Tech giants come together to form cloud security watchdog
Some of the world’s biggest technology companies are joining forces to improve the security of files in the cloud. This includes Google, IBM, Microsoft, Intel, and many others.
The news first popped up on the Linux Foundation, where it was said that the Confidential Computing Consortium will work to bring industry standards and identify the proper tools to encrypt data used by apps, devices and online services.
At the moment, cloud security solutions focus to protect data that’s either resting, or is in transit. However, when the data is being used is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.”
The issue “affects the privacy and security of almost every single person on Earth who interacts with these systems every single day,” said Jim Zemlin, executive director of the Linux Foundation. “The urgency here is not lost on anyone.”
Each company will bring something from its own arsenal to the joint effort. Microsoft will bring the Open Enclave Software Development Kit, Intel is bringing the Software Guard Extensions SDK, while Red Hat will come bearing Enarx.
If the joint effort is successful, “we’ll see people being able to deploy applications much more securely and easily, making use of these new developments,” said Mike Bursell, chief information security architect at Red Hat, a co-creator of the Enarx project.
“Protecting data in use means data is not visible in unencrypted form during computation except to the code authorized to access it,” said Microsoft Azure CTO Mark Russinovich in a post Wednesday morning. “That can mean that it’s not even accessible to public cloud service providers or edge device vendors. This capability enables new solutions where data is private all the way from the edge to the public cloud.”