Security News > 2020 > July > New Google Cloud tech gives users control of data confidentiality
Confidential computing encrypts data in use as it's being processed and keeps that data encrypted in memory and elsewhere outside the CPU. Google Cloud just launched a new technology that encrypts data while it's being processed: Confidential computing, which also keeps data encrypted in memory, as well as outside the central processing unit.
Google Cloud users can now control the confidentiality of their data.
The Secure Encrypted Virtualization feature of the second generation AMD EPYCTM CPUs are leveraged by confidential VMs. Enhanced innovation: Businesses can share confidential data sets, as well as collaborate in the cloud and still maintain confidentiality.
Confidentiality for lift-and-shift workloads: All Google Cloud Platform workloads that run in VMs will also be able to run as a confidential VM. Protection against advanced threats: The integrity of a customer's operating system is ensured as it uses the protections shielded VMs offer against rootkit and bootkits.
To handle storage and network traffic with higher throughput than previous protocols, Google Cloud added support for new OSS drivers; these additions confirm performance metrics of Confidential VMs, in line with non-confidential VMs. "With built-in secure encrypted virtualization, 2 Gen AMD EPYC processors provide an innovative hardware-based security feature that helps secure data in a virtualized environment," said Raghu Nambiar, corporate vice president, data center ecosystem, AMD, in a press release.