In an attempt to convince its customers to securely place more of their company data on the cloud, at Next ’20: OnAir, Google Cloud released its new security offerings — Confidential VMs among others. Underlying the company’s cloud commitment to encrypting critical data of governments and companies, Google unveiled these products to protect data better online.
Now, more than ever before, due to COVID pandemic, it has become critical for companies to securely move their workloads and sensitive data to the cloud to reduce costs as well as to have a smooth transition to remote working. Consequently, companies need to meet the regulatory requirements, create encryption for sensitive data as well as create a robust security framework to deal with emerging threats. And, Google Cloud’s new tools have been designed to handle those hypersensitive data for companies and governments.
As a matter of fact, the drive to protect data on public clouds with confidential computing has been a persistent concern for many tech giants. And that’s why companies like IBM, Google Cloud, Microsoft, Red Hat, Alibaba, and Intel have formed a community to focus on projects towards securing data in use.
During the event, when asked, Sunil Potti, General Manager and VP of Security at Google Cloud stated to the media, companies in sectors like finance, healthcare as well governmental agencies wish to adopt cloud technologies for managing their data workloads. However, data privacy or compliance requirements often acted as a barrier. These security tools will simplify security operations for companies in these sectors so that “they can securely take advantage of the cloud innovation.”
Confidential VMs To Secure The Data In Use
Built on second-generation AMD chips — EPYC processors, Confidential Virtual Machines (VMs) encourage confidential computing by encrypting data for its customers with less computing power. Although there were several tools in the market to secure data in cloud storage, processing sensitive data while keeping it private was the challenge that needed to be addressed. Google Cloud’s Confidential VMs, is the first, to encrypt the data in not only rest but also while in transit. Available in beta for Google Compute Engine, it allows customers to run their workloads on Google Cloud in an encrypted manner.
According to the company, the security level is utmost and can unlock new computing scenarios. Along with real encryption-in-use and N2D-based high-performance VMs, these confidential VMs benefits from AMD EPYC secure encrypted virtualisation (SEV), which encrypts the VM memory while keeping up the performance. With the keys being generated by the AMD Secure Processor, locking down the VM memory, not only it restricts access of the data for the company but also the VMs running on the host.
Furthermore, these VMs by Google are leveraging the company’s Shielded VMs, which provide additional confidential OS images. This again gives confidence to the customers to move more of their workloads to Google Cloud, making a strong market position for the company.
Some of the prominent use will be with companies sharing their confidential datasets on cloud and collaborating on research, all while keeping the confidentiality of the data. This, in turn, can encourage more research and development of more innovative solutions and technologies, helping society as a whole. “Confidential computing can help companies transform the way they process their data in the cloud while keeping it confidential,” stated in the company’s blog post.
Apart from Google, Microsoft Azure, as well as AWS has also initiated their confidential computing approaches. However, with SEV, one doesn’t have to “recompile and redesign their applications,” and thus allows lift and shift of workloads.
- Real-time encryption of data in use
- Seamless transition to Confidential VMs
- High-performance for demanding computational tasks
- Multi-party computation
- Utmost confidentiality and restricted data access
Along with Confidential VMs, Google Cloud also launched Assured Workloads for the government to ensure encryption and compliance for their workloads. With the outbreak of COVID pandemic, it’s all the more critical for companies to move their data and workloads to the cloud in order to have a seamless remote working. However, with security being a concern, it could restrict companies to leverage the latest cloud capabilities. Great news that Google’s is continuing to push innovations around security with their Confidential VMs, which, in turn, will encourage many to adopt cloud.