Microsoft has unveiled the latest addition to its Azure cloud platform with the intention of keeping user data safe. This feature, called Conifdential Compute, is designed to ensure that data is encrypted while stored or while in transit on a network. Microsoft has said that this new feature will make sure that sensitive data is kept away from sneaking eyes, including governmnet entities and hackers.
There will be two modes to this update – one that will run on built on virtual machines, and the other using Software Guard Extensions. Both modes will allow applications to enclose parts of their data and code to make sure that they’ll work in a trusted execution environment.
Ther mode that uses virtual machines uses Virtual Secure Mode (VSM) functionality. This being the case, in the event of a cyber attack and a hacker is able to access teh primary virtual machine, the data held within will still be secure.
“Data breaches are virtually daily news events, with attackers gaining access to personally identifiable information (PII), financial data, and corporate intellectual property. While many breaches are the result of poorly configured access control, most can be traced to data that is accessed while in use, either through administrative accounts, or by leveraging compromised keys to access encrypted data,” Microsoft said in a blog post.
“Despite advanced cybersecurity controls and mitigations, some customers are reluctant to move their most sensitive data to the cloud for fear of attacks against their data when it is in-use. With confidential computing, they can move the data to Azure knowing that it is safe not only at rest, but also in use.”