Google has created a new way to encrypt data in the cloud – Business Insider
Google Cloud has followed Microsoft and AWS in adding a new kind of security tech, known as Confidential Computing, to its arsenal.
Confidential computing allows super secret data to remain encrypted, even while it is being processed.
It is such a major new type of cloud tech that a group of top vendors including Google and Microsoft formed the Confidential Computing Consortium late last year. Amazon Web Services, the largest cloud provider on the market, did not join that consortium
Confidential Computing is a way to convince cloud holdouts to bring more of their data to the cloud.
On Tuesday during its Google Cloud Next ’20 virtual conference, Google became the latest of the biggest cloud providers to offer a new form of encryption that allows super secret data to stay that way, even while servers in the cloud are processing the data.
At the enterprise level, data is generally encrypted while stored on a disk, or transferred across networks. Advances in processor chips now allow for data to stay encrypted even while in use by an application. It’s a new level of security now being deployed at several of the largest cloud vendors.
Google is announcing on Tuesday the first two services that offer this level of encryption: Confidential VMs and Assured Workloads for Governments.
Both Google and Microsoft call this kind of encryption “confidential computing.” In fact, these two were among the founding members of the Confidential Computing industry consortium that launched at the Linux Foundation in late 2019. Amazon Web Services, the largest cloud computing vendor on the market, is not yet a member of that group.
Google Chief Internet Evangelist Vint Cerf — the computer scientist widely credited as “the father of the Internet” — said in a press release that this new kind of encryption “can fundamentally change the nature of cloud computing.” He also said that “Confidential Computing is one of those game changers that has the potential to transform the way organizations process data in the cloud, while significantly improving confidentiality and privacy.”
Essentially it means that data that was too secret to be sent to the cloud can now be sent there — think hedge fund quant/algorithms, the secret sauce that some hedge funds use to detect “signals” from big data and make trading decisions.
The cloud vendors hope this type of security will convince cloud holdouts to join the public cloud as well. Although some of these holdouts are adopting what’s known as “private clouds” — which is to say, putting cloud tech into their own, private data centers — the hope is that the cloud vendor can convince them to move some of their applications and data into the public cloud, and encourage them to consider moving more over time.
Google is following Microsoft Azure and Amazon Web Services in offering this encryption capability. Google is leaning on AMD and its new AMD EPYC 7002 Series Processors to provide its Confidential Computing. Microsoft is using Intel’s Xeon processor E-2200 family. Meanwhile Amazon provides this sort of service using its own homegrown chip, now in its second generation, the ARM-based AWS Graviton 2.
Are you a Google Cloud insider with insight to share? Contact Julie Bort via email at email@example.com or on encrypted chat app Signal at (970) 430-6112 (no PR inquiries, please). Open DMs on Twitter @Julie188.