The News: Security vendor Thales is collaborating with Intel to enable customers in highly regulated industries to protect workloads and data on-premises and in public clouds. The partnership involves Thales CipherTrust Data Security platform using confidential computing and trusted attestation backed by Intel Trust Authority. You can find the Press Release on the Thales website.

Thales Teams With Intel To Secure On-Premises and Cloud Data

Analyst Take: In an increasingly fragmented and complex cybersecurity landscape, the collaboration between Thales and Intel presents a sophisticated, multifaceted approach to data security, particularly in multicloud and hybrid cloud environments. Leveraging advanced features such as data at rest encryption, key management solutions, and zero trust (ZT) attestation, we believe this partnership addresses the urgent and evolving needs of enterprises for robust, scalable security solutions. Situated against the backdrop of rapid cloud adoption, enterprises are navigating the challenges of multiple cloud providers and an explosion of software as a service (SaaS) applications.

The CipherTrust Data Security Platform includes Thales CipherTrust Data Discovery and Classification, data at rest encryption from the Vormetric Data Security Platform, and KeySecure encryption key management. The suite is built on a microservices architecture and can be deployed on private and public clouds with a single management interface. It can run on a physical or virtual appliance on-premises or as a cloud-based hosted service.

Intel Trust Authority is a suite of services that lets customers protect their apps and data on any platform they choose across multiple clouds, on-premises, and edge locations. Intel Trust Authority verifies the trustworthiness of compute assets through a ZT attestation, and attests to the validity of Intel Confidential Computing environments, also known as Trusted Execution Environments. TEEs are secure areas of a processor where data is isolated from other parts of the system.

Using trusted attestation from Intel, Thales’ CipherTrust Data Security Platform can ensure sensitive workloads are never decrypted outside of an Intel EE, Intel Trust Domain Extension (TDX), or Intel Software Guard Extension (SGX). Intel TDX isolates virtual machines (VMs) from the virtual machine hypervisor and any other non-trusted domain (TD) software on the platform while SGX is hardware-based memory encryption that isolates specific application code and data in memory. Thales’ security suite separates duties and gives customers control of the cryptographic key material so that they do not have to place complete trust in a cloud provider.

The Thales-Intel collaboration addresses concerns enterprises have around data security in multiclouds and hybrid clouds. It also allows organizations to share data safely while meeting regulatory requirements such as the Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and Payment Card Industry Data Security Standard (PCI DSS).

The 2023 Thales Cloud Security Study, a survey of 2,889 security and IT management professionals, found that 79% of respondents used more than one cloud provider, and they averaged 2.3 clouds. They also used an average of 97 SaaS applications, which raises the number of potential attack points. SaaS apps received the most votes as the leading hacker target (38%), with cloud-based storage close behind at 36%.

Also, more than 75% of respondents said that 40% or more of their data in the cloud is sensitive, up from 49% in 2021. Encryption in the cloud is also a challenge. On average, only 45% of sensitive data is encrypted. Of respondents, 62% said they have at least five key management systems, and only 14% said they control all of the encryption keys for data in the cloud.

ZT, a big part of the Thales-Intel collaboration, is still in the early days of adoption. Only 41% respondents in the Thales survey said they have ZT controls on cloud infrastructure, and 38% use ZT controls in cloud networks. The National Institute of Standards and Technology defines ZT as an architecture that “assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location or based on asset ownership.”

Looking Ahead

In a world awash with escalating cybersecurity threats and an explosion of cloud and SaaS adoption, the strategic alliance between Thales and Intel could serve as a new guide for enterprise security. Their joint solution seamlessly integrates advanced encryption, key management, and ZT principles, creating a path toward a holistic security package that addresses the challenges faced by today’s enterprises.

The timing of this partnership is significant. As businesses spread their operations across multiple clouds and a myriad of SaaS applications, they are inadvertently expanding their attack surface. Thales and Intel are stepping in at this critical juncture, offering a solution that not only addresses today’s complex problems but also positions enterprises to better navigate tomorrow’s unknowns. This partnership could very well catalyze a much-needed paradigm shift in cybersecurity, nudging the market toward comprehensive, user-centric solutions that offer not just a technological fix but a strategic edge.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.