Microsoft Drives Confidential Computing Into Kubernetes

Microsoft is driving confidential computing data protection into Kubernetes workloads to help organizations migrate more of their data to cloud environments. Lachlan Evenson, principal program manager for Microsoft Azure, said during a keynote address at this week’s Kubecon + CloudNativeCon North America 2019 event that the cloud giant’s move provides “security down to the chip.” This involves tapping into Intel’s Software Guard Extension (SGX) platform to support confidential computing data protection for Kubernetes workloads. The move should reduce the barrier for enterprises looking to run mission-critical workloads in a Kubernetes environment. He said that organizations that have hesitated to move mission-critical workloads to a container or Kubernetes environment can now “move them with confidence.” Evenson explained in an accompanying blog post that it also provides an additional layer of protection from potentially malicious insiders at a cloud provider, reduces the chances of data leaks, and may help address some regulatory compliance needs.