Improve isolation of sensitive data payloads with hardware-based memory protections
Confidential computing is an emerging industry initiative focused on helping to secure data in use.
The efforts can enable encrypted data to be processed in memory while lowering the risk of exposing it to the rest of the system, thereby reducing the potential for sensitive data to be exposed while providing a higher degree of control and transparency for users. In multi-tenant cloud environments, where sensitive data is meant to be kept isolated from other privileged portions of the system stack, Intel® Software Guard Extensions (Intel® SGX) plays a large role in making this capability a reality.
As computing moves to span multiple environments—from on-prem to public cloud to edge—organizations need protection controls that help safeguard sensitive IP and workload data wherever the data resides.
Providing security for your most sensitive workloads
Microsoft Azure cloud customers have been protecting their most sensitive workloads with confidential computing for years. The latest Intel SGX capabilities coming in 2021 will unlock even more secure scenarios particularly those in healthcare, finance, and government using the most tested, researched, and deployed hardware-based trusted execution environment in the market as of 2020.
Confidential Computing Consortium
The industry is coming together to address this paradigm shift for data security in the cloud. Hosted at The Linux Foundation, the CCC is home to an open source community dedicated to defining and accelerating the adoption of confidential computing. It aims to embody open governance and collaboration. Intel has joined others in a cross-industry effort to describe the security benefits, risks, and features of confidential computing and how it will help users make better choices to protect their workloads in the cloud.
Click below to learn more about Confidential Computing and the role that Intel® SGX plays.
Intel® Software Guard Extensions (Intel® SGX) based on Intel® Xeon® E processors enable granular data protection, helping protect data from malicious outsiders while also creating a trust boundary within the cloud service.