This story is available exclusively to Business Insider subscribers.
Become an Insider and start reading now.
- Google announced on Tuesday new “confidential computing” cloud security products that secure a key area for enterprises.
- The new protection covers data-processing applications that use containers, which have previously been vulnerable, which has led big companies to keep those apps on physcial servers versus the cloud.
- Secure data-processing apps in the cloud could be a breakthrough for highly regulated industries like finance, Google says.
- Amazon Web Services and Microsoft Azure have also provided security for data-processing apps, but Google says its new products are more convenient and perform better.
- Visit Business Insider’s homepage for more stories.
Google is unveiling a new cloud security feature that the company says could make on-premises data centers obsolete by addressing a key challenge for many enterprises: protecting container-based data processing apps.
Apps that use “containers” – bundles of computer code that can be implemented together, like a bunch of LEGO blocks already connected – have previously presented security issues in the cloud. Companies that used container-built apps to process sensitive data would therefor do so on physical servers, rather than storing those systems on the cloud.
For example, a hedge fund that uses a patented algorithm to process data and direct its investments might be happy to store its data sets in the cloud, but not the the systems running its secret, money-making processes, which would be considered too precious – and potentially vulnerable – to store there. That was especially true if those processes were built with containerized computer programs, because it has been very difficult to encrypt, or hide, those systems. And container apps are increasingly used by enterprises because they are convenient for developers.
Secure data processing for containerized apps was “the last bastion” of on-premises servers, until now, says Sunil Potti, general manager of engineering for Google Cloud Security.
“The gauntlet has been thrown,” Potti said. “There is no reason for people to have their own data centers.”
Amazon Web Services has offered cloud security for companies hosting their computer processing. Microsoft Azure has also provided security for virtual machines, which it says addresses some compliance concerns. Google says its new product is more convenient, requires no rewriting of applications, and provides better computer processing performance than any previous product. It also protects data previously exposed to cloud providers and the “insider risk” of dishonest employees.
“In every industry there are such applications that have stayed back,” Potti said.
Potti said the launch will push many enterprises to “go all in” on cloud computing: “A year or two from now, you might actually see many examples of all-in enterprises on public cloud, which has been difficult to do except for digital native” companies, such as startups built entirely on remote servers, he said.
That has especially been true in regulated industries. So if a bank built a modern app to process data, that bank had to keep it on a physical server. That has been very costly, because data servers are much more expensive than cloud storage. And it has also meant that many industries have been restricted to building their apps from scratch, rather than benefiting from the convenience of container applications that bundle programs together.
Tuesday’s announcement advances prior Google Cloud security offerings made over the last six months in a project the company calls “confidential computing.” In July, Google announced better cloud security for virtual machines, apps, and data sets that have also presented cloud security challenges. The virtual machine security is now available to all customers, and the container apps security is being rolled out.
In a blog post, Google quoted the Thales Group, a multi-national maker of electrical and defense systems, that has used the new features:
“The ability to encrypt sensitive data in the cloud whether at rest, in transit, or now, in use through confidential computing is very compelling for enterprises,” said Raphaël de Cormis, VP Digital Factory, Thales. “Quite simply, the fact that Google Cloud’s Confidential VMs offer this level of isolation in an easy-to-use package will help our customers achieve compliance and privacy in a seamless and cost-efficient manner.”
Get the latest Google stock price here.