Secure Enclave Concerns

,

We worry about security as data professionals. It's a constant issue, though it seems that so many of the data breach issues come from simple mistakes. We have lots of automation, configuration as code, and more. These days we should have a protocol and automated process for setting up systems, file shares, and other ways of allowing others to access data.

Awhile back we had attacks against hardware (Meltdown and Spectre), which required patches to systems to secure them. This was disruptive, but I haven't seen any widespread security issues as a result of these flaws. Many systems were patched, though it's entirely possible that there have been exploits.

In a report this week, researchers have found a way to read data in the secure enclaves of some chipsets. That's disconcerting because lots of secure software counts on the Intel Software Guard Extensions (SGX) protecting data. This is part of the Always Encrypted enhancements in SQL Server 2019, which I was happy to see added. These are supposed to help ensure you can protect data, even if you don't have control of the physical machine, which is common in hosted and cloud scenarios.

A new exploit could be a problem. Intel says it's not, but they have an interest in saying that. The research looks complicated, and I could certainly see this is hard to do, but attacking a large environment, like a cloud subscription, might be something hackers try. Even if they aren't successful, there may be performance issues with SGX calculations from a software patch.

The point of this piece isn't to alarm you. Likely this is more speculative than reality, but you should be aware there are potential issues. Encryption and security are complex topics, and I'm hoping Intel and Microsoft (and others) come up with better protections and mitigation for the issue. However, ultimately it's up to us tech professionals to understand what possibilities there are and ensure we are taking every precaution we can.

Rate

Share

Share

Rate