Microsoft launches data security technology for Windows Server, Azure

Data is at its greatest risk of being compromised when it is being used, when moving from a secure database around the servers or apps in memory. So, Microsoft is launching a new technology for Windows Server and Azure that protects the data while it’s being processed. 

Microsoft claims the service, called Azure confidential computing, makes it the first public cloud provider to offer encryption of data while in use. Encrypting data while it is being manipulated is pretty CPU-intensive, and there is no word on the performance impact of this service. 

“Despite advanced cybersecurity controls and mitigations, some customers are reluctant to move their most sensitive data to the cloud for fear of attacks against their data when it is in use,” Mark Russinovich, Microsoft Azure CTO, wrote in a company blog post. “With confidential computing, they can move the data to Azure knowing that it is safe not only at rest, but also in use from [various] threats.” 

Azure confidential computing uses a trusted execution environment (TEE) to ensure there is no way to view data from the outside, such as via a bug in the OS or a hacker who has gained admin privileges. That means data can be processed in the cloud with the assurance that it is always under customer control, Russinovich said.

Leave a Reply

Your email address will not be published. Required fields are marked *