Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Microsoft, Google Announce Wider Availability of Secure VMs

Microsoft this week announced the general availability of DCsv2-series virtual machines (VMs), and Google informed customers that Shielded VM is now the default for Google Compute Engine users.

Microsoft this week announced the general availability of DCsv2-series virtual machines (VMs), and Google informed customers that Shielded VM is now the default for Google Compute Engine users.

Microsoft has announced the general availability of DCsv2-series VMs for Azure customers in three regions, with plans to expand the offer to other regions before the end of the year.

DCsv2 VMs, part of the Azure confidential computing offering, are designed to allow customers to protect data while it’s being processed by running on servers that implement a hardware-based trusted execution environment (TEE) that uses Intel’s Software Guard Extensions (SGX).

“Traditionally, applications are protected while at rest and in transit. Now, you can deliver applications that protect data while in use. This enables a new set of scenarios like multiparty sharing, where it’s possible to combine data from multiple companies to run machine learning models without the companies getting access to each other’s data,” Microsoft explained.

Google, on the other hand, announced that its Unified Extensible Firmware Interface (UEFI) and Shielded VM are enabled by default for everyone using its Compute Engine, at no additional cost.

Shielded VM is a hardened virtual machine instance that ensures the VM runs a verified bootloader and kernel when it boots. This can help protect organizations against various threats, such as malicious guest OS firmware, boot and kernel vulnerabilities, and malicious insiders.

Shielded VM became generally available in April 2019 and Google has now enabled it by default for everyone.

“At this time we want to be especially mindful of the many challenges organizations are facing. By making Shielded VM the default for Google Compute Engine, we hope to help simplify your workflows and provide the peace of mind that your VMs and VM-based services are protected from persistent rootkits and bootkits,” Jasika Bawa, product manager at Google Cloud, explained in a blog post.

Since the launch of Shielded VM, Google has expanded its use to several of its cloud services, including Cloud SQL, Kaggle, Google Kubernetes Engine, and Managed Service for Microsoft Active Directory. Users can now also use the Security Health Analytics detectors to identify virtual machines that support Shielded VM, but which don’t have secure boot enabled.

Related: Many New Security Features, Services Added to Google Cloud

Related: Microsoft Releases Azure Security Benchmark

Related: Microsoft Unveils New Security Tools for Azure

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility