Google Cloud on Tuesday announced two new security offerings designed for customers with highly-regulated or sensitive data that requires extra protection in the cloud. The first, Confidential VMs, is the initial product in Google's Confidential Computing portfolio, which promises to let customers keep data encrypted while in use. The second, Assured Workloads for Government, allows customers to configure workloads in a way that meets strict compliance requirements, without having to rely on a siloed "government cloud."
The new tools are chiefly designed for industries with stringent security needs, such as the public sector, health care, and financial services. However, executives stressed that Confidential VMs and Assured Workloads for Government are tools that represent structural changes to the entire Google Cloud Platform, rather than simply bolted-on capabilities.
"That's one of the reasons we believe this is a foundational differentiator for Google Cloud in these regulated markets," Sunil Potti, Google Cloud's GM and VP of security, said to reporters.
Confidential Computing is a "game-changing technology," Potti said. "It's almost like the last bastion of sensitive data that can now be unlocked to leverage the full power of the cloud."
For example, Potti said, many financial services firms keep their most sensitive IP around algorithmic trading on-premise because of sensitivities around data processing. Those concerns could be relieved with confidential computing.
Google Cloud already encrypts data at rest and in transit. Confidential VMs, currently in beta, offer memory encryption to keep workloads isolated. They're based on a foundational new technology powered by a combination of Google's software IP with AMD hardware. After working closely with AMD to ensure memory encryption wouldn't significantly interfere with workload performance, Google says the performance metrics of Confidential VMs are close to those of non-confidential VMs.
Confidential VMs take advantage of the Secure Encrypted Virtualization (SEV) supported by 2nd Gen AMD Epyc CPUs. Data stays encrypted while it is used, indexed, queried, or trained on. Encryption keys are generated in hardware, per VM, and they are not exportable.
The primary benefit of using AMD CPUs, Potti said, is that customers don't have to recompile their applications to take advantage of Confidential VMs. All GCP workloads already running in VMs can run as a Confidential VM -- customers just need to check a box.
"When we canvassed our customers, that was the biggest feedback we got," he said. "You don't want to forklift and redesign your apps. You literally lift and shift your workloads over."
The precursor to Confidential VMs was Shielded VMs, virtual machines hardened by a set of security controls that help defend against rootkits and bootkits. Earlier this year, Google made Shielded VMs the default setting for GCP users -- and Google expects to eventually do the same for Confidential VMs, Potti said.
Google, Potti said, is "the first major cloud provider to offer this level of security and isolation while giving customers a simple and easy option for new and existing workloads."
Google, however, is one of several technology companies working to make the cloud more secure via confidential computing. The company was among the first to join the Confidential Computing Consortium (CCC), a project launched last year by the Linux Foundation. Other members include Microsoft, IBM, Alibaba, and Intel. Microsoft earlier this year expanded access to VMs that leverage trusted execution environments (TEEs), which secure portions of compute and memory to protect data in use. Meanwhile, IBM earlier this year released an open-source toolkit to let developers experiment with fully homomorphic encryption (FHE), a nascent technology that allows data to remain encrypted while in use.
On the compliance front, Google on Tuesday introduced Assured Workloads for Government. This new tool enables compliance professionals to more easily create controlled environments where US data location and personnel access controls are automatically enforced. The personnel access controls limit which Google support employees can access your data, based on factors such as citizenship, geographical access location, or background checks.
The service meets the security and compliance standards required by the Defense Department (DoD IL4), the FBI's Criminal Justice Information Services Division (CJIS), and the Federal Risk and Authorization Management Program (FedRAMP). The tool is currently available in private beta in US cloud regions only.
Typically, to meet government compliance requirements, organizations have to use separate environments known as government clouds, which may not offer the same features as standard commercial clouds. Jeanette Manfra, Google Cloud's global director of security and compliance, called that a "legacy mindset" that Google is trying to move past.
"Our approach is to make the entire commercial cloud a secure and protected one that works just as well for the public sector as it does for the private sector," she said.