What Is NVIDIA’s “Confidential Computing”?
According to reports from Nikkei, NVIDIA is promoting “confidential computing,” which garnered attention at its technology event “Mythos.” This technology protects data by keeping it encrypted even during processing, significantly reducing the risk of data leaks in the cloud.
For small and medium-sized enterprises (SMEs) advancing AI-driven data analysis and business process automation, this technology opens new governance possibilities. Traditionally, data protection focused on “storage” and “transmission,” but confidential computing enables protection during “use.”
The “In-Use” Blind Spot in SME Governance
Many SMEs manage customer information and business partner data through cloud services. However, when data is processed in the cloud, it becomes unencrypted in memory. This moment represents the highest risk point for internal fraud and external attacks.
For example, when performing AI analysis in a customer management system, raw data is expanded in memory during processing. In environments where employees can access this data, a significant governance gap exists.
Confidential computing processes this “in-use” data while keeping it encrypted, preventing even administrators from viewing its contents. This is a groundbreaking technology that enables both internal fraud prevention and data utilization.
The Intersection of AI Governance and Confidential Computing
At the same time, reports indicate that Tenable and SailPoint are integrating the Claude API to enhance AI governance visibility. These tools monitor and manage what data AI accesses and how it processes it.
One of the biggest obstacles for SMEs adopting AI is “data handling.” Many business owners struggle with decisions like whether to let AI learn from customer data or which data to input into AI.
Confidential computing offers a technical solution to this problem. By enabling AI processing while keeping data encrypted, it balances data protection and utilization.
Concrete Actions SMEs Can Take Now
Confidential computing is often seen as a technology for large enterprises, but SMEs should actively consider it. The reason is that they face relatively higher security risks and have limited resources.
First, Reassess Cloud Service Selection Criteria
Check whether the cloud services you currently use or are considering support confidential computing. Major cloud providers (AWS, Azure, Google Cloud) already offer confidential computing features.
Specifically, these include AWS’s “Nitro Enclaves,” Azure’s “Confidential Computing,” and Google Cloud’s “Confidential VMs.” By using these services, you can achieve confidential computing without additional hardware investment.
Second, Implement Gradually Based on Data Importance
Not all data needs to be protected with confidential computing. Start by applying it to the most critical data, such as customer personal information or confidential business partner data.
For example, it’s practical to prioritize systems with high risk of raw data exposure during processing, such as payroll or customer management systems.
Third, Design Data Governance for AI Implementation
When introducing AI, design data governance that assumes the use of confidential computing. Clarify which data AI accesses and how it processes it, then implement technical protection measures.
Consider adopting AI governance tools like Tenable or SailPoint. These tools visualize AI behavior and detect and prevent inappropriate data access.
Common Failure Patterns and How to Avoid Them
A common failure in implementing confidential computing is focusing solely on technical adoption while neglecting operational rule development.
For example, even if you build a confidential computing environment, its effectiveness is halved if permissions for who can access which data remain unclear. Technology and rules are two sides of the same coin.
Also, introducing confidential computing does not solve all security problems. It is merely one means of risk reduction. It’s crucial to combine it with traditional governance measures, such as employee training and regular audits.
Conclusion: Transforming Governance from “Defense” to “Offense”
Confidential computing has the potential to transform SME governance from “defense” to “offense.” With a foundation for safely utilizing data, you can actively adopt AI to improve operational efficiency and develop new businesses.
What business owners should consider is not “how to protect data,” but “how to protect data while utilizing it.” Confidential computing is a tool that technically enables this balance.
Start by visualizing your company’s data flow and identifying where data is exposed during processing. Then, consider implementing confidential computing to significantly improve governance quality.
Balancing data protection and AI utilization is no longer a privilege reserved for large enterprises. SMEs have the opportunity to leverage this technology to build a competitive advantage. Now is the time to rethink governance as a “design technology” and build the next-generation management foundation.
Comments