Confidential containers on Azure Container Instances reaches public preview

Microsoft has announced the public preview of confidential containers on Azure Container Instances. With this offering, Microsoft will allow customers to import container workloads while Microsoft manages the privacy and security compliance.

“[This is a] truly innovative offering that balances that tug of war between ease-of-use user experience, as well as security and privacy on data that you bring to running Azure. It's a first of its kind, confidential serverless offering, taking the best of both serverless with flexibility and reduced costs and security and privacy with data protection from confidential computing,” Graham Bury, product leader for Azure Confidential Computing, told attendees at the recent Microsoft Secure digital event.

Customers are demanding increased control of their data to comply with privacy laws in the European Union and around the world. Confidential computing is intended to secure data while in processing, expanding on existing encryption that protects data at rest and in transit, as a way to guard against insider threats and cross-tenant attacks.

See also: 

• AMD and Microsoft focus on confidential computing
• Azure Updates: Confidential Computing; Insight Engines; VM Backup; Backup center

To achieve these goals, Microsoft has created a consortium with other organizations dedicated to confidential computing, collaborated on purpose-built hardware, and set up attestation for workloads. Services like SQL Always Encrypted work with tamper-protected Confidential Ledger.