Anjuna Enterprise Enclaves™ build on industry momentum and new CPU technology to lay groundwork for new era of secure computing
PALO ALTO CA — A new industry-driven approach provides enterprise CIOs and CISOs with a reliable, easy-to-implement way to protect corporate data anywhere—putting an end to the ongoing problem of data insecurity.
Anjuna Security Inc., the enterprise enclaves company, today announced it has closed a critical gap in data security, using full hardware-grade protection to enable new and existing applications to run without modification. Anjuna Enterprise Enclaves extend hardware runtime data protection to data-at-rest and data-in-motion, while addressing one of the most vexing flaws in enterprise data security: Data cannot be used and secured simultaneously—a flaw at the heart of virtually every enterprise data breach.
While software security solutions offer some protection, they are ultimately undermined by attackers who gain full control of servers or encryption keys exposed in memory during runtime. Encryption keys are central to most data protection schemes. When exposed, security tools can no longer protect data or applications from malicious insiders, unauthorized third parties, and other bad actors, such as rogue nation states.
“Software-based security is inherently flawed because data-in-use is fundamentally not secured in memory or the CPU. As a result, security teams play a never-ending game of cat-and-mouse with bad actors—building software barriers they know will eventually be breached,” said Ayal Yogev, CEO and co-founder of Anjuna Security. “This means CISOs live in a rather uncomfortable perpetual state of data insecurity.”
The Technology to Fix the Flaw
In recent years, such CPU vendors as Intel (SGX) and AMD (SEV) added proprietary security features into their high-performance CPUs. These enhanced instruction sets enable programmers to create secure enclaves—fully protected and encrypted regions of computer memory effectively invisible outside the enclave. To utilize these facilities, however, requires rewriting software code.
“These new silicon-level technologies solve the data security flaw—a great first step to opening up applications we can’t even imagine today,” said Yogev. “They finally solve the data insecurity challenges that have plagued companies, for decades—building extremely complex layered security software defenses that never totally eliminate the ever-present threat of incursions.”
Broad Industry Support Technology
CPUs with secure enclave capabilities are already being used in the latest servers for data centers, and public cloud vendors are also rapidly adopting the technology. Anjuna is a member of the Confidential Computing Consortium, a group formed by the largest industry players to bring this technology to commercial use. Led by Microsoft, Intel and AMD, the consortium is driving deployment of new data secure cloud services based on these secure hardware platforms, such as Azure confidential computing, Baidu, and more.
Secure Enclaves Made Enterprise-Ready
Even with secure hardware within reach, enclaving an application is still not a simple process for enterprises. Proprietary software developer kits do not generate applications that can run on multiple hardware platforms. This makes implementing enclaves a time consuming and expensive process that most enterprises aren’t willing to undertake on their own.
“We knew enterprises couldn’t afford to rewrite applications for each hardware platform,“ said Yogev. “That’s why we created a way for them to deploy fully managed enterprise-class enclaves that span memory, storage, networks and clouds instantly—simply, as is, and without any recoding.”
A New Era of Secure Computing: Anjuna Enterprise Enclaves Software
According to Yogev, Anjuna sees a future where enterprises achieve a state of absolute data security for all data and applications anywhere they are used. This frictionless security will enable completely new ways to deploy data and applications more effectively, while allowing enterprises to work more efficiently with absolute data security.
“Anjuna Enterprise Enclaves deliver on the promise of a new level of data security by addressing the problem CIOs and CISOs have chased for decades: how to seamlessly run trusted workloads in uncontrolled and/or hostile environments and prevent data leaks—all while maintaining productivity,” said Michael Johnson, former CISO of Capital One and former CIO of the US Department of Energy. “Now CISOs can feel comfortable saying yes to the cloud—knowing their information is secure, no matter where it is run or stored.”
Anjuna Enterprise Enclaves software is available now directly from Anjuna and through the Microsoft Azure confidential computing marketplace.
Anjuna provides simple secure enterprise-ready application and data protection that is invulnerable to malicious software, IT insiders, and bad actors. With Anjuna, enterprise IT can safely run workloads within the isolated and encrypted confines of a secure enclave on-site or in the cloud. Unlike point solutions, Anjuna enables enterprises to deploy fully managed enterprise-class enclaves that span memory, storage, networks, and cloud instantly, as is, and without recoding. Anjuna is based in Palo Alto, California.