While questions about data and security have been around since the advent of modern technology, it’s only now that technology has advanced enough to secure that data from end to end in a simple and virtually frictionless way. It’s not just about the encryption of data in transit on the network, or data in cloud storage, but also the protection of data in use in the memory of the cloud provider's servers. This is the missing piece of the data protection lifecycle, which is enabled by confidential computing.
Confidential computing allows businesses to move their workloads into a hardware-based Trusted Execution Environment (TEE). This is where computer memory is automatically encrypted using keys generated by special firmware running on the CPU, making it inaccessible to the cloud operator. Confidential computing also gives customers the ability to independently validate that their workload is running in a TEE and that their software running in the TEE has not been surreptitiously modified.
All of this is now possible thanks to partnerships between cloud providers like Microsoft Azure and chip manufacturers such as AMD—Azure has a portfolio of several confidential computing offerings based on the latest AMD 3rd Generation EPYC processors. These processors use Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) technology, which is what allows the memory of virtual machines (VMs) to be encrypted. Azure was the first major cloud provider to make this technology generally available, which it did in July 2022.
“Our partnership with AMD allows us to enable customers to move their workloads into a confidential computing environment seamlessly and friction-free,” says Vikas Bhatia, Microsoft’s head of product for Azure confidential computing. “We’ve been on this journey for many years, but now this capability is becoming ready for broad usage and adoption.
“In a sense, we’ve been working towards getting the hardware capabilities to allow for such a future,” Bhatia says. “This innovation has not really existed before. Bringing a technology of this magnitude and running it at cloud-scale today is highly complex.”
While you may have heard of disk encryption and HTTPS—which keeps your data secure on your device when it’s not in use and over the network, respectively—there is one area of data security that is only just becoming possible.
“Until recently, protecting data in use has been that missing leg of data protection,” says Bhatia. “With its current availability on Azure, it enables end-to-end data protection, from the time the data is created until it is destroyed.”
For businesses to scale and provide the best service to their customers, sometimes a move to the cloud—or from a private to a public cloud—is inevitable. But for businesses in certain industries, such as healthcare, this can bring a whole host of challenges. After all, there are data privacy regulations in place in these industries that require businesses to protect personal information.
Thanks to confidential computing—and the Azure VMs running on AMD EPYC processors—there is less for businesses to worry about when it comes to cloud migration and ensuring maximum security.
“In Azure, our servers are periodically patched with the right security updates,” says Bhatia. “And our confidential virtual machines are available for customers to use right away.” All the business needs to do is choose the confidential VM in the Azure portal instead of the standard VM and deploy their workloads into it, and their existing apps will benefit from the protection of data in use. “That’s how simple it is—no code change required,” Bhatia continues. “The same thing applies to AMD SEV-SNP-based container services as well.”
For customers creating virtual machines in Azure for the first time, trusted launch is also now the default option—giving an extra layer of security. “On a Gen 2 virtual machine, our customers can, by default, get protection with secure boot, measure boot, and vTPM capabilities to know that the operating system that they’re running on is as expected and has not been tampered with,” says Bhatia.
“Security is never 100 percent,” Bhatia continues. “We are always working towards making it harder and harder for the malicious actors to get in. That's the journey that we've been on with confidential computing. I think it starts with the work that we've done with trusted launch.”
Many businesses across industries—including financial services, pharmaceuticals, and commerce—use the SAS Viya advanced analytics platform for their data analytics, machine learning, and AI needs.
While SAS Viya provides a cloud-native, open, and unified platform for analytics, many of its customers are using it to analyze highly sensitive personal and financial information, so they opt to host it in their own private data centers—sacrificing the scaling and cost-saving benefits of using the platform in a public cloud.
Instead, running a SAS Viya instance on AMD-based confidential VMs on Azure helps businesses protect sensitive data in memory from unauthorized cloud operator access and malicious third parties—thus enabling the cost savings of running in a public cloud while maintaining data privacy.
Already, many SAS Viya customers are using Azure VMs for their business needs thanks to its integration points with numerous Azure technologies, including Synapse Analytics, Azure Databricks, and Azure SQL databases among others, says Shadi Shahin, Vice President of Product Strategy at SAS. “There is an offering of SAS Viya for Azure Marketplace that simplifies the customer experience for quick access to an enterprise-class data analytics environment.”
While important, confidential computing is not just about data protection—it also opens up the possibility of innovation. This is particularly true in regulated industries, such as the pharmaceutical industry, where access to sensitive third-party patient data can vastly reduce the time needed to understand the effectiveness of certain drug therapies.
To create a new drug, using the broadest data set of patient data possible helps pharmaceutical companies understand how the drug could affect different people and get a more precise idea of what it will actually be able to solve.
“Today, pharmaceutical researchers just have access to the data they have, rather than a broad data set,” says Bhatia. Instead, if they were able to collaborate with various healthcare providers to merge their data sets together and run their models on the combined data set—without those providers ceding control of the data or anonymizing it before sharing, “that would be a breakthrough in healthcare research.”
“That is exactly what confidential computing on AMD-based confidential containers enables,” Bhatia says. “Only a trusted and attested code base is allowed to gain the keys to see the combined data set, and only that code base can read or write to its protected section of memory. Since that attested, trusted code base is restricted to only certain container groups, data in memory is not only protected from malicious third parties and cloud operators but also insider threats from employees and contractors of the pharmaceutical company running the analytics models.”
It can take anywhere from months to years for a healthcare provider to agree to release their patient data and anonymize it, so “this could be a true breakthrough for patients in need of new drug therapies to treat their conditions.”
“This example is very common across various industries,” says Bhatia. “Including detecting money laundering or credit card fraud, enabling targeted advertising, and making better credit approval decisions—and any use case that involves AI and LLMs where fine-tuning a data set is super critical to get the right business outcomes.”
“With privacy concerns pervading so many industries, it is Microsoft’s goal to make all computation on Azure confidential and make Azure the confidential cloud,” Bhatia says.
This story was produced by WIRED Brand Lab for Microsoft.