Cohesity, a leader in AI-driven data security and management, announced a strategic collaboration with Intel to integrate Intel’s confidential computing capabilities into the Cohesity Data Cloud. In conjunction with Fort Knox, Cohesity’s cyber vault service initiative marks a groundbreaking advancement in data-in-use encryption within the data management sphere.
This collaboration between Cohesity and Intel addresses a critical cybersecurity concern for CIOs. Traditionally, safeguarding data during active processing has posed significant challenges, often leaving data susceptible to insider threats due to the lack of encryption. Confidential computing facilitates heightened security measures by harnessing the power of Intel Software Guard Extensions (Intel SGX), reducing the risk of unauthorized access to data during its processing in main memory. This innovation holds particular significance for regulated sectors such as finance, healthcare, and government, where data integrity and privacy are paramount.
Also Read: Cohesity for Fortified Cyber Resilience Extends Partnership with IBM
Sanjay Poonen, CEO and President of Cohesity, reiterated the company’s unwavering commitment to innovation in line with their mission of safeguarding and providing insights into global data. He emphasized that collaborations with industry giants like Intel are pivotal in earning the trust of major enterprises worldwide, reinforcing their business resilience. Poonen highlighted the benefits of integrating Intel SGX, Intel Trust Authority, and confidential computing, stating that these advancements will significantly reduce risk and enhance security in cloud environments, allowing customers to prioritize their core business objectives.
What is Confidential Computing?
Confidential computing, a cloud technology, safeguards data throughout processing, bolstering end-to-end security with exclusive encryption key control.
This technology segregates sensitive data within a secure CPU reserves during processing, ensuring only authorized programming codes can access its contents. These contents, encompassing processed data and associated processing techniques, remain concealed and inaccessible to entities beyond authorized access, including cloud providers.
Given organizational leaders’ escalating reliance on public and hybrid cloud solutions, ensuring data privacy in the cloud becomes paramount. Confidential computing aims to instill confidence among leaders by assuring the protection and confidentiality of their cloud-stored data. This assurance, in turn, encourages the migration of more sensitive data and computing workloads to public cloud platforms.
While cloud providers have long offered encryption services to safeguard data at rest and in transit, confidential computing addresses the final frontier of data security by fortifying data in use during processing or runtime.
Advantages of Using Confidential Computing
Improving Data Security
Cohesity’s flagship platform, Cohesity Data Cloud, has always incorporated advanced technologies to safeguard vital data from cyber threats. Through a strategic alliance with Intel, Cohesity is further fortifying customers’ defense against cyber threats by:
- Innovative Encryption Key Protection: Creating a unique solution to safeguard encryption keys within a hardware-secured environment, leveraging Intel SGX for confidential computing in the cloud.
- Mitigating Data Exfiltration Risks: Significantly reducing the risk of data exfiltration, as the encrypted data remains inaccessible to privileged accounts during processing in memory.
- Securing Intel SGX Authentication: Offering Cohesity customers a means to authenticate their Intel SGX via Intel Trust Authority, ensuring the integrity of the platform with the latest patches and exclusive execution of the Cohesity application prior to key extraction.
Greg Lavender, executive vice president and chief technology officer at Intel Corporation, acknowledged Intel’s role as a pioneer and frontrunner in confidential data center technologies. He emphasized how Intel’s advancements enable customers, especially those managing sensitive or heavily regulated data, to address confidentiality, integrity, and attestation for their workloads. Lavender noted that Cohesity’s adoption of Intel’s technology reflects the increasing customer demand for enhanced data protection in the cloud, emphasizing its commitment to delivering a secure computing environment aligned with customer expectations.
Also Read: Top IT, Cloud, Cybersecurity News Updates: Weekly Highlights
Why Use Confidential Computing Integrated with the Data Cloud?
-
Enhanced Security for Data in Use: Traditional cloud encryption protects data at rest and in transit, but data is vulnerable when processed in memory. Confidential computing utilizes Trusted Execution Environments (TEEs) to encrypt data while it’s being processed, ensuring it remains inaccessible even to cloud providers, administrators, or malicious actors.
-
Facilitates Secure Collaboration: Confidential computing allows organizations to collaborate on data analysis or machine learning projects while keeping their datasets confidential. This is achieved through secure reserves that process data without ever revealing it.
-
Compliance with Regulations: For industries with strict data privacy regulations, confidential computing offers an additional layer of security to ensure compliance. Organizations can address concerns around data sovereignty and regulatory hurdles that might hinder cloud adoption by keeping data encrypted during processing.
-
Unlocks New Use Cases: Confidential computing opens doors for previously risky scenarios in the cloud. For instance, organizations can perform privacy-preserving analytics on advertising data or train machine learning models on sensitive datasets without compromising confidentiality.
FAQs
1. How does confidential computing enhance data security in cloud environments?
Confidential computing encrypts data during processing, ensuring its confidentiality even from cloud providers or administrators, thereby mitigating risks associated with data breaches.
2. What role does Intel SGX play in ensuring confidentiality in Cohesity’s Data Cloud?
Intel SGX enables the creation of secure reserves within CPUs, where sensitive data is processed in a protected environment inaccessible to unauthorized entities, thus ensuring its confidentiality.
3. How does Cohesity’s integration of Intel’s confidential computing capabilities benefit customers in regulated sectors like finance and healthcare?
By leveraging confidential computing, Cohesity provides enhanced data security and compliance with regulatory standards, which is crucial for industries where data integrity and privacy are paramount.
4. What advantages does confidential computing offer over traditional data encryption methods in cloud computing?
Confidential computing encrypts data during processing, addressing the vulnerability of data in use, which traditional encryption methods cannot protect, thereby providing comprehensive security.
5. How does confidential computing facilitate secure collaboration between organizations on sensitive projects?
It allows organizations to collaborate on data analysis or machine learning projects while keeping their datasets confidential through secure domains, ensuring data privacy and security.
[To share your insights with us as part of editorial or sponsored content, please write to sghosh@martechseries.com]