Saxo Bank enhances security with Baffle’s Data Protection Services

Rick Steves

Saxo Bank has deployed Baffle’s Data Protection Services to protect sensitive customer data, ensure compliance with stringent regulations, and support the bank’s migration to a highly scalable cloud and microservices architecture. The bank and trading platform provider will also be integrating Baffle into its customer-facing products.

Baffle provides data protection in the cloud via a “no code” and “low code” data-centric security approach. The firm allows companies to control who can see what data with this security layer, with no performance impact on the user experience

The Denmark-headquartered financial services and fintech provider has tapped Baffle to ensure the high volume of data under management is available on demand to its internal and external stakeholders. The final goal is to reduce the risk of breaches and non-compliance fines.

Saxo Bank adopted event-driven’ operations approach

Paul Makkar, Director of Data at Saxo Bank, commented: “With Baffle, we could successfully collaborate and influence the short-term and long-term roadmap. Baffle enabled us to securely transform to a modern event-driven cloud data mesh. For the first time, we could use multiple encryption keys seamlessly and provide our internal applications a simplified, centralized way to de-identify sensitive data.”

The team led by Saxo’s Paul Makkar has adopted an ‘event-driven’ operations approach powered by Confluent Kafka on Microsoft Azure and AWS cloud platforms.

Baffle facilitates the implementation of a new data mesh architecture. Data encryption was tedious and difficult to manage in the past, especially considering that the bank has many different legal entities worldwide, each with unique privacy requirements.

Saxo Bank now runs a data-centric security platform that includes the following:

  • Protection for each of its 25 data domains, using a centralized and standardized encryption service.
  • A record-level data mesh to securely publish and consume data via Kafka data streams.
  • Format-preserving encryption (FPE) capabilities to avoid breaking any applications that were unauthorized consumers of the Kafka data streams.
  • Multiple data encryption keys to create the appropriate segregation and fine-grained authorization.

Ameesh Divatia, co-founder and CEO of Baffle, said: “Saxo Bank sets the bar for adopting a more proactive approach to data-centric security. As the bank continues to modernize its architecture, it is not only protecting data at rest but also as it moves in the cloud and is shared across the entire analytics pipeline. Privacy by design emerged as a key tenet of this new architecture, ensuring security and privacy is baked in from the start. Paul and his team illustrate how organizations should be considering their internal security posture and ways in which they can help their own end users differentiate with their customer base.”

Read this next

Retail FX

Belgium regulator blacklists FXP360, Appex Finance, and Wise-Markets

Belgium’s financial watchdog, the Financial Services and Markets Authority ‎‎(FSMA), has issued a warning against the unauthorized activities of multiple ‎ platforms that are offering investments in the country without ‎complying with Belgian financial legislation.‎

Digital Assets

MicroStrategy piles on Bitcoin, acquiring 0.90% of circulating supply

MicroStrategy, the world’s largest Bitcoin corporate holder, has further increased its holdings of the primary cryptocurrency. According to a recent filing, the company acquired an additional 16,130 bitcoins between November 1 and November 29, spending $593.3 million at an average price of $36,785 per bitcoin.

Digital Assets

Paxos gets nod to issue dollar-backed stablecoins in UAE

Stablecoin issuer Paxos has received preliminary approval from Abu Dhabi’s Financial Services Regulatory Authority to issue U.S. dollar-backed virtual currencies and provide crypto-brokerage and custody services.

Digital Assets

Flare Labs Begins Testing FAssets on Coston Testnet Paving Way for Non-Smart Contracts to Flare

Flare Labs has introduced FAssets on the Coston testnet, enabling the integration of non-smart contract tokens like BTC, XRP, and DOGE into the DeFi ecosystem.

Digital Assets

Philippine bars access to Binance, citing unregistered operations

The Philippines’ Securities and Exchange Commission (SEC) is moving to block access to Binance due to regulatory concerns, citing the platform’s operation without proper registration and authorization in the country.

Digital Assets

FTX cleared to sell investments in Grayscale and Bitwise funds

Bankrupt cryptocurrency exchange FTX has received approval from the bankruptcy court to start selling its stakes in digital trusts managed by Grayscale Investments.

Digital Assets

Nexo launches Dual Investment for yield earning and price prediction

“Dual Investment revolutionizes how users engage with BTC and ETH, offering a flexible, intuitive, yet sophisticated platform for predicting asset price movements, all while securing high yields.”


Aquis Stock Exchange goes live with cloud-based matching engine powered by AWS

“By running on AWS, the Aquis Stock Exchange is driving transformation across the capital markets industry while continuing to enhance the scalability, functionality and innovation that will benefit its members and stakeholders in an environment where security and resiliency are our highest priority.”


Options Technology certified as Microsoft Azure partner for Digital & App Innovation

“Securing our fifth Microsoft Solutions Partner status in less than 12 months is a testament to our commitment to innovation, excellence, and the highest industry standards. We are not only keeping pace with the evolving landscape of cloud technology but leading the way in shaping its future.”