Google Cloud has announced two new tools, designed for organisations that handle hyper-sensitive data.
The first allows businesses to keep data encrypted while in use, while the other helps businesses configure workloads to stay compliant without relying on “government cloud”.
Currently in beta, Confidential VMs offers memory encryption that allows for data to remain encrypted while in use, plugging associated security gaps. Google says it paired its intellectual property with AMD hardware to bring the new offering to fruition, without hampering performance.
Speaking to the press, Google Cloud GM and VP of Security, Sunil Potti, said the main benefit of AMD CPUs is the fact businesses that use Confidential VMs will not need to recompile their applications. Whatever GCP workloads already run in VMs can run as a Confidential VM as well, with customers only needing to activate the feature.
"When we canvassed our customers, that was the biggest feedback we got," he said. "You don't want to forklift and redesign your apps. You literally lift and shift your workloads over,” he said.
The second tool, Assured Workloads, is described by Potti as “game-changing technology”. The tool helps businesses create a better-controlled environment, where data location and access controls are enforced by default, in line with regulatory requirements.
The tool meets the US Department of Defence’s (DoD) compliance standards, as well as those of the FBI’s Criminal Justice Information Services Division and the Federal Risk and Authorisation Management Program.