UPDATED 08:00 EDT / OCTOBER 11 2022

SECURITY

Google Cloud expands its confidential computing portfolio to shared workloads as it expands trusted cloud ecosystem

Cloud security is at the forefront of Google Cloud’s innovation at Cloud Next 2022 today, as the company announced a further push into the area of confidential computing while also expanding its “trusted cloud” ecosystem and launching a new initiative around digital sovereignty.

First up is the expansion of Google Cloud’s confidential computing portfolio. Google is already considered to be one of the pioneers of confidential computing, which relates to the encryption of data as it’s being used. Data already enjoys strong encryption when it’s being stored in a server or sent across a network, but most systems decrypt information into its original, readable form when they need to use it. That creates a big vulnerability that hackers are only too keen to exploit.

With that in mind, Google said at Next that it’s expanding its suite of encryption tools to include a new “Confidential Space,” which enables customers to perform joint data analysis and machine learning training with partners, while enjoying a trust guarantee. In other words, Confidential Space is a place where anyone from researchers to bankers can share sensitive information with outside collaborators, in a secure and regulated way.

“Information sharing empowers people,” said Vint Cerf, vice president and chief internet evangelist at Google. “Information flow is what the internet is about. Information sharing is power. If you don’t share your ideas, smart people can’t do anything about them, and you’ll remain anonymous and powerless.”

Google explained that Confidential Space runs workloads in a cloud-based Trusted Execution Environment that’s powered by a hardened version of its Container-Optimized OS. This provides contributors with more control over how their data is used and which workloads can act on that dataset, Google said. At the same time, neither the workload operator nor the cloud provider can see or influence the workloads in any way.

With Confidential Space, companies can benefit from aggregating and analyzing sensitive data such as personally identifiable information, health data, intellectual property and cryptographic secrets, while also retaining full control of it. Google said its high-level encryption can therefore open more doors, potentially paving the way to greater innovation.

For instance, financial institutions now have a way to collaborate to do a better job of identifying fraud or money laundering across joint customer datasets. That kind of data has always been regarded as highly sensitive and most companies have been loath to risk sharing it across the cloud. Confidential Space finally makes it possible, Google said.

“Financial institutions can be sure with Confidential Space that their data is only used for fraud detection while keeping business and confidential information private to the data owner,” said Google Cloud product managers Rene Kolga and Nelly Porter.

Integrated SOAR and SIEM

No matter how much security an organization has in place, some attackers will inevitably slip through the cracks. Google said it recognizes this and is taking steps to help its customers detect, investigate and respond to threats more rapidly with the launch of its new Chronicle Security Operations platform.

Available now in preview, Chronicle Security Operations provides numerous capabilities for security teams not only to identify threats more quickly, but to take immediate action. The platform is said to unify Chronicle’s security information and event management technology with the security orchestration, automation and response capabilities of Siemplify — a company it acquired last January for a reported $500 million.

Google said that moving forward, all of its security operations software will be released under the Chronicle brand. “The Siemplify brand will be replaced with Chronicle SOAR, and security analytics capabilities of the suite will be named Chronicle SIEM,” said Chris Corde, Google’s director of product management for threat detection and response.

With Chronicle Security Operations, security teams will have easier access to Google’s SIEM and SOAR capabilities through an integrated user interface. The single, intuitive display will pull together and present information about threats from multiple relevant sources, including Google Cloud Threat Intelligence and VirusTotal, to provide more context and help teams reach decisions faster.

It will also enable investigative pivots, with users able to switch between alerts and entities across SIEM detections and SOAR modules, plus integrated alert management controls. Chronicle also provides dozens of pre-packaged response playbooks to Google Cloud-based alerts surfaced by the Security Command Center, helping to automate and speed up resolutions, Google said.

Trusted cloud expands

In other news Google said it’s expanding its “trusted cloud” ecosystem to advance its capabilities in identity management and data sovereignty and elsewhere The idea is that by embracing an ecosystem of partners, businesses using its cloud infrastructure and services will have the flexibility to work with the cybersecurity firms of their own choice.

To that end, Google announced a new Google Cloud Ready – Sovereign Solutions program that makes it easier for customers to identify partner offerings that are compatible with its Sovereign Solutions portfolio. Launch partners include T-Systems GmbH in Germany and S3NS SE in France, which are two of the countries that are most affected by data sovereignty regulations, since European law requires companies there to keep sensitive personal data in-country.

“This program will give customers the confidence to continue using applications that are critical to their business while meeting their digital sovereignty objectives,” Google said.

On the identity management side, Google announced new integrations with firms that include ForgeRock Inc., JumpCloud, Okta Inc. and Ping Identity Inc. The integrations will extend those partners’ identity management capabilities and policies to joint customers, Google said.

“Providing businesses with extensible cybersecurity solutions in the cloud, and a collaborative ecosystem of partners, is the only practical approach to addressing enterprises’ greatest cybersecurity challenges,” said Google Cloud Vice President of Security Sunil Potti. “Our partners play a critical role in keeping customers secure and compliant, whether enabling secure hybrid work, safeguarding critical infrastructure, or meeting stringent data residency requirements.”

Image: Google Cloud

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU