Google to Launch Government Cloud Service Within the Year

Yolanda Curtis
July 16, 2020

The first product in the Google Cloud Confidential Computing portfolio, Confidential VMs, enables customers for the first time to encrypt data in-use while it is being processed and not just when at rest and in-transit.

Confidential VMs (virtual machines) is the first product in Google Cloud's Confidential Computing portfolio. The new service, announced at the Google Cloud Next OnAir online conference that runs nine weeks through September 8, is said to make the full benefits of a commercial cloud platform available to government customers by simplifying the compliance configuration process.

"No one has to touch the code or rewire their work load", said Ulku Rowe, technical director of financial services at Google Cloud, when it comes to encrypting data in use with Google's cloud computing platform.

The company also mentions that the encryption and decryption process is performed at lower performance because both startup times and read and save performance are virtually the same for normal and sensitive VMs.

"Confidential VMs take this to the next level by offering memory encryption so that you can further isolate your workloads in the cloud". This new technology provides customers with the ability to encrypt the entire memory of their cloud VMs with unique keys that are generated in the CPU and are not exportable. The company plans to enable the feature for Microsoft Azure, as well. "To overcome this, we invest in multi-cloud fields to democratize data accessibility, whatever cloud service providers customers use", said Google Cloud general manager and vice president of engineering Debanjan Saha on Tuesday during the opening of Google Cloud Next OnAir event. Confidential computing systems rely on the isolation of data in hardware to prevent it from being tampered with by apps or the operating system itself.

Data Access and Confidentiality - Confidential VMs can limit the exposure of the data and who can access it by encrypting the data even when it is being processed. "Google-offered images include Ubuntu v18.04, Ubuntu 20.04, Container Optimised OS (COS v81), and RHEL 8.2".

Google has also worked closely with AMD to ensure that the performance metrics of Confidential VMs are as close as possible to non-confidential VMs. This effort included developing new performant open source drivers for high-throughput storage and network traffic.

Google announced a private beta release of Assured Workloads for Government, a secure cloud platform the company says will give agencies more feature options and better security than traditional government clouds.

To bridge that gap, Google's Assured Workloads for Government allows users to restrict the location of stored data and cloud resources to specific regions - US only for now - as well as prevent accidental misconfigurations by choosing from built-in and predefined security controls and organisational policies.

Working with these other government clouds often means users must "operate two distinct application and operation supply chains, adding cost, complexity, and risk", Google Cloud Managers Christopher Johnson and Bhavna Batra wrote in their blog. Customers can run their multi-cloud analytics without the headache of moving and copying data across clouds.

Other reports by iNewsToday