Confidential computing technology isolates sensitive data in a protected CPU enclave during processing. The contents of the enclave, which include the data being processed and the techniques that are used to process it, are accessible only to authorized programming codes. They are invisible and unknowable to anything or anyone else, including the cloud provider.

As company leaders rely increasingly on public and hybrid cloud services, data privacy in the cloud is imperative. The primary goal of confidential computing is to provide greater assurance to leaders that their data in the cloud is protected and confidential, and to encourage them to move more of their sensitive data and computing workloads to public cloud services.

For years, cloud providers have offered encryption services to help secure data at rest (in storage, databases and data centers) and data in transit (moving over a network connection). Confidential computing eliminates the remaining data security vulnerability by protecting data in use during processing or runtime. Data is protected at every stage of its lifecycle.