SEV Technology for Dummies
You may have heard us talking about how we’re using secure encrypted virtualisation or SEV technology in our DNA Vaults to give unparalleled data security to our users. But… What on earth is SEV I hear you ask?
Good question. Here’s a brief and simple explanation to give you an idea of what it means.
Data increasingly needs to be stored on the Cloud for ease of management, scalability, and cost reduction purposes. This data is stored inside ‘virtual machines’ at cloud data centres. However, when storing highly sensitive and valuable data (like personal DNA data, example) doing so means trusting the hosting provider (e.g. AWS, Google Cloud, Microsoft Azure, etc) to protect that data.
In these highly networked computer systems, anybody with a connection is a potential threat, meaning the stored data is insecure and liable to data breach/hacks.
Therefore, when an attacker or malicious entity successfully gains control of the hypervisor (function that separates a computer’s operating system from the underlying physical hardware), they can read and access all data stored in these virtual machines, no entry appears in the log and the ‘owner’ of the data is entirely unaware.
Enter Secure Encryption Virtualisation (SEV).
SEV technologies (including SEV, SEV-ES and moving towards SEV-SNP) address the cloud trust problem and bring world-class data security to it. It provides better security isolation, rooted in the hardware itself, that means customer data is protected cryptographically from each other and protected from the hosting software.
Our ‘DNA Vaults’ harness SEV technology. These DNA Vaults are fully virtualised machines that run all processes in encrypted memory, encrypting user provided genomic data in storage with private keys provided by their mobile device. These user keys are never stored outside encrypted memory and are only available to the user.
The tech stack is built in such a way that means no one, not even Genomes.io as a technology provider, is able to access user ‘DNA Vaults’ and the user always retains full control over their genomic data stored within.
This gives users the ability to securely store their genomic data in the cloud, with confidence that it is never exposed to cloud-computing attacks or administrators with malicious intentions at cloud data centres or even Genomes.io.
Our collaboration with Advanced Micro Devices (AMD) will allow us to take advantage of the latest security components available in AMD EPYC processors, such as SEV-ES and SEV-SNP to stay at the forefront of cloud data storage security and always provide our customers with the gold standard of protection for their most valuable personal asset.
If you have any questions on SEV or our collaboration with AMD? We’d love to hear from you through our Discord!
Best wishes,
Team Genomes
