AI-powered data security and management company Cohesity has announced plans to bring Intel’s confidential computing capabilities to the Cohesity Data Cloud.
With this collaboration, Cohesity and Intel aim to tackle a significant cybersecurity concern for CIOs — the issue of insider threats.
Traditionally, safeguarding data while it is in use and actively processed in memory has had limited options, often leaving the data unencrypted and susceptible to insider threats.
“Confidential computing enabled by Intel Software Guard Extensions (Intel SGX) will support Cohesity customers to reduce the risk posed by potential bad actors accessing data while it is being processed in main memory,” the company said in a statement. “This is especially critical for highly regulated industries like financial institutions, healthcare, and government.”
Aiming to safeguard encryption keys
The Cohesity Data Cloud incorporates technologies aimed at aiding major global organizations in the management and security of their essential data against cyber threats.
The latest partnership focuses on minimizing the risk of cyberthreats to customers by introducing a solution that safeguards encryption keys. These keys, essential for the protection of customer data, are secured in a hardware-protected environment utilizing Intel SGX technology for confidential computing in the cloud.
The implemented solution lowers the risk of data exfiltration by ensuring that, when data is processed in memory and encrypted, it remains inaccessible and unobtainable by any privileged accounts.
In addition, the collaboration offers Cohesity customers a method to confirm the authenticity of their Intel SGX using the Intel Trust Authority. This system, equipped with the latest security updates, exclusively allows the Cohesity application to operate before the retrieval of the data encryption key, enhancing the security measures in place for customer data.
“With Intel SGX, Intel Trust Authority, and confidential computing, our customers will benefit from reduced risk and increased security in cloud environments, allowing them to focus on what really matters, their business,” Sanjay Poonen, CEO and President of Cohesity said in a press note.
Relevance as insider threats rise
According to a report from the Ponemon Institute, the financial impact of cybersecurity threats originating from insiders within organizations increased throughout 2023. The total average cost of insider risk rose from $15.4 million in 2022 to $16.2 million in 2023.
Manish Rawat, an analyst at Techinsights, pointed out that Intel’s secure computing, made possible by Intel SGX, protects information while it is being processed actively in memory, preventing illegal access and reducing the risk of insider threats and breaches.
“By encrypting data in memory, cohesiveness solves the risk of data exfiltration by making it difficult for hackers to steal, even in the event that they manage to get past network security,” Rawat said. “This method helps organizations like finance and healthcare comply with strict regulations while strengthening data confidentiality. Furthermore, Cohesity’s integration of Intel’s secret computing capabilities strengthens cloud security as its use grows, providing encryption layers for processing and storing sensitive data.”
“By working together with Intel Trust Authority, Cohesity strengthens protections against malicious software and platform vulnerabilities by confirming the authenticity of computing environments,” Rawat added.