The dawn of an all-pervasive digital era has forced enterprises to increase their pace of transformation to stay relevant. Emerging technologies like Cloud and AI are helping them to leverage data and reshape standard business models.

With enterprises using  Cloud & AI to mine critical business insights from data - protecting that data on cloud has become paramount. In the early stages, attackers targeted data that was either in storage or transit, which led to the evolution of security measures to effectively counter it. The focus has now shifted to the area where the data is currently most vulnerable: when under use.

Understanding Confidential Computing

Confidential computing – a new form of hardware-based security approach – can help deal with this challenge. It is a cloud computing technology that isolates sensitive data in a protected CPU enclave during processing. Think of an office in an office building. The office is a private, secure location where you can have a meeting. There are many other offices in that building, but you can have a private meeting in your office without anyone else knowing the details. In this case of confidential computing, the cloud is the office building and the enclave is the office.

Why is it important?

Nearly 6 out of 10 Indian CEOs interviewed for a study last year believe cloud computing will most help their organization deliver results over the next 2-3 years. At the same time, cybersecurity concerns have skyrocketed – according to the 2021 Cost of Data Breach report 27,966 records were breached on an average 2020-21 with ₹5,900 estimated as the cost per lost or stolen record, an increase of 6.85% from 2020. Companies, specifically from highly regulated industries, are now finding themselves stewards of the privacy and security of sensitive consumer data. They are facing a constant challenge of finding the most innovative and comprehensive ways to assure security of data across its lifecycle.

With confidential computing, we can seamlessly operate in a cloud environment along with other workloads, while maintaining full privacy and authority over what we are doing effectively in an enclave. It protects data during processing, and when combined with storage and network encryption with exclusive control of encryption keys, while providing end-to-end data security in the cloud.

IBM and Confidential Computing

IBM understands the importance of a zero-trust approach in security and confidential computing helps ensure it. IBM strongly believes that our clients’ data is their data. Confidential Computing offers a layer of technical assurance that even we are incapable of accessing client’s data. This provides assurance to clients that their data in the cloud is protected and confidential, thereby, encouraging them to move more sensitive data and computing workloads to the cloud.

For example, we have built confidential computing into the IBM Hyper Protect Software Development Kit for iOS, which helps developers build healthcare applications that are HIPAA-ready running on Apple devices.

As a part of the Confidential Computing Consortium founded by Linux Foundation in 2019, IBM is committed to bring together hardware vendors, developers, and cloud hosts to create open standards that ensure their respective sec could work together across cloud providers.

This ground-breaking technology in cloud security is extremely important for the financial services sector, health care, and any company trying to manage privacy data requirements such as General Data Protection Regulation (GDPR). IBM Cloud for Financial Services is secured by confidential computing via Hyper Protect Services.

Enterprises are increasingly shifting their workloads to the cloud and optimizing their cloud budget to align with the need for post-pandemic digital acceleration. Businesses also need confidence that each digital transaction they power is seamless and secure. Confidential Computing has the potential to grow beyond the realms of cybersecurity into an enabler of collaboration and drive innovation in data sharing protocols between multiple entities.

This article is authored by Sandip Patel, Managing Director, IBM India/South Asia