing this solution, we wanted to offer the very best in key management and encryption capabilities, providing clients with a security-as-a-service solution like no other.

Crossing new frontiers

There was only one choice for the foundations of SecureFlow: IBM technology. We chose secure key management from IBM Cloud Hyper Protect Crypto Services, which includes the only cloud hardware security service built on FIPS 140-2 Level 4-certified hardware security modules (HSMs). By combining this with the confidential computing environment provided by IBM Cloud Hyper Protect Virtual Servers, we gained the most secure foundation for our offering.

By teaming up with IBM, we were able to embed security in every stage of the build and deploy processes for SecureFlow. With IBM Secure Build Server, we can create and roll out images using a trusted source and method. We benefit from scalable, high-performance, cost-efficient IBM technology, enabling us to create a truly bank-grade solution for our clients.

Our platform encompasses AES 256 encryption, policy creation and enforcements, audited smart contracts, DLT, API operations, mobile and desktop admin apps, key decryption, biometric authentication and dedicated admin nodes. The SecureFlow platform connects and integrates seamlessly with business processes, with the option to add on a secured communication mechanism for added verification.

The IBM offering provides built-in key management policies, which we augment. All keys are protected within secure enclaves, guarding them from compromise by both external and internal threats.

Bringing SecureFlow to life

Using IBM technology, Lacero offers a decentralized, autonomous and trustless platform that orchestrates and hyper-secures digital assets. Due to its modular, plug and play, industrialized design, you can deploy it at speed, connecting new digital asset rails to existing ones.

Clients can choose how to enforce their policy, from straightforward decryption to a virtual co-signing capability. With Lacero acting as an external enforcer, financial institutions benefit from an added layer of security for transactions. And because the solution is based on the blockchain, clients gain an immutable record they can use for audit and optimization.

By blending innovative IBM technology with our game-changing concept, Lacero enables financial institutions to access the digital asset space with confidence. Our platform will reduce the cost of governance and compliance, while helping organizations in the financial sector to compete with secure, programmable STP (straight through processing) that reduces errors and costs.

As digital assets become increasingly complex, the policies used to manage them must also evolve. With a sufficiently agile platform that leverages no-/low-code smart contract artefacts, you can be prepared for any eventuality. SecureFlow, based on IBM technology, enables financial institutions to have an endlessly configurable and easy-to-manage capability to succeed in this new, fast-changing market.

Learn more about confidential computing on IBM Cloud.

Be the first to hear about news, product updates, and innovation from IBM Cloud