Security News > 2020 > July > Google Cloud Unveils Confidential VMs Powered by AMD EPYC Processors
Google on Tuesday unveiled the first product in its Google Cloud Confidential Computing portfolio: Confidential VMs. Currently in beta for Google Compute Engine, Confidential VMs are designed to help organizations, particularly ones in regulated industries, protect sensitive data by providing memory encryption capabilities that can be leveraged to isolate cloud workloads.
Confidential VMs leverage the Secure Encrypted Virtualization feature in 2nd Gen AMD EPYC processors to ensure that sensitive data remains encrypted at all times, including while it's used, queried or indexed.
"Using the AMD SEV feature, Confidential VMs offer high performance for the most demanding computational tasks, while keeping VM memory encrypted with a dedicated per-VM instance key that is generated and managed by the AMD EPYC processor. These keys are generated by the AMD Secure Processor during VM creation and reside solely within it, making them unavailable to Google or to any VMs running on the host," Google said.
AMD says its EPYC processors support a variety of cloud workloads, including general purpose, memory bound, compute-intensive and virtual desktop infrastructure.
These processors are used not only by Google Cloud, but also Amazon Web Services, Microsoft Azure, Oracle Cloud Infrastructure, and IBM Cloud.