Confidential Computing with
phoenixNAP's IaaS Solutions

Our commitment to protecting data at rest, in transit, and in use

Faster and more secure than the ordinary cloud

Today’s organizations are managing over one exabyte of data through cloud services. Protecting this data is a growing challenge and the technology industry is looking to address it by introducing a new model for cloud security – confidential computing. This model expands encryption policies to encrypt not only data at-rest and in-transit, but also data in-use, providing end-to-end security.

Data-at-Rest Encryption

Encrypting data at rest is a standard safeguard that most cloud providers enable.

Data-in-Transit Encryption

Encrypting data while it moves between clouds and networks is the next layer of security.

Data-in-Use Encryption

Confidential Computing aims to protect data in use as a new layer of security.

What is Confidential Computing?

Confidential Computing refers to an emerging initiative advocating adoption of data-in-use encryption as a new standard for cloud security. By encrypting workloads while being processed, confidential computing technologies help reduce the risk of cyber breaches.

Complementing data at-rest and in-transit encryption, in-use encryption helps ensure end-to-end protection. Encryption at rest refers to encrypting files, filesystems, or entire disks where data is stored. In-transit encryption refers to the use of a secure transfer protocol - HTTPS, to securely move data between environments or through public internet networks. By adding data-in-use encryption as a standard layer of protection, confidential computing significantly enhances cloud security.

Some of the key benefits of this approach include:

End-to-end security

Reduced attack surface

Minimized risk of outsider and insider threats

Improved environment controls

Greater transparency

Increased confidence in cloud providers

Confidential Computing with Intel SGX

Data-in-use encryption can be implemented by creating hardware-based Trusted Execution Environments (TEE), also known as enclaves. Enclaves help isolate the application from the rest of the system including OS, providing better control over access to encryption keys. This dramatically reduces the possibility of a data breach, even if a malevolent actor gets privileged access to the production environment.

Creating TEE with Intel SGX

The creation of TEEs is enabled through hardware security technologies such as Intel Software Guard Extensions (SGX). As a set of instructions for hardware-based isolation and in-memory encryption, SGX enables encrypted data processing within protected enclaves. Data is processed in memory, meaning it is not exposed to the entire system. Through full memory encryption and accelerated cryptographic performance, Intel SGX helps enable confidential computing on both dedicated and virtualized platforms.

Securing the cloud. One instance at a time.

Dedicated Servers Powered by 3^rd Generation Intel Xeon Processors

SGX provides a critical layer of data protection, playing a major role in enabling confidential computing. The technology has been significantly enhanced with the release of the 3^rd Generation Intel^® Xeon^® Scalable processors (code named Ice Lake), which will be soon available with phoenixNAP’s dedicated server solutions.

As Intel Next Wave Cloud Service Provider, phoenixNAP will be one of the first data center providers to offer access to the latest generation processors on a global scale. Besides the improvements in clock speed and core count, the latest 3^rd Generation Intel Xeon Scalable processors also include updated Intel SGX capability, providing a foundation for confidential computing.

Confidential Computing Solutions

Leveraging the latest generation Intel processors, phoenixNAP’s dedicated servers will provide the highest level of performance and security. Organizations looking to enable confidential computing will be able to leverage them using multiple deployment models – traditional dedicated servers, Bare Metal Cloud, and Data Security Cloud.

Dedicated Servers

phoenixNAP's dedicated servers portfolio includes a wide variety of Intel-powered platforms designed to provide the highest levels of performance, flexibility and security. Powered by 3^rd Generation Intel Xeon Scalable processors, our dedicated servers are ideal for storing sensitive data and running mission-critical applications.

Order Now

Bare Metal Cloud

Bare Metal Cloud is phoenixNAP's API-driven dedicated server platform that enables automated provisioning of 3^rd Gen Intel Xeon Scalable CPUs. Its key features include nearly instant deployment, management through API, CLI or Infrastructure as Code tools, and cost optimizations through hourly billing and reserved instances options.

Order Now

Data Security Cloud

As a secure multi-tenant cloud platform, Data Security Cloud provides multiple layers of security to ensure maximum data protection. The latest 3^rd Generation Intel Xeon Scalable processors can be used as the foundation for the platform to provide hardware-enhanced encryption and confidential computing potential.

Learn More

Enabling Confidentiality in Multi-Cloud Environments

If you're curious to learn more about confidential computing and our efforts to enable its adoption, watch our recent webinar with Intel and Fortanix. In this session, William Bell, EVP of Products at phoenixNAP, Patrick Conte, VP of Business Development at Fortanix, and Bruno Domingues, Principal Architect at Intel, talked about confidential computing and types of organizations that can benefit from it the most.

Get in Touch!

Feel free to reach out to us for any additional questions about our services or solutions.

Confidential Computing with phoenixNAP's IaaS Solutions