A new product from Google Cloud adds a layer of encryption to protect sensitive customer data.
The cloud computing platform from Google already encrypts data at rest, for instance data stored in a database, and in transit (or when it travels over the internet). On Tuesday, the company announced the beta release of Confidential Virtual Machines, or VMs, the first product in Google Cloud’s Confidential Computing portfolio.
The VMs encrypt data in use — while it’s being processed. The new security layer is the result of a partnership with AMD in which the chip manufacturer provides hardware-based security designed to protect sensitive data within virtual machines or containers.
Google Cloud expects Confidential VMs to be particularly useful in heavily regulated industries such as financial services.
“At JPMorgan Chase, protecting data is one of our highest priorities,” Morgan Akers, a director at JPMorgan Chase, said in a Google Cloud blog post. “Confidential Computing is an emerging technology that we are excited to explore as part of our data protection strategy.”
Data will remain encrypted while it is used, indexed, queried or trained on. Organizations will be able to collaborate on research in the cloud without revealing confidential data sets, Google spokespersons said.
The other advantage for clients is the simplicity, said Ulku Rowe, technical director of financial services at Google Cloud.
“They can click a checkbox and automatically convert data from regular VM to confidential VM,” she said. “No one has to touch the code or rewire their workload. Banks and other financial institutions can migrate the workload from a highly secure environment without a performance hit or doing much work at all.”
