On Oct. Google expanded its enterprise cloud offerings by introducing multiple new virtual machine (VM) providers.
The technology giant’s Confidential VMs employ robust hardware-based encryption methods to safeguard sensitive data and ensure the integrity of operations, thereby preventing any unauthorized tampering or manipulation? Google offers a range of Confidential Computing Services through its Confidential VM platform.
“The power to encrypt information wherever helps to alleviate issues about third-party entry to information, eradicating cloud adoption obstacles, and, by eradicating these obstacles, permits IT groups and builders to realign their focus to different enterprise priorities,” stated Sam Lugani, Google Cloud’s product lead for Confidential Computing & Confidential AI, in an e mail to TechRepublic.
Pricing for Confidential VMs varies depending on the chosen plan. Confidential Virtual Machines require utilization in conjunction with a Google Cloud Platform Compute Engine solution.
Improved text:
Enhancements to boost safety on digital machinery now live.
Numerous innovative upgrades to Google Cloud’s confidential computing capabilities are unveiled today, providing additional options for safeguarding data while in use.
-
The introduction of these machines marks a significant advancement in confidential virtual machine (VM) availability, transitioning from the previous N2D and C2D series to the more security-centric C3D lineup. While running, C3D machine sequences utilizing AMD’s Secure Encrypted Virtualization effectively segregate visitor accounts from the hypervisor, thereby ensuring isolation between them. C3D virtual machines come with a range of configurations that can accommodate up to 360 vCPUs and support up to 2,880 GB of memory across various settings. Support for C3D machine sequences enables direct access to confidential Virtual Machines (VMs) leveraging Advanced Micro Devices’ Secure Encrypted Virtualization (AMD SEV).
- Intel’s Trusted Execution Technology (TDX) provides hardware-based trusted execution environments to safeguard the integrity, confidentiality, and authenticity of sensitive information. Additionally, all C3 VMs feature Intel’s advanced Matrix Extensions, a cutting-edge instruction set designed to facilitate complex AI and ML operations with enhanced efficiency. The Intel TDX processor is now available for use with C3 machines in specific Google Cloud regions: Asia-Southeast 1, US-Central 1, and Europe-West 4.
- This ensures the integrity of information and provides hardware-rooted attestation to an earlier AMD product, guaranteeing the confidentiality of sensitive data. Utilizing SEV-SNP technology provides exceptional resilience against potential cyber threats emanating from the hypervisor, including sophisticated attacks such as information replay and memory remapping. The regional availability is for Asia (asia-southeast1), the United States (us-central1), Europe (europe-west3 and europe-west4).
Google Cloud has bolstered its security posture by introducing signed launch measurements for UEFI binaries, providing an additional layer of verification for firmware operating on confidential virtual machines that utilize AMD’s Software Guard Extensions for Secure Nested Paging (SEV-SNP).
Companies strive to build trust with customers and partners by ensuring the confidentiality and security of sensitive information – a crucial aspect as they navigate the ever-evolving landscape. While some organisations continue to treat purposes and the data they rely on as distinct entities. Notwithstanding the reality that information has a profound impact on AI designs, it is crucial that such data remains both secure and private.
The confidential compute environment in Google Cloud supports virtual machines (VMs) with AMD’s Software Guard Extensions (SEV) for secure and isolated computing.
Attestation provides a technique for verifying that confidential virtual machines (VMs) operate as expected, thereby serving as a replacement for running an attestation verifier atop a Google Cloud VM. Google Cloud attestation is available for scenarios involving Confidential VMs that utilize AMD’s Software Guard Extensions (SEV).
“This capability seamlessly applies to Confidential GKE, streamlining client processes by saving time and resources compared to using a third-party attestation service or developing an in-house verifier.”
According to Steve Van Lare, Vice President of Engineering at Anjuna Security, a valued Google Cloud customer, Confidential Computing has proven itself as a game-changer for a wide range of innovative applications, including the secure deployment of AI technologies? “The seamless integration of our combined expertise and robust hardware validation enables a frictionless buying experience, as demonstrated by the strong interest from prospective customers we’re currently witnessing.”
