In an earlier post I talked about in-memory data protection and how PCI-DSS could do a lot more to impose a specific requirement in this area. An RFE submitted earlier on the topic can be found here and a follow-up on that here.
We don't ignore end point protection because perimeter protection is in place. Same way we shouldn't ignore data in use protection because data at rest and data in transit protection is in place. One reason data in use protection is getting a short shrift is because of the lack of ubiquity in sophisticated technologies in this area. We might have reached a point where we may have crossed that chasm and entered a phase where the availability of such technology and its seamless adoption is within sight.
Microsoft's unveiling of "Azure Confidential Computing" is one example as to us having entered that phase. More information on that by Mark Russinovich, CTO, Microsoft Azure, is here. If a cloud platform with all its complexities has adopted technologies towards data in use protection, there is no excuse for other platforms, environment and sectors giving this topic or the technologies pertaining to it a short shrift.
I had talked about Intel® SGX, one such technology and its use here, here and here and a proof of concept of the technology at work is here. If you would like to further discuss this topic or need help adopting this technology towards protecting your business assets, feel free to reach us at firstname.lastname@example.org or via the contact form here.
Founder of KryptoGuard™ technology initiative, product and services.