IT Security

Fortanix Adds Platform to Manage Confidential Computing on Azure

Fortanix today announced that a software-as-a-service (SaaS) platform for managing instances of confidential computing on the Microsoft Azure cloud is now generally available.

Confidential computing is an emerging approach to encrypting data while it is running in memory. Today encryption is only applied to data at rest. Confidential computing makes it possible to set up secure enclaves for processing encrypted data in memory, which has become an increased source of concern for vulnerabilities in IT environments.

Faiyaz Shahpurwala, chief product and strategy officer for Fortanix, said Confidential Computing Enclave Manager provides IT teams with a SaaS platform that enables them to provision a confidential computing environment, verify the integrity of those environments and manage the application life cycle for secure enclaves. Applications running on secure enclaves are built using Docker containers and images.

Fortanix, along with Alibaba, Arm, Baidu, Google Cloud, Huawei, Intel, Microsoft, Red Hat, Swisscom and VMware, is a member of the Confidential Computing Consortium, an arm of The Linux Foundation. Confidential Computing Consortium projects include a Software Guard Extensions (SGX) software development kit (SDK) from Intel, an open source Open Enclave framework that allows developers to build Trusted Execution Environment (TEE) applications using a single enclaving abstraction, and Enarx, a project providing hardware independence for securing applications using TEEs.

Microsoft earlier this month made available a DCsv2-series of virtual machines (VMs) that provide access to a TEE based on Intel SGX. Fortanix, for its part, already makes available a Fortanix Self-Defending Key Management Service on Azure.

Shahpurwala said over time most applications will take advantage of trusted computing environments. Most of the initial use cases will focus on applications in which data privacy and securing personally identifiable information (PII) is critically important, he said.

In the meantime, cloud service providers are racing to make available platforms for building and deploying TEE applications. Less clear is to what degree those environments will be integrated with DevOps platforms. The Confidential Computing Enclave Manager provides a management framework from which to begin that process. The Confidential Computing Enclave Manager also provides tools to convert applications to enable them to run on Intel SGX.

There may come a day when confidential computing makes security a core element of any DevOps process. As such, the idea that there needs to be a distinct approach to DevSecOps may in time fade away as security becomes a series of infrastructure capabilities that are invoked programmatically. As that approach matures, application security would simultaneously evolve to become a natural extension of any quality assurance process.

Of course, it may be a while before confidential computing is employed pervasively. Not every IT team has made the switch to containers to build applications. However, given all the focus these days on data privacy regulations it’s clear the requirements for protecting data within an IT environment are becoming more stringent with each passing day. The challenge now is finding a way to address those concerns during the entire application lifecycle management process in a way that doesn’t slow down the rate at which applications are being built and deployed.

Mike Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Recent Posts

Building an Open Source Observability Platform

By investing in open source frameworks and LGTM tools, SRE teams can effectively monitor their apps and gain insights into…

3 hours ago

To Devin or Not to Devin?

Cognition Labs' Devin is creating a lot of buzz in the industry, but John Willis urges organizations to proceed with…

4 hours ago

Survey Surfaces Substantial Platform Engineering Gains

While most app developers work for organizations that have platform teams, there isn't much consistency regarding where that team reports.

20 hours ago

EP 43: DevOps Building Blocks Part 6 – Day 2 DevOps, Operations and SRE

Day Two DevOps is a phase in the SDLC that focuses on enhancing, optimizing and continuously improving the software development…

21 hours ago

Survey Surfaces Lack of Significant Observability Progress

A global survey of 500 IT professionals suggests organizations are not making a lot of progress in their ability to…

21 hours ago

EP 42: DevOps Building Blocks Part 5: Flow, Bottlenecks and Continuous Improvement

In part five of this series, hosts Alan Shimel and Mitch Ashley are joined by Bryan Cole (Tricentis), Ixchel Ruiz…

21 hours ago