The News: Security vendor Thales is collaborating with Intel to enable customers in highly regulated industries to protect workloads and data on-premises and in public clouds. The partnership involves Thales CipherTrust Data Security platform using confidential computing and trusted attestation backed by Intel Trust Authority. You can find the Press Release on the Thales website.
Thales Teams With Intel To Secure On-Premises and Cloud Data
Analyst Take: In an increasingly fragmented and complex cybersecurity landscape, the collaboration between Thales and Intel presents a sophisticated, multifaceted approach to data security, particularly in multicloud and hybrid cloud environments. Leveraging advanced features such as data at rest encryption, key management solutions, and zero trust (ZT) attestation, we believe this partnership addresses the urgent and evolving needs of enterprises for robust, scalable security solutions. Situated against the backdrop of rapid cloud adoption, enterprises are navigating the challenges of multiple cloud providers and an explosion of software as a service (SaaS) applications.
The CipherTrust Data Security Platform includes Thales CipherTrust Data Discovery and Classification, data at rest encryption from the Vormetric Data Security Platform, and KeySecure encryption key management. The suite is built on a microservices architecture and can be deployed on private and public clouds with a single management interface. It can run on a physical or virtual appliance on-premises or as a cloud-based hosted service.
Intel Trust Authority is a suite of services that lets customers protect their apps and data on any platform they choose across multiple clouds, on-premises, and edge locations. Intel Trust Authority verifies the trustworthiness of compute assets through a ZT attestation, and attests to the validity of Intel Confidential Computing environments, also known as Trusted Execution Environments. TEEs are secure areas of a processor where data is isolated from other parts of the system.
Using trusted attestation from Intel, Thales’ CipherTrust Data Security Platform can ensure sensitive workloads are never decrypted outside of an Intel EE, Intel Trust Domain Extension (TDX), or Intel Software Guard Extension (SGX). Intel TDX isolates virtual machines (VMs) from the virtual machine hypervisor and any other non-trusted domain (TD) software on the platform while SGX is hardware-based memory encryption that isolates specific application code and data in memory. Thales’ security suite separates duties and gives customers control of the cryptographic key material so that they do not have to place complete trust in a cloud provider.
The Thales-Intel collaboration addresses concerns enterprises have around data security in multiclouds and hybrid clouds. It also allows organizations to share data safely while meeting regulatory requirements such as the Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and Payment Card Industry Data Security Standard (PCI DSS).
The 2023 Thales Cloud Security Study, a survey of 2,889 security and IT management professionals, found that 79% of respondents used more than one cloud provider, and they averaged 2.3 clouds. They also used an average of 97 SaaS applications, which raises the number of potential attack points. SaaS apps received the most votes as the leading hacker target (38%), with cloud-based storage close behind at 36%.
Also, more than 75% of respondents said that 40% or more of their data in the cloud is sensitive, up from 49% in 2021. Encryption in the cloud is also a challenge. On average, only 45% of sensitive data is encrypted. Of respondents, 62% said they have at least five key management systems, and only 14% said they control all of the encryption keys for data in the cloud.
ZT, a big part of the Thales-Intel collaboration, is still in the early days of adoption. Only 41% respondents in the Thales survey said they have ZT controls on cloud infrastructure, and 38% use ZT controls in cloud networks. The National Institute of Standards and Technology defines ZT as an architecture that “assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location or based on asset ownership.”
Looking Ahead
In a world awash with escalating cybersecurity threats and an explosion of cloud and SaaS adoption, the strategic alliance between Thales and Intel could serve as a new guide for enterprise security. Their joint solution seamlessly integrates advanced encryption, key management, and ZT principles, creating a path toward a holistic security package that addresses the challenges faced by today’s enterprises.
The timing of this partnership is significant. As businesses spread their operations across multiple clouds and a myriad of SaaS applications, they are inadvertently expanding their attack surface. Thales and Intel are stepping in at this critical juncture, offering a solution that not only addresses today’s complex problems but also positions enterprises to better navigate tomorrow’s unknowns. This partnership could very well catalyze a much-needed paradigm shift in cybersecurity, nudging the market toward comprehensive, user-centric solutions that offer not just a technological fix but a strategic edge.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other Insights from The Futurum Group:
Zero Trust – Why Does It Matter, And What Is Data Protection’s Role?
Author Information
Dave’s focus within The Futurum Group is concentrated in the rapidly evolving integrated infrastructure and cloud storage markets. Before joining the Evaluator Group, Dave spent 25 years as a technology journalist and covered enterprise storage for more than 15 years. He most recently worked for 13 years at TechTarget as Editorial Director and Executive News Editor for storage, data protection and converged infrastructure. In 2020, Dave won an American Society of Business Professional Editors (ASBPE) national award for column writing.
His previous jobs covering technology include news editor at Byte and Switch, managing editor of EdTech Magazine, and features and new products editor at Windows Magazine. Before turning to technology, he was an editor and sports reporter for United Press International in New York for 12 years. A New Jersey native, Dave currently lives in northern Virginia.
Dave holds a Bachelor of Arts in Communication and Journalism from William Patterson University.
Regarded as a luminary at the intersection of technology and business transformation, Steven Dickens is the Vice President and Practice Leader for Hybrid Cloud, Infrastructure, and Operations at The Futurum Group. With a distinguished track record as a Forbes contributor and a ranking among the Top 10 Analysts by ARInsights, Steven's unique vantage point enables him to chart the nexus between emergent technologies and disruptive innovation, offering unparalleled insights for global enterprises.
Steven's expertise spans a broad spectrum of technologies that drive modern enterprises. Notable among these are open source, hybrid cloud, mission-critical infrastructure, cryptocurrencies, blockchain, and FinTech innovation. His work is foundational in aligning the strategic imperatives of C-suite executives with the practical needs of end users and technology practitioners, serving as a catalyst for optimizing the return on technology investments.
Over the years, Steven has been an integral part of industry behemoths including Broadcom, Hewlett Packard Enterprise (HPE), and IBM. His exceptional ability to pioneer multi-hundred-million-dollar products and to lead global sales teams with revenues in the same echelon has consistently demonstrated his capability for high-impact leadership.
Steven serves as a thought leader in various technology consortiums. He was a founding board member and former Chairperson of the Open Mainframe Project, under the aegis of the Linux Foundation. His role as a Board Advisor continues to shape the advocacy for open source implementations of mainframe technologies.