Can the public cloud become confidential?
It’s been often said that the only two certain things in life are death and taxes. Over the past ten years, it seems data breaches can be added to this list. Can an organization really be completely safe – without fear of losing confidential or regulated data, company secrets, and (increasingly) proprietary algorithms and AI code?
The reality is that it’s extremely difficult to fully protect data or other digital assets. On-premises, private cloud, and public cloud data are all vulnerable to insiders and malicious software. Defenders need only to fail once in detecting and shutting down an attack to result in disaster. One can argue the relative safety of each environment, but the reality is nothing is totally safe.
According to 451 Research, nearly 70% of CISOs say the public cloud can’t be rationally trusted to keep sensitive data and workloads confidential. CISOs know that given enough time, a breach of some kind—even unintentional—is an eventuality. And this knowledge isn’t limited to CISOs: every public cloud provider understands their vulnerability.
While CISOs continue to maintain private data centers for their most sensitive workloads, public cloud vendors have responded by deploying secure computing technologies intended to transform vulnerable public computing resources into completely confidential ones.
AWS, for example, recently released AWS Nitro Enclaves, a hardware card adjunct to existing AWS hosts, that supports “data in use” isolation—the foundation of a secure execution environment. Microsoft Azure confidential computing has deployed similar capabilities, recently deploying hosts that support both Intel SGX and AMD SEV technologies. Google announced similar capabilities, leveraging AMD’s SEV proprietary secure computing technology.
Unfortunately, in practice, these silicon-level technologies have usability limits that prevent wide adoption by IT organizations. This is primarily because they’ve focused only on securing unencrypted memory and data that is in use—long the security Achilles heel of virtually every host running today. Stored data and networked communications have been left to be remedied with separate, point technologies that create complex siloes and potential gaps in protection.
While immensely powerful, these technologies still aren’t viable for organizations that have thousands of legacy and packaged applications. Even if some of these applications could be modified, few CIOs will be willing to make the costly revisions that would lock their most important applications to a single cloud vendor and confidential computing technology stack.
The good news is these same confidential computing technologies lay the foundation for a new software-based computing construct which makes secure computing easier for IT organizations to adopt, regardless of the underlying technology and public cloud. They also provide a powerful platform on which a new class of secure computing applications can be constructed called the Confidential Cloud.
What is a Confidential Cloud?
The Confidential Cloud is a secure confidential computing environment formed over one or more public cloud providers. Applications, data, and workloads within a Confidential Cloud are protected by a combination of hardware-grade encryption, memory isolation, and other services in the underlying host.
Like micro-segmentation and host virtualization, resources within a Confidential Cloud are isolated from all processes and users in a default zero-trust posture. But the Confidential Cloud does more than isolate network communications, it isolates the entire IT environment used by a workload—including compute, storage, and networking. That enables support for virtually any application.
Because Confidential Cloud protection is inextricably part of data, the protection extends wherever the data goes. Legacy enterprise perimeters are defined by physical appliances, but a Confidential Cloud’s perimeter is established by an inextricable combination of hardware isolation, encryption, and explicit least-privileged access policy. The bottom line is that workloads and data are processed completely cloaked from insiders, bad actors, and malicious processes—keeping all aspects of a workload secure—even in the event of physical host breach.
The practical promise of the Confidential Cloud
Sound complicated? In practice, it shouldn’t be.
Another feature of the Confidential Cloud software construct is that it operates transparently to both users and applications. Much like server virtualization technologies, a Confidential Cloud enables existing workloads to deploy in precisely the same way they do right now.
Data security becomes an inherent service of the underlying hardware / software stack—not the responsibility of individual applications or additional security functions, such as storage/networking encryption and key management.
Implemented in this way, virtually any application can be operated within a Confidential Cloud without any changes to development or operations. Because protection flows with the data itself, leveraging Confidential Clouds for distributed cloud-native applications has the potential to dramatically decrease complexity and costs while eliminating much of an application’s attack surface.
Are Confidential Clouds on the horizon?
The foundation and the software for confidential clouds are available today. Virtually all the major public cloud providers have deployed some form of confidential computing hardware around the globe as a clickable option to their current host offerings. The software that forms Confidential Clouds is also readily available, often directly through the same cloud providers.
Proof-of-concept environments that run pre-packaged applications, including market-leading databases, AI engines and more can be instantiated and tested quickly. Those components are all here now, forming a complete solution that can be readily adopted without disruption.
The scale and economics of the cloud are undeniable. Now that the Confidential Cloud eliminates the last remaining security concern, organizations no longer have to trade off security vs. the advantages of cloud infrastructure. At last, a powerful new kind of cloud security can rein… and it will do so confidentially.