An Easy Path to Confidential Computing

To counter the ever-increasing likelihood of catastrophic disruption and cost due to enterprise IT security threats, data center decision makers need to be vigilant in protecting their organization’s data. Confidential Computing is architected to provide security for data in use to meet this critical need for enterprises today.

The next webcast in our Confidential Computing series is “How to Easily Deploy Confidential Computing.” It will provide insight into how data center, cloud and edge applications may easily benefit from cost-effective, real-world Confidential Computing solutions. This educational discussion on July 28, 2021 will provide end-user examples, tips on how to assess systems before and after deployment, as well as key steps to complete along the journey to mitigate threat exposure.  Presenting will be Steve Van Lare (Anjuna), Anand Kashyap (Fortanix), and Michael Hoard (Intel), who will discuss:

Read More

Confidential Computing FAQ

Recently, the SNIA Cloud Storage Technologies Initiative (CSTI) I hosted a lively panel discussion “What is Confidential Computing and Why Should I Care?” It was the first in a 3-part series of Confidential Computing security discussions. You can learn about the series here.  The webcast featured three experts who are working to define the Confidential Computing architecture, Mike Bursell of the Enarx Project, David Kaplan at AMD, and Ronald Perez from Intel.

This session served as an introduction to the concept of Confidential Computing and examined the technology and its initial uses. The audience asked several interesting questions. We’re answering some of the more basic questions here, as well as some that did not get addressed directly during the live event.

Q. What is Confidential Computing?  How does it complement existing security efforts, such as the Trusted Platform Model (TPM)?

Read More

The Confidential Computing Webcast Series

The need for improved data security and privacy seems to grow bigger every day. The continuous attacks and bad actors from hackers and rogue governments are increasing the demand from businesses and consumers alike to make stronger data protection a top priority. In the midst of this need, Confidential Computing has emerged as a solution for stronger data security and is gaining traction from a variety of start-ups and established companies. 

The SNIA Cloud Storage Technologies Initiative (CSTI) will be presenting a series of new webcasts on Confidential Computing. This three-part series will provide an introduction to Confidential Computing, dive into its unique approach for protecting data in use as well as use cases. I will be hosting the first discussion “What is Confidential Computing and Why Should I Care?” on June 9, 2021 featuring Mike Bursell, Co-founder, Enarx Project; David Kaplan of AMD and Ronald Perez at Intel – all members of the Confidential Computing Consortium. This panel discussion will detail the need for Confidential Computing, explain the technology basics, how it’s used, and why you should consider deploying some of these new concepts. These industry-expert panelists are the architects of Confidential Computing and they will be ready to take your questions. I encourage you to register today.

The second session “Confidential Compute: Protecting Data in Use” will follow two weeks later on June 23, 2021 with a focus on how Confidential Computing works in multi-tenant cloud environments and how sensitive data can be isolated from other privileged portions of the stack. It will also provide insight on applications in financial services, healthcare industries, and broader enterprise applications. Glyn Bowden of HPE will moderate this session with our expert presenters Paul O’Neill and Parviz Peiravi from Intel. You can register here for this session.

Read More

What is Confidential Computing?

While data security in the enterprise has never been for the faint of heart, the move to a more contiguous enterprise/cloud workflow as well as the increase in Edge data processing has significantly impacted the work (and the blood pressure) of security professionals. In the “arms race” of security, new defensive tactics are always needed. One significant approach is Confidential Computing: a technology that can isolate data and execution in a secure space on a system, which takes the concept of security to new levels. This SNIA Cloud Storage Technologies Initiative (CSTI) webcast “What is Confidential Computing and Why Should I Care?” will provide an introduction and explanation of Confidential Computing and will feature a panel of industry architects responsible for defining Confidential Compute. It will be a lively conversation on topics including:

Read More

A Q&A on Protecting Data from New COVID Threats

The SNIA Cloud Storage Technologies Initiative began 2021 discussing the topic that has been on everyone’s mind for the last year – COVID-19. But rather than talking about positive cases or vaccine availability, our experts, Eric Hibbard and Mounir Elmously, explored how COVID has increased cybersecurity concerns and impacted the way organizations must adapt their security practices in order to ensure data privacy and data protection. If you missed our live webcast “Data Privacy and Data Protection in the COIVD Era” it’s available on-demand.

As expected, the session raised several questions on how to mitigate the risks from increased social engineering and ransomware attacks and how to limit increased vulnerabilities from the flood of remote workers. Here are answers to the session’s questions from our experts.


Q: Do you have any recommendations for structuring a rapid response to an ongoing security threat?

Read More

Understanding CDMI and S3 Together

How does the Cloud Data Management Interface (CDMI™) International Standard work? Is it possible be to both S3 and CMDI compliant? What security measures are in place with CDMI? How, and where, is CDMI being deployed? These are just some of the topics we covered at our recent SNIA Cloud Storage Technologies (CSTI) webcast, “Cloud Data Management & Interoperability: Why A CDMI Standard Matters.”

CDMI is intended for application developers who are implementing cloud storage systems, and who are developing applications to manage and consume cloud storage.

Q. Can you compare CDMI to S3? Is it possible to be both CDMI and S3 compliant? Is it too complicated?

Read More

How COVID has Changed Data Privacy and Data Protection

The COVID-19 Pandemic has amplified cybersecurity concerns particularly related to the cloud. Threat actors have recognized a unique opportunity to exploit pandemic-related vulnerabilities through social engineering attacks, business email compromise, work from home and other remote weak points. This results in increased risk and occurrence of ransomware attacks and data breaches that can disrupt or totally compromise organizations’ ability to conduct business. These security incidents can also subject victims to liability for violations of privacy and data breach notification laws.

The SNIA Cloud Storage Technologies Initiative (CSTI) will be taking on this important topic with a live webcast on January 20, 2021, “Data Privacy and Data Protection in the COVID Era” where our SNIA experts will discuss:

Read More

Why Cloud Standards Matter

Effective cloud data management and interoperability is critical for organizations looking to gain control and security over their cloud usage in hybrid and multicloud environments. The Cloud Data Management Interface (CDMI™), also known as the ISO/IEC 17826 International Standard, is intended for application developers who are implementing or using cloud storage systems, and who are developing applications to manage and consume cloud storage. It specifies how to access cloud storage namespaces and how to interoperably manage the data stored in these namespaces. Standardizing the metadata that expresses the requirements for the data, leads to multiple clouds from different vendors treating your data the same.

Read More

An FAQ on the “Fine Print” of Cyber Insurance

Last month, the SNIA Cloud Storage Technologies Initiative, convened experts, Eric Hibbard and Casey Boggs, for a webcast on cyber insurance – a growing area to further mitigate risks from cyber attacks. However, as our attendees learned, cyber insurance is not as simple as buying a pre-packaged policy. If you missed the live event “Does Your Cyber Insurance Strategy Need a Tune-Up” you can watch it on-demand.

Determining where and how cyber insurance fits in a risk management program generates a lot of questions. Our experts have provided answer sto them all here:

Q. Do “mega” companies buy cyber insurance or do they self-insure?

A. Many Fortune 500 companies do carry cyber insurance. The scope of coverage can vary significantly. Concerns over ransomware are often a driver. Publicly traded companies have a need to meet due care obligations and cyber insurance is a way of demonstrating this.

Q. Insurance companies don’t like to pay out. I suspect making a claim is quite contentious?

Read More

Your IoT Questions Answered

The SNIA Cloud Storage Technologies Initiative (CSTI) webcast on IoT explored how the explosion of data generated from IoT devices creates unique challenges in the way we store, transmit and curate data. If you missed the webcast, you can watch it on-demand. This topic generated several interesting questions.  As promised during the live event, here are answers to them all:

Q. Do IoT devices consume as much data as they produce?

A. It really depends on the device. There are some like sensors that will only produce data and transmit it on, on the other hand the more intelligence built into these devices the more need there might be to consume data to drive that intelligence. In the future, it’s possible there will be much more device to device (or peer to peer) traffic between IoT devices, cutting out the leg back to the data center altogether for data that doesn’t need to be there.

Read More