Confidential AI Q&A

Confidential AI is a new collaborative platform for data and AI teams to work with sensitive data sets and run AI models in a confidential environment. It includes infrastructure, software, and workflow orchestration to create a secure, on-demand work environment that meets organization’s privacy requirements and complies with regulatory mandates. It’s a topic the SNIA Cloud Storage Technologies Initiative (CSTI) covered in depth at our webinar, “The Rise in Confidential AI.” At this webinar, our experts, Parviz Peiravi and Richard Searle provided a deep and insightful look at how this dynamic technology works to ensure data protection and data privacy. Here are their answers to the questions from our webinar audience. Q. Are businesses using Confidential AI today? A. Absolutely, we have seen a big increase in adoption of Confidential AI particularly in industries such as Financial Services, Healthcare and Government, where Confidential AI is helping these organizations enhance risk mitigation, including cybercrime prevention, anti-money laundering, fraud prevention and more. Q: With compute capabilities on the Edge increasing, how do you see Trusted Execution Environments evolving? Read More

Storage Threat Detection Q&A

Stealing data, compromising data, and holding data hostage have always been the main goals of cybercriminals. Threat detection and response methods continue to evolve as the bad guys become increasingly sophisticated, but for the most part, storage has been missing from the conversation. Enter “Cyberstorage,” a topic the SNIA Cloud Storage Technologies Initiative recently covered in our live webinar, “Cyberstorage and XDR: Threat Detection with a Storage Lens.” It was a fascinating look at enhancing threat detection at the storage layer. If you missed the live event, it’s available on-demand along with the presentation slides. We had some great questions from the live event as well as interesting results from our audience poll questions that we wanted to share here. Q. You mentioned antivirus scanning is redundant for threat detection in storage, but could provide value during recovery. Could you elaborate on that? Read More

Keeping Edge Data Secure Q&A

The complex and changeable structure of edge computing, together with its network connections, massive real-time data, challenging operating environment, distributed edge cloud collaboration, and other characteristics, create a multitude of security challenges. It was the topic of our SNIA Networking Storage Forum (NSF) live webcast “Storage Life on the Edge: Security Challenges” where SNIA security experts Thomas Rivera, CISSP, CIPP/US, CDPSE and Eric Hibbard, CISSP-ISSAP, ISSMP, ISSEP, CIPP/US, CIPT, CISA, CDPSE, CCSK debated as to whether existing security practices and standards are adequate for this emerging area of computing. If you missed the presentation, you can view it on-demand here. It was a fascinating discussion and as promised, Eric and Thomas have answered the questions from our live audience. Q. What complexities are introduced from a security standpoint for edge use cases? Read More

Experts Discuss Key Edge Storage Security Challenges

The complex and changeable structure of edge computing, together with its network connections, massive real-time data, challenging operating environment, distributed edge cloud collaboration, and other characteristics, create a multitude of security challenges. It’s a topic the SNIA Networking Storage Forum (NSF) will take on as our “Storage Life on the Edge” webcast series continues. Join us on April 27, 2022 for “Storage Life on the Edge: Security Challenges” where I’ll be joined by security experts Thomas Rivera, CISSP, CIPP/US, CDPSE and Eric Hibbard, CISSP-ISSAP, ISSMP, ISSEP, CIPP/US, CIPT, CISA, CDPSE, CCSK as they explore these challenges and wade into the debate as to whether existing security practices and standards are adequate for this emerging area of computing. Our discussion will cover: Read More

Understanding How Data Privacy, Data Governance, and Data Security Differ

Ever wonder what’s the difference between data privacy, data governance and data security? All of these terms are frequently (and mistakenly) used interchangeably. They are indeed related, particularly when it comes to keeping data in the cloud protected, private and secure, but the definitions and mechanics of executing on each are all quite different. Join us on March 30, 2022 for another SNIA Cloud Storage Technologies Initiative (CSTI) “15 Minutes in the Cloud” session for an overview of what each of these terms means, how and where they intersect, and why each one demands adequate attention or you risk threatening the overall security of your data. Read More

Understanding Ransomware

Ransomware is a malware attack that uses a variety of methods to prevent or limit an organization or individual from accessing their IT systems and data, either by locking the system’s screen, or by encrypting files until a ransom is paid, usually in cryptocurrency for reasons of anonymity.

By encrypting these files and demanding a ransom payment for the decryption key, the malware places organizations in a position where paying the ransom is the easiest and most cost-effective way to regain access to their files. It should be noted, however, that paying the ransom does not guarantee that users will get the decryption key required to regain access to the infected system or files.

Read More

Deploying Confidential Computing Q&A

The third live webcast in our SNIA Cloud Storage Technologies Initiative confidential computing series focused on real-world deployments of confidential computing and included case studies and demonstrations. If you missed the live event, you can watch it on demand here. Our live audience asked some interesting questions, here are our expert presenters’ answers. Q.  What is the overhead in CPU cycles for running in a trusted enclave? A. We have been running some very large machine learning applications in secure enclaves using the latest available hardware, and seeing very close to “near-native” performance, with no more than 5% performance overhead compared to normal non-secure operations. This performance is significantly better in comparison to older versions of hardware. With new hardware, we are ready to take on bigger workloads with minimal overhead. Also, it is important to note that encryption and isolation are done in hardware at memory access speeds, so that is not where you will tend to see a performance issue. Regardless of which secure enclave hardware capability you choose, each uses a different technology to manage the barrier between secure enclaves. The important thing is to look at how often an application crosses the barrier, since that is where careful attention is needed. Read More

Q&A: Security of Data on NVMe-oF

Ensuring the security of data on NVMe over Fabrics was the topic of our SNIA Networking Storage Forum (NSF) webcast “Security of Data on NVMe over Fabrics, the Armored Truck Way.” During the webcast our experts outlined industry trends, potential threats, security best practices and much more. The live audience asked several interesting questions and here are answers to them. Q. Does use of strong authentication and network encryption ensure I will be compliant with regulations such as HIPAA, GDPR, PCI, CCPA, etc.? A. Not by themselves. Proper use of strong authentication and network encryption will reduce the risk of data theft or improper data access, which can help achieve compliance with data privacy regulations. But full compliance also requires establishment of proper processes, employee training, system testing and monitoring. Compliance may also require regular reviews and audits of systems and processes plus the involvement of lawyers and compliance consultants. Q. Does using encryption on the wire such as IPsec, FC_ESP, or TLS protect against ransomware, man-in-the middle attacks, or physical theft of the storage system? Read More

The Confidential Computing Webcast Series

The need for improved data security and privacy seems to grow bigger every day. The continuous attacks and bad actors from hackers and rogue governments are increasing the demand from businesses and consumers alike to make stronger data protection a top priority. In the midst of this need, Confidential Computing has emerged as a solution for stronger data security and is gaining traction from a variety of start-ups and established companies. Read More

What is Confidential Computing?

While data security in the enterprise has never been for the faint of heart, the move to a more contiguous enterprise/cloud workflow as well as the increase in Edge data processing has significantly impacted the work (and the blood pressure) of security professionals. In the “arms race” of security, new defensive tactics are always needed. One significant approach is Confidential Computing: a technology that can isolate data and execution in a secure space on a system, which takes the concept of security to new levels. This SNIA Cloud Storage Technologies Initiative (CSTI) webcast “What is Confidential Computing and Why Should I Care?” will provide an introduction and explanation of Confidential Computing and will feature a panel of industry architects responsible for defining Confidential Compute. It will be a lively conversation on topics including: Read More