Google introduces Confidential VMs to enhance enterprise security

Enterprise data security is a big concern for all the businesses operating from cloud storage. The new challenges that come ups with the security drawbacks force the key industry players to understand the urgency and come up with some more advanced security solutions.

Data security is a holistic concept, a small security glitch can be the reason for cyber crimes, making the sensitive data available for attackers to misuse. Analyzing such the smallest possible vulnerabilities in the cloud storage system, Google with the joined forces of Linux foundation with other core members like IBM, Alibaba Cloud, Tencent, and Microsoft have adopted the concept of Confidential computing to implement a higher level of security for the data stored in the cloud.

So before you know further about Google’s new launch let’s first understand what the term Confidential computing means.

What is Confidential Computing?

Confidential Computing, a breakthrough technology that ensures 360-degree data protection. The technology is designed to encrypt the data while it’s being used or processed. The data stored under the Confidential Computing environment are encrypted while in the memory and everywhere outside the CPU.

Let’s make it simple;

Most of the enterprise’s store their confidential business data in the huge cloud storage, the data stored here are encrypted and are only decrypted when the user requests the cloud to access and modify the data. Here while the requested user is allowed to access the decrypted data, the exposure of the data to the vulnerabilities increases. This is the time when the attackers can gain access to the business data stored in the cloud storage.

Here the chances of data leakage of highly sensitive information along with the encryption keys proliferate. Moreover, another risk of storing and accessing the encrypted data from the cloud storage is that the cloud providers have access to those encryption keys as the cloud logic which is used to process the access request of the user have to decrypt the data to make it accessible to its user, thus increasing danger for the enterprise information.

Confidential Computing acts as a solution for all these security gaps by protecting the data even when the application is processing it. The core strength of Confidential Computing lies in its mechanism of a (TEE) trusted execution environment where the data is stored in the protected container encrypted using software and hardware. The data stored here can only be accessed from within the container adding an extra layer of security to all states of data.

Google is an early adopter, has implemented this transformational technology, and launched its first product “Confidential VMs”.

Want to explore what google came up with? Keep reading..!

Google launched an enhanced Confidential Computing product – Confidential VMs

Leveraging the power of Confidential Computing, that is; encrypting and protecting the data while it is being used, queried, or indexed in memory or outside the CPU, Google launched its Confidential Virtual Machines.

During its annual Cloud Next conference, Google announced its advanced tech solution that features processors capable of creating and managing secured encryption keys that remain on the chip.

Google’s Confidential VM’s take the current computing on virtual machines to the next level by providing memory encryption to further isolate different workloads on the cloud. Along with this the Confidential VM’s use AMD’s Secure Encrypted Virtualization feature that allows processing the data with real-time encryption generated by a dedicated VM which only resides within the specified VM.

This feature blocks Cloud provider, Google, or VM’s processing on the host site to ensure encryption keys are not exposed. Thus this is an advanced way to ensure data security to big enterprises and build trust in the Cloud storage without compromising the performance.

Now when we are aware of how does Confidential Computing works and its product, let’s have a brief knowledge about how it could be helpful for some businesses that trust Cloud storage and computing for their operations

How Confidential Computing adds a security layer to different businesses

●    Financial Firms storing Credit history of customers

Financial firms might be having thousands of sensitive data like credit history, personal information that are stored into cloud containers encrypted using keys under enterprise key management service.

These firms might be using this data to analyze and run a forecasting logic that inspects historic data of customers to drive useful insights. With Confidential Computing this data is secured irrespective of their stage whether stored, under process, and during runtime.

●    Hospitals storing Healthcare records

The hospital stores confidential data about the patient’s health in their cloud storage, each of these records are stored with an encrypted SSN to avoid any fraud access to data. When anyone requests to access the data, the fraud detection application of the cloud has to compare the SSN number with the recently compromised SSNs by collecting the list of recently breached SSN’s. This whole computing and processing of data can only be possible with Confidential Computing implemented on the cloud storage.

●    Banks storing financial transactions

The storage of bank details are important, but the most crucial aspect of storing and processing bank data is processing a secured transaction through cloud service. As there are various transaction requests and PINS generated to complete the transaction, securing that PINS also becomes a must. Confidential Computing helps add the security by tokenizing the PINs along with encrypting it with the AES key. This added security ensures banks with a protected data network to rely on cloud services.

Final thoughts

The modern problems require modern solutions. The big names and the advanced technologies are making the world a more secure place to live and work in. Confidential Computing is one such tech solution that florists the existing system by solving constraints of cloud storage services.

With the aim to unlock the opportunities of working in a more secure environment, Confidential Computing is an extraordinary solution that can solve organizational concerns on processing sensitive enterprise data by keeping it fully private. Taking the first step, Google’s Confidential Virtual Machines are an encouraging start to the revolution that this exceptional technology will bring to make the entrepreneurs around the world prepared to move workloads to the cloud and consider Confidential Computing to be part of every enterprise cloud deployment.

Author Bio :

Parth Patel is a serial entrepreneur and CEO of SyS Creations – a leading managed IT services firm focused on technology-driven healthcare solutions with a customer-centric, journey-first approach. Operating the IT Infrastructure of Healthcare SMEs and startups keeps him on his toes and his passion for helping others keeps him motivated.