Proven compliance with regulatory requirements
The verifiable encryption and isolation of data from access by third parties makes it possible to meet the requirements of supervisory authorities in regulated areas.
Protect complete container workloads easily and verifiably from unauthorized access by third parties
Confidential Kubernetes combines the flexibility of modern container orchestration with the highest security standards of confidential computing. The solution makes it possible to easily deploy and operate highly secure Kubernetes clusters in the cloud. The special feature here is that the clusters are completely isolated from the underlying infrastructure and from access by third parties. All data is encrypted throughout - even during processing in the working memory (runtime encryption). These security features are cryptographically verifiable to third parties at all times.
Applications of STACKIT Confidential Kubernetes
The following use cases can be realized with STACKIT Confidential Kubernetes:
Migrate sensitive workloads to the cloud
Protection against unauthorized access using STACKIT Confidential Kubernetes makes it possible to migrate even particularly sensitive workloads to the cloud. This turns the STACKIT public cloud into a private cloud for users.
Increase protection of containerized workloads against unauthorized access
The complete encryption and isolation of the Kubernetes cluster from the underlying infrastructure effectively protects the data processed in it and the control plane from access by unauthorized third parties.
STACKIT Confidential Kubernetes functions
All Kubernetes nodes are run in highly secure, isolated environments.
- Comprehensive encryption: While runtime encryption protects data throughout processing in memory, network and storage encryption ensures that information is also protected at rest and in transit at all times.
- Automated key management: Cryptographic keys are managed fully automatically within the protected environments. This transparent key management ensures simple handling with a maximum level of security.
- Integrity check by remote attestation: Each new node in the cluster is verified by remote attestation before commissioning. Only nodes whose integrity has been proven beyond doubt are given the necessary keys for access to the cluster network and storage.
- Whole cluster attestation: DevOps teams can prove the security and integrity of an entire cluster using a single, hardware-bound certificate.
- Enterprise-ready DevOps: The security features are complemented by functions for high-availability operation, day-2 operations (such as upgrades and recovery) and infrastructure-as-code support to ensure smooth operation.
Advantages of STACKIT Confidential Kubernetes
- You can independently, quickly and easily protect containerized workloads from unauthorized access and prevent data leaks.
- You can migrate critical workloads to the public cloud and transform the public cloud into a private cloud
- You increase the trustworthiness of your own SaaS offerings on STACKIT.
- You demonstrably fulfill regulatory and compliance requirements for data protection.
Your trial access to STACKIT Confidential Kubernetes
Experience the security of STACKIT Confidential Kubernetes on a data-sovereign, GDPR-compliant cloud infrastructure. Scale your applications flexibly and with uncompromising security.
Get your free, no-obligation trial access now!
Tip: Take this opportunity to sign up directly for our product updates. This way, you’ll learn firsthand how to get the most out of our Confidential environment for your use cases.
Contact form
Would you like to find out more about STACKIT cloud solutions? Do you have questions about cloud services, would you like an individual price estimate or would you like to find out more about our company? Use our contact form to get in touch with our experts directly. We will be happy to help you!