The boom in digital transformation and mass adoption of cloud computing has transformed the business landscape over the past decade.
Businesses have moved from the expensive and high maintenance burden of managing their IT infrastructure on-premises to private and public cloud services, attracted by the promise of flexibility and scalability.
By moving IT services to the cloud, businesses can operate more efficiently, enjoying lower management costs, user access from more locations, and better third-party data sharing, enabling greater growth and innovation. Financial services companies can, for example, leverage cloud networks to streamline mobile payments or partner with airlines to launch airline rewards cards.
This immense digital transition has been accompanied by a proliferation of data that continues to grow exponentially and by 2025, half of the world’s data is predicted to be in the cloud.
However, as spending on public cloud services grows (expected to reach $591.8 billion this year), so does its appeal to threat actors. According to the UK Government’s 2022 Cyber Breach Survey, 39% of UK businesses identified a cyber attack last year, costing medium and large businesses an average of $19,400 each. Therefore, companies must have a solid understanding of the peripheral vulnerabilities that leave an organization open to cyber threats.
Cloud service providers and SaaS companies are very good at protecting your data. Providers will encrypt data using cryptographic protocols such as SSL, TLS or HTTPS, as it travels between client and server ensuring its security in transit. While at rest or at rest, data can also be protected with robust encryption standards, such as AES-256, as well as strict access controls such as multi-factor authentication and identity management to ensure that only authorized users have access.
That said, the recent attack and resulting cloud service outage by Western Digital shows that threat actors are not slowing down and the attack methodology is becoming more complex.
Even companies with effective and proven security systems continue to fall victim to complex attacks. Businesses are aware of the risks to data in transit and in storage, but they often overlook a key vulnerability that threat actors are increasingly exploiting: data in use.
For the most part, applications require data to be decrypted for processing, returning it to the encrypted state upon completion. Unfortunately, as that information is processed in system memory, sensitive data is exposed.
With growing concern among security leaders, privacy enhancing technologies (PETs) are being developed to fill the gap. Examples include secure multi-party computation, which allows parties to compute a function harmoniously without revealing each other’s specific input, while keeping sensitive information hidden; homomorphic encryption, which creates space for calculations to perform while the data exists in the ciphertext, without decryption, reducing the risk of data leakage; and zero-knowledge proofs, which convince a third party that a claim is true without revealing further information.
However, these models are not foolproof solutions to the data-in-use problem. They are still susceptible to attacks that target vulnerabilities in the underlying firmware and hardware, compromising compute security and leaving sensitive data exposed.
Fortunately, there is a subset of PETs that can protect data despite hardware and software sensitivities: Confidential Processing. Confidential computing creates a secure enclave in system memory underpinning a public cloud platform, with extremely tight access controls and built-in encryption and decryption keys that will block access requests from any unauthorized code.
This means that even if a vulnerability exists in an application, operating system, hardware or firmware, the trusted execution environment denies access and prevents any requested action from being performed unless the source has explicit permissions .
Confidential compute prevents a scenario in which an attacker exploits a vulnerability in an application to gain access to the underlying operating system and access the data through nefarious means, whether through memory dumps, data scraping, or any number of software-enabled attacks memory operating systems control – because the data is kept safe throughout its use. Confidential compute acts as a gateway between in-memory data and code, ensuring that even if an attacker could perform a memory dump, the data would still be encrypted and inaccessible.
With cloud computing becoming globally ubiquitous and huge improvements being made to combat software vulnerabilities, targeted hardware and firmware attacks will continue to grow in popularity as an attack vector. Confidential compute protects the soft underbelly that hardware provides to attackers and is a tool that offers a greater sense of security for organizations when used in conjunction with a robust data-driven cloud security strategy.
Heavily regulated industries such as healthcare and financial services are likely to be early adopters of confidential computing, but as its effectiveness is proven, I expect confidential computing to become a security norm in all enterprises.
About the author
David Fairman is the APAC CIO and CSO of Netskope. Netskope is a global SASE leader, redefining cloud, data and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform delivers streamlined access and real-time security for people, devices and data wherever they are. Netskope helps customers reduce risk, accelerate performance, and gain unmatched visibility into all cloud, web, and private application activity. Thousands of customers, including more than 25 Fortune 100, rely on Netskope and its powerful NewEdge network to address ever-evolving threats, new risks, technological changes, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything in their SASE journey, visit netskope.com.
Featured image: merklicht.de
#Confidential #Computing #Essential #Data #Protection #Layer #Evolving #Cloud #Threats #TechNative