Metanav

Is Confidential Computing the Future of Cloud Security? 

confidential-computing

In October, IBM announced plans to split the 109-year-old tech giant’s managed infrastructure services unit into a separate public company that will focus on cloud computing. Dubbed “NewCo,” the company plans to launch late next year in order for IBM to center its attention on artificial intelligence projects and its cloud platform.

Since the Covid-19 pandemic triggered a wave of business shutdowns across the globe, there has been a massive influx of tech companies migrating their data to the cloud. However, with many organizations still reluctant to transition over security concerns, the migration is far from complete. In a new report called “Hype Cycle for Cloud Security,” the research firm Gartner reported that companies cite privacy as a major reason for not transitioning to the cloud even if they are certain of its larger benefits.

“The cloud makes a lot of things simple, but it doesn’t necessarily remove the risk, and it doesn’t change that security is not important anymore,” Scott Berkshire, Chief Technology Officer at Energy Group Networks, said during a 26 June virtual forum hosted by the San Francisco Business Times.

What is Confidential Computing?

To meet the pressing demand for privacy, more and more cloud providers are turning to a revolutionary standard known as “confidential computing,” which Gartner listed in its report as one of over thirty “key security technologies.”

Typically, client data on the cloud must be decrypted in order to be processed, which increases its vulnerability to exposure. However, confidential computing encrypts data as it is being processed and used.

The standard embeds security deep within the technology by using encryption that can only be unlocked by a client’s keys. These keys lock out the companies that collect the data and cloud applications that host it. Information is kept in a hardware-based trusted execution environment (TEE), which prevents anyone without authorization from obtaining the information, and thwarts anyone who manipulates the code.

The confidential computing standard is appealing because it prevents third-party cloud services (such as Amazon or Google) and other third parties (like credit card and retail companies) from inadvertently exposing sensitive client data to hackers.

“This is part of what we view as unlocking the next generation of cloud adoption,” IBM CTO Hillery Hunter told Venture Beat. “It’s very much about getting clients to look not just at the first really obvious consumer mobile app kind of things to do on a public cloud. There’s a second generation of cloud workload considerations that are more at the core of these businesses that relate to more sensitive data. That’s where security needs to be considered upfront in the overall design.”

While confidential computing is likely to encourage many companies to transition to cloud computing, full-scale adoption will take at least five to ten years. To speed things up, a group of major tech companies—Baidu, Alibaba, Google Cloud Arm, IBM, Intel, Microsoft, and Red Hat—launched the Confidential Computing Consortium, an open source project, in 2019.

Some consortium members are already using the standard. In 2018, IBM released its Confidential Cloud services Cloud Hyper Protect Services and IBM Cloud Data Shield.  A few months ago in July, Google launched its first set of Confidential Computing services.

With the Covid-19 pandemic pushing more and more companies to transition their data to a more flexible environment, confidential computing is well equipped to spur the first mass migration of organizations to the cloud.

Understand Cloud Computing

Learn more about the benefits and challenges of cloud computing and how it pertains to your organization. Check out the Cloud Computing Course Program, which offers 37 self-paced courses focused on various aspects of cloud computing technologies.

Contact an IEEE Content Specialist for more details about getting access to this program for your organization.

Interested in getting the program for yourself? Visit the IEEE Learning Network today.

Resources

O’Brien, Chris. (16 October 2020). Why IBM believes Confidential Computing is the future of cloud security. Venture Beat. 

Comcast Business. (5 October 2020). How the mass migration to cloud computing is impacting cybersecurity (Video). San Francisco Business Times.

Rashid, Fahmida Y. (27 May 2020). What Is Confidential Computing? IEEE Spectrum. 

, , , , ,

No comments yet.

Leave a Reply

https://www.googletagmanager.com/gtag/js?id=G-BSTL0YJSGF