Digital Asset Security: When to Buy a Solution from a Security Vendor

Scenario: You’re a CISO looking to secure your financial services organization’s digital assets — and secure them effectively and efficiently for the long term.

The risks: Cryptocurrency breaches and hacks, a history of rogue insiders pilfering funds in your industry, and customer trust at stake in the event of a systems failure.

You’ve been looking at building your own digital asset security structure from the inside out — but turned it down due to inefficiency, maintenance, and manpower considerations. You’ve looked at several SaaS providers, but none of them hold the new asset your organization has just integrated into your systems.

What’s a CISO to do? Read on — there’s another option.

Overview of the security vendor solution approach

An in-house deployed security platform is developed by an elite third-party team of security, cryptography, and technology experts. These platforms combine the in-depth technical know-how in cryptography, blockchain, cybersecurity, and digital asset domains to best serve enterprise-grade customers, global banks, and top-tier financial institutions.

Ideally, an in-house deployed security platform includes advanced security and platform management capabilities — replete with API and developer tools to enable a smooth and full integration with the service provider’s infrastructure and options for expansion of services and capabilities.

An in-house managed service takes the best of in-house developed “DIY” systems and SaaS services and gives enterprises back their control and their time. But it’s not for everyone, as we shall explain below.


· Leverage security expertise — Working with a security vendor lets you offload core security platform development, benefitting from the vendor’s expertise, dedicated resources, and experience in the broader market. As a result, you can focus internal resources on more advanced service aspects such as creating sophisticated security policies and automating workflows.

· Maximize control — Plug the solution into your own infrastructure, giving you maximal control over critical service functionality, performance and security. For example, you can leverage security solutions that let you fully control the location of digital asset keys, transaction approval workflows, assets supported, availability and backup architectures, and/or blockchain ledger communication infrastructure. Institutions maintain full control over their assets — and their business.


· Requires internal technical resources — While SaaS offerings allow the digital asset service provider to fully outsource the maintenance of the security infrastructure, security vendor solutions require internal resources to integrate, deploy and administer. When evaluating a solution, work with the vendor to understand the type and amount of internal resources you will need to invest for initial design, deployment and ongoing use, as well as professional services and support options.

· Vendor dependence — You rely on the vendor’s solution capabilities and roadmap. When evaluating a solution, examine not only existing and near-term features but also the level of flexibility of the vendor and the ability to independently extend platform functionality, for example modifying approval structures for transactions or adding support for new digital assets.


“DIY” home-grown security solutions, Security-as-a-Service (SaaS), and security vendor platforms each have their benefits and drawbacks for digital asset service providers — and it’s important to choose the best platform for your business’s needs. The size of your organization, the roadmap for growth, budget, and internal and external resources each play critical roles in determining the fit of a security platform for your organization.

More in this series:



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tova Dvorin

Tova Dvorin


Content manager. Recovering reporter. Coffee enthusiast and chronic reader.