Google Cloud rolled out two security products including a confidential computing service as well as a multicloud analytics tool today during its virtual Next 2020 event.

The security products, Confidential VMs and Assured Workloads for Government, target highly regulated industries such as public sector, health care, and financial services. Meanwhile, BigQuery Omni, which is powered by Google Anthos, lets customers access and analyze their data across data stored in Google Cloud and Amazon Web Services (AWS) with Microsoft Azure coming soon.

With Confidential VMs — the first product in Google Cloud’s new confidential computing portfolio — Google joins rival cloud providers Microsoft, IBM, and Amazon (although AWS’ confidential compute isn’t generally available yet) in offering customers a service that encrypts data in use, while it’s being processed, thus further isolating and securing workloads in the cloud. And in a big win for AMD over Intel, which supports Azure and IBM confidential computing services, Google’s Confidential VMs, now in beta, use second-generation AMD EPYC CPUs.

Data is typically encrypted at rest (in storage) and in transit (as it moves across the network and clouds). But encrypting data in use, which allows it to be processed in memory without exposing it to the rest of the system, is more difficult. Confidential computing environments keep data encrypted in memory and elsewhere outside the CPU. This ensures data stays encrypted while it is used, indexed, queried, or trained on. Additionally, encryption keys are generated in hardware, per VM, and not exportable.

This technology enables several emerging use cases such as multi-party computing or federated learning. It provides a secure platform for multiple parties to combine and analyze sensitive data while preserving privacy and without exposing the data or machine learning algorithms to the other party. For example, Microsoft is working with its banking customers that use Azure confidential computing to analyze data without exposing the underlying data to other parties. By analyzing these transactions, banks can better detect money laundering or fraud.

Google’s Confidential VMs use the Secure Encrypted Virtualization (SEV) feature of second-generation AMD EPYC CPUs, which in addition to providing hardware-level security also allows customers to “lift and shift” all workloads running in GCP or anywhere else to Confidential VMs without retooling the application, said Sunil Potti, GM and VP of cloud security at Google Cloud.

“These kinds of technologies tend to come with a ton of complexity,” Potti said. “And what we’ve done is we’ve simplified the configuration for Confidential VMs so that it is nothing more than a simple checkbox inside the config form.”

This partnership with AMD started a few years ago to integrate its hardware-based security into Google’s fleet, Potti added.

In addition to hardware-based inline memory encryption, Confidential VMs run on top of Google’s Shielded VMs to harden customers’ OS image and verify the integrity of firmware, kernel binaries, and drivers. And while it’s available for virtual machines (VMs) now, Potti says containers will soon follow.

“We hope Confidential VMs becomes mainstream,” Potti said. “And the next step is to go from VMs to containers — essentially to solve for all the workload types. And then down the road there is an advanced mode of homomorphic encryption that takes this to the next level as a natural continuation of confidential computing.”

Google is also a founding member of the Confidential Computing Consortium, a Linux Foundation group.

In addition to Confidential VMs, Google Cloud announced Assured Workloads, which is its alternative to AWS and Microsoft Azure’s government clouds — separate, private cloud environments and data centers for government agencies built to meet the strict compliance requirements for processing government data. Assured Workloads allows government customers to create controlled environments where U.S. data location and personnel access controls are automatically enforced in any of our U.S. cloud regions.

This new service is available in private beta, and only in the United States.

Google maintains that its rivals’ government clouds “don’t come with the technology and benefits that a modern cloud provides, and often require users to operate two distinct application and operation supply chains, adding cost, complexity, and risk,” according to a blog post.

So, instead of building its own separate government infrastructure, Google is betting on public agencies trusting its public cloud and the new Assured Workloads environment to run government workloads. Google says Assured Workloads meets the security and compliance standards set forth by the Department of Defense (DoD IL4), the FBI’s Criminal Justice Information Services Division (CJIS), and the Federal Risk and Authorization Management Program (FedRAMP), while still giving customers access to all of its cloud features and services.

And finally, in its third big Next announcement, Google Cloud rolled out BigQuery Omni, a multicloud analytics service that extends BigQuery across on-premises environments, rival cloud AWS and, coming soon, Azure. It allows customers to connect to their data directly without having to move or copy datasets — and, thus, pay egress fees for moving data from other clouds into Google Cloud.

BigQuery Omni does this using Anthos, Google’s fully managed Kubernetes-based platform that allows users to manage their data and applications in an on-premises environment or across clouds including Google, AWS, and Azure. Google initially announced the hybrid cloud platform at Next in 2018 — when it was labeled Cloud Services Platform — and formally launched at last year’s event.

“Using the same, familiar interface, you can query your data or create dashboards across data sets, which are distributed across multiple clouds including GCP, AWS, and Azure, thanks to the portability afforded by Anthos,” Potti said. “With BigQuery Omni, now customers don’t have to focus on managing their infrastructure or managing their hardware, they can focus on creating value out of their data by doing the analysis and using the familiar interface that they are used to.”

BigQuery Omni is available in private alpha for AWS S3, with Azure support coming soon. BigQuery Omni supports Avro, CSV, JSON, ORC, and Parquet.