taniyaybuckley went to 0 concert
The major public cloud providers have admitted in the past that the data they store is not as secure as it should be. They've created "confidential computing" as a new feature that allows them to isolate sensitive data while it is being stored and, more importantly at the time it is used.
Confidential computing can be used to protect data currently in use. This is the biggest problem with data security. It is not perfect to serve this purpose, but it is effective. Whether you aim for additional resources on confidential computing, look at this website.
Brief history of confidential computing
The execution of the process can differ from one provider to another but the fundamental concept behind confidential computing involves creating an isolated environment that is able to protect the customer or client data as well as processing data. Although virtual isolation is possible but it is more typical to have physical isolation which is based on hardware that is specifically designed for it.
Microsoft's description of the concept of confidential computing gives the general concept:
Confidential computing safeguards data in use by segregating computations from an executor environment that is trusted. While data is traditionally encrypted during its rest or in transit, confidential computing secures your data as it's processed. A TEE provides a protected container by protecting a part of the processor and memory. It is possible to run software on top of the protected environment to protect certain portions of your code and data from being modified or viewed beyond the TEE.
New challenges posed by confidential computing
Pricing is not well-publicized, but it's clear that private computing is more costly than other cloud-based compute services due to the additional effort, including dedicated hardware required to isolate the content. Access to confidential computing is restricted at the moment even though they're costly.
Cost and availability are relatively minor issues in the grand scheme of things, since confidential computing brings with it a whole variety of issues:
There are some fundamental operational issues which limit the ability to scale this method. Trusted execution environments need to be created for each specific application, which requires time and effort as well as cost whenever an organization needs to expand security to a new database.
The increasing number of instances raises IT management challenges as teams try to transfer data and ensure visibility across all of these environments. Confidentiality can also lead to new data silos. This is the issue of many organizations which are trying to eradicate them.
Since the various providers use different solutions, data sharing between companies becomes a challenge. While the coalition is trying to solve this problem through open source projects as well as the largest cloud provider in the public cloud (AWS) the compatibility between the various cloud services will be limited for the foreseeable future.
Better data protection
It is better to be able to have one solution which provides the same security like confidential computing. This is an effective encryption of data in transit and at rest. But it doesn't come with the same complexities or limitations. Instead of securing the company's data with confidential computing, why not safeguard all of the company?
Secure data sharing between organizations and companies can be achieved through an approach that is effective regardless of where it's stored. Costs can be reduced due to not requiring specialized hardware to isolate data. Additionally, issues of scaling and performance are avoided by using the existing cloud infrastructure instead of attempting to deal with the endless cycle of single-use deployments.
This is what we had in mind when designing our solutions providing all the advantages of confidential computing without the problems. Sotero offers an encryption service that safeguards the data at all times regardless of where it's stored. A central solution that can be readily deployed and easily integrated with the existing platforms, Sotero can encrypt data down to the field level.
Confidential computing can be used to protect data currently in use. This is the biggest problem with data security. It is not perfect to serve this purpose, but it is effective. Whether you aim for additional resources on confidential computing, look at this website.
Brief history of confidential computing
The execution of the process can differ from one provider to another but the fundamental concept behind confidential computing involves creating an isolated environment that is able to protect the customer or client data as well as processing data. Although virtual isolation is possible but it is more typical to have physical isolation which is based on hardware that is specifically designed for it.
Microsoft's description of the concept of confidential computing gives the general concept:
Confidential computing safeguards data in use by segregating computations from an executor environment that is trusted. While data is traditionally encrypted during its rest or in transit, confidential computing secures your data as it's processed. A TEE provides a protected container by protecting a part of the processor and memory. It is possible to run software on top of the protected environment to protect certain portions of your code and data from being modified or viewed beyond the TEE.
New challenges posed by confidential computing
Pricing is not well-publicized, but it's clear that private computing is more costly than other cloud-based compute services due to the additional effort, including dedicated hardware required to isolate the content. Access to confidential computing is restricted at the moment even though they're costly.
Cost and availability are relatively minor issues in the grand scheme of things, since confidential computing brings with it a whole variety of issues:
There are some fundamental operational issues which limit the ability to scale this method. Trusted execution environments need to be created for each specific application, which requires time and effort as well as cost whenever an organization needs to expand security to a new database.
The increasing number of instances raises IT management challenges as teams try to transfer data and ensure visibility across all of these environments. Confidentiality can also lead to new data silos. This is the issue of many organizations which are trying to eradicate them.
Since the various providers use different solutions, data sharing between companies becomes a challenge. While the coalition is trying to solve this problem through open source projects as well as the largest cloud provider in the public cloud (AWS) the compatibility between the various cloud services will be limited for the foreseeable future.
Better data protection
It is better to be able to have one solution which provides the same security like confidential computing. This is an effective encryption of data in transit and at rest. But it doesn't come with the same complexities or limitations. Instead of securing the company's data with confidential computing, why not safeguard all of the company?
Secure data sharing between organizations and companies can be achieved through an approach that is effective regardless of where it's stored. Costs can be reduced due to not requiring specialized hardware to isolate data. Additionally, issues of scaling and performance are avoided by using the existing cloud infrastructure instead of attempting to deal with the endless cycle of single-use deployments.
This is what we had in mind when designing our solutions providing all the advantages of confidential computing without the problems. Sotero offers an encryption service that safeguards the data at all times regardless of where it's stored. A central solution that can be readily deployed and easily integrated with the existing platforms, Sotero can encrypt data down to the field level.