Anjuna Enterprise Enclaves

Making Enclaves Enterprise-Ready

Secure enclaves are positioned to quickly become the ubiquitous standard for securing enterprise applications and data. 

But until now, implementing them has been both time-consuming and expensive. The need to rewrite applications with vendor-specific SDKs has put the hardened protection of secure enclaves out of reach of most IT organizations. Anjuna Enterprise Enclaves bring a “lift and shift” approach that harnesses the power of secure enclave technology without requiring changes to applications or operations.

There are a number of features needed to make enclaves effective in an enterprise setting.

Anjuna sees five key requirements that must be met to allow for large-scale deployment of secure enclaves within an enterprise or cloud environment: 
  1. Adoption should be simple and straightforward

  2. Full stack coverage

  3. Protection for storage and networks—anywhere and everywhere

  4. Enterprise-class deployment capabilities

  5. The ability to authenticate and confirm the legitimacy of enclaves

Key Requirement #1

Adoption should be simple and straightforward

There should be no need to rewrite or recompile applications, or to re-engineer IT processes. This means implementation should not rely on ever-changing SDKs from hardware suppliers and others. Anjuna’s “lift and shift” approach facilitates moving applications to secure enclaves without SDKs, recompilation or other operational changes. This includes the full range of applications--including especially vulnerable legacy applications or applications purchased from outside vendors.

secure-enclaves-easy-security-applications-data-anjuna
end-to-end-full-stack-coverage

Key Requirement #2

Full stack coverage

Protecting data in memory is extremely important, but not sufficient. Cloud computing opens a potential risk, because full control of the hardware is not possible. Anjuna software extends enclaves beyond memory to automatically protect storage and networks with full stack protection. This secures the entire stack—both hardware and software.

Key Requirement #3

Protection—anywhere and everywhere

Today’s enterprise operations include a mix of systems on-premise, in public and private clouds, and hybrids. Anjuna Enterprise Enclaves enable applications and data to be securely deployed anywhere enclave-based technologies are supported.

Anjuna supports Intel and AMD platforms today and will shortly support Amazon Nitro Enclaves. Anjuna Enterprise Enclaves run with Microsoft’s Azure confidential computing and numerous other clouds that deploy Intel and AMD enclave technology.  Workloads can be executed across any enclave platform without modification.

Screen Shot 2020-05-04 at 9.40.54 AM
secure enclave deployment process anjuna security

Key Requirement #4

Enterprise-class deployment capabilities

The value of an enclave is related to its ability to seamlessly integrate with your business and IT processes. Enterprises need to ensure enclaves work in high availability and disaster recovery scenarios, to scale in the cloud, to access files and applications running on different machines, and to easily upgrade applications, firmware, and hardware. Anjuna Enterprise Enclaves offer options to protect your security and business continuity in these scenarios by integrating with existing key management solutions.

Key Requirement #5

The ability to authenticate and confirm the legitimacy of enclaves

Anjuna uses attestation to authenticate the hardware inside which a secure enclave is running as genuine, and to attest to the integrity of enclave memory to a remote party. Creating a hardware root of trust allows secure enclaves to protect applications, data, and storage—locally, across the network, and in the cloud—simply and effectively. 

authenticate and confirm the legitimacy of enclaves
Davi-Ottenheimer-Anjuna-Advisor

"A new generation of data security is here with Anjuna Enterprise Enclaves. Their cloud agnostic full stack data protection solution is so easy to deploy and use, it brings an obvious productivity boost to an enterprise by simplifying strong encryption of sensitive data."

Davi Ottenheimer

Former head of security, Mongo DB, VP of Trust and Digital Ethics, Inrupt

Secure Enclaves Are the Future of Data Security