Google Cloud has introduced Confidential Computing in a bid to help secure data in the cloud.
Google and Microsoft are both founding members of the Confidential Computing industry group. The goal of Confidential Computing is to encrypt and secure data while it is being used and processed. This is far different than current encryption methods, wherein data must be decrypted in order to access it. In its current incarnation, Google Cloud encrypts data in transit and at rest, but the data must be decrypted to work with.
Confidential Computing is a game-changer since it keeps data encrypted at every step of the process, including when the data is being accessed.
“Google Cloud encrypts data at-rest and in-transit, but customer data must be decrypted for processing,” write Nelly Porter, Senior Product Manager; Gilad Golan, Engineering Director, Confidential Computing; and Sam Lugani, Lead Security PMM, G Suite & GCP platform. “Confidential Computing is a breakthrough technology which encrypts data in-use—while it is being processed. Confidential Computing environments keep data encrypted in memory and elsewhere outside the central processing unit (CPU).
“Confidential VMs, now in beta, is the first product in Google Cloud’s Confidential Computing portfolio. We already employ a variety of isolation and sandboxing techniques as part of our cloud infrastructure to help make our multi-tenant architecture secure. Confidential VMs take this to the next level by offering memory encryption so that you can further isolate your workloads in the cloud. Confidential VMs can help all our customers protect sensitive data, but we think it will be especially interesting to those in regulated industries.”
This is an exciting development in the realm of cloud security, and specifically for Google Cloud. As the first major cloud provider to offer Confidential Computing, this is a big win for Google as it battles its larger rivals in the cloud space.