Securing Digital Infrastructures

How Confidential Computing Helps Secure Data in Use

Confidential computing enables seamless data processing without compromising data privacy

Ana Maria Ordonez
How Confidential Computing Helps Secure Data in Use

The increasing number of organizations that have gone through a vast digital transformation to level up their business in the digital age is not new. In fact, in the Equinix 2023 Global Tech Trends Survey (GTTS), 77% of global IT leaders said that digitizing the business was a top priority for their technology strategy. Moving to the cloud is indeed inevitable in today’s business world, as it was among the factors that helped companies successfully navigate the pandemic.

Yet this urgency to further accelerate the adoption of modern IT environments that require data to be accessible from anywhere at any time also gave rise to the ever-evolving malicious assaults and attempted breaches of opportunistic attackers. And as the impetus for remote work lingers, many organizations relying on cloud services are still grappling with cybersecurity challenges.

In today’s threat landscape, the enormous challenge for many organizations is to secure data in use, which includes sensitive information that is actively accessed and modified by users. This data is in its most vulnerable state due to multiple threat vectors, including unauthorized users, unsafe sharing methods, data theft, and other exploits designed to compromise business operations and continuity.

At the same time, the encryption solutions of most companies have traditionally focused on securing data at rest (storage encryption) and data in transit (network encryption), with little attention paid to data in use. These circumstances spawned the need to evaluate current protocols and implement tighter measures that can keep up with the increasing sophistication and resourcefulness of global threat actors looking to exploit valuable data during processing.[1]

Consider the case of ChatGPT’s security threats and privacy concerns, which have been plaguing several companies after key problems surrounding the use of the AI-powered chatbot emerged. Besides the incident that leaked users’ conversation histories in March 2023, the artificial intelligence program created by OpenAI has proven to be susceptible to various risks, including the incident with the engineers of Samsung Electronics accidentally leaking the company’s intellectual property into the platform.[2]

What is confidential computing?

In response, confidential computing offers a new take on cybersecurity that guarantees the protection and integrity of data in use. This emerging technology offers a hardware-based security solution by establishing a secure enclave within a CPU, known as a trusted execution environment (TEE). In this environment, data can be processed by the authorized user in a way that is invisible or inaccessible to any unauthorized party, including cloud providers.[3]

The same thing can be said for attackers who are trying to access the sensitive data: The zero-trust protocols of confidential computing ensure that those without proper authentication cannot access the information within. This means that even if an attacker gains access to the network or the authorized code is hacked, the TEE still prevents them from data access.

How can confidential computing help?

What makes confidential computing both interesting and important in the realm of data protection and cybersecurity is that it creates a new line of defense to safeguard data in use. Organizations can continue to integrate digital technology into all areas of their businesses and move workloads to the cloud without the fear of insiders or third parties accessing or tampering with sensitive data. Some benefits of confidential computing include:

1. Keeping data secure, even while in use

For years, there was no viable solution to run calculations on encrypted data. But with the advent of cloud computing, it created demand for security and privacy of data in use inside a processor or memory. Confidential computing fundamentally eliminates that security gap by storing data in the TEE, where it is impossible to access data or view processes performed on it from the outside. Even if the authorized code is altered or tampered with, the TEE denies access. This enables sensitive workloads to be managed in cloud environments and prevents unauthorized users from viewing or modifying data while it’s being processed.

2. Protecting confidential intellectual property

Confidential computing ensures that valuable intellectual property is properly protected from malicious and insider threats. Thanks to the TEE, it can secure code, business logic processes, machine learning algorithms, or the inner workings of entire applications that companies want to keep confidential. This guarantees organizations safe deployment in the cloud, where sensitive data and code are properly secured from unauthorized access during processing.

3. Creating a sense of confidence

One of the many benefits of confidential computing is that it gives companies a sense of confidence in terms of protecting data in a trusted environment. This is vital particularly to organizations digitally transforming their systems and processes rapidly. With confidential computing, companies can run their workloads on infrastructure owned by the cloud service provider without the threat of attackers or third parties eavesdropping on confidential information. Cloud customers can choose a cloud provider based on their business and technical needs without worrying about how their data is stored and managed.

4. Enabling collaboration with partners

Since confidential computing protects sensitive data and intellectual property, this allows organizations to collaborate safely. One company may combine its sensitive data with another company’s processes without either of them worrying about any confidential information or intellectual property leaking in the process. Both companies can safely share resources to create innovative solutions in a secure environment.

Optimize your cybersecurity strategy with help from Equinix

Confidential computing can improve the security posture of organizations, including those that aim to utilize generative AI to scale productivity and business agility. But with the ever-growing threat landscape, companies can no longer afford to treat cybersecurity as a one-time project. This is where Equinix Managed Services on Platform Equinix® comes in, providing organizations with adaptive and optimized digital services, while helping them access the capabilities they need to protect their data. As the world’s digital infrastructure company, Equinix values data protection and integrates security and compliance in guiding enterprises in their digital transformation.

In the years to come, more and more businesses will be migrating to the cloud to manage their workloads. Equinix Fabric® plays an integral role in this process, providing enterprise customers with a complete solution platform with secure, flexible, scalable virtual connections. This software-defined network is available across 50+ metros globally. It allows enterprises to connect between their physical and virtual infrastructure and interconnect with their partners and customers. Most importantly from a cybersecurity standpoint, it allows businesses to bypass the public internet and its inherent vulnerabilities.

To learn more about the challenges and opportunities facing IT leaders today—including but not limited to cybersecurity threats—check out the results of the Equinix 2023 Global Tech Trends Survey.

 

[1] Walid Rjaibi, “The Next Frontier for Data Security: Protecting Data in Use.” Security Intelligence, April 18, 2022.

[2] Siladitya Ray, “Samsung Bans ChatGPT Among Employees After Sensitive Code Leak.” Forbes, May 2, 2023.

[3] Shelby Hiter, “What is Confidential Computing? Definition, Benefits, & Uses.” eSecurity Planet, May 26, 2023.

Subscribe to the Equinix Blog