SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Mon, 7th Dec 2020
FYI, this story is more than a year old

Dell Technologies has announced new security advancements, including new offerings across supply chain, services and infrastructure.

"By building security into its supply chain, services, infrastructure and devices, Dell Technologies helps customers lower risk and become more cyber resilient," the company says.

Organisations face increasing pressure to protect themselves and their customers as security risks intensify. The Dell Technologies 2020 Digital Transformation Index found that data privacy and cybersecurity concerns are the No. 1 barrier to digital transformation.

Recent Futurum Research also found that 56% of companies experienced an external cyberattack attributed to a vulnerability in hardware or silicon-level security.

“As digital value is created, security threats follow,” says John Roese, global chief technology officer, Dell Technologies.

“Security is the foundation of everything we do, and our intrinsic security approach addresses our customers' need for trusted technology and partners to help them fend off attacks and lower business risk.

Secure the supply chain and device lifecycle with end-to-end protection

More than three-quarters of organisations prioritise supply chain security during vendor selection to address security threats such as counterfeit components, malware and firmware tampering. Dell Technologies relieves these concerns with new supply chain security offerings and data security-focused services for Dell Technologies infrastructure and commercial PCs. The new offerings strengthen its comprehensive secure supply chain practices.

Protect PCs during transit: Dell commercial PCs – already the most secure in the industry – are now available with more layers of supply chain security and integrity controls. Dell Technologies SafeSupply Chain solutions are offered on top of the Dell Secure Development Lifecycle and standard supply chain security measures. New solutions include:

  • SafeSupply Chain Tamper Evident Services help protect against tampering during transport. Tamper-evident seals are added to the device and its box at the factory before shipping. Customers can choose optional pallet seals for extra security.
  • SafeSupply Chain Data Sanitisation Services prevent spyware or illicit agents from getting injected into a device's hard drive. With a NIST-compliant hard drive wipe, Dell Technologies helps businesses ensure their device has a clean slate before they add their company image.
     

Validate server integrity upon arrival: The Dell EMC PowerEdge server portfolio now comes with Secured Component Verification, an embedded certificate that lets companies verify their servers arrive as they were ordered and built – without hardware compromise. Dell Technologies is the first server provider with a portfolio-wide solution for cryptographically verified hardware integrity.

Also, PowerEdge servers are built with a cyber-resilient architecture, including a well-established silicon Root of Trust. The new Secured Component Verification:

  • Verifies changes are not made to system components (e.g. memory or hard drive swap, I/O changes, etc.) after the server is sealed and shipped from the factory
  • Protects against cybersecurity risks by meeting supply chain security standards across highly regulated industries such as financial and healthcare
  • Allows customers to validate and deploy multiple servers efficiently

Redeploy, retire and keep assets securely: Dell Technologies extends its data security-focused services to the entire Dell Technologies infrastructure portfolio:

·         Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise services now support the entire Dell Technologies infrastructure portfolio and third-party products. Dell can provide the services at the customer's facility to help redeploy or retire assets according to the latest industry and compliance standards.

·         Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise services7 are available for the entire infrastructure portfolio. Sensitive data never leaves customer control while parts are replaced, so businesses can abide by strict data privacy regulations.

Secure infrastructure with customisation, automation and intelligence

Forty-four percent of organisations experienced at least one hardware-level or BIOS attack over the past 12 months and 16% have had more than one attack. Companies need to secure infrastructure at the hardware and firmware level to help prevent certain types of vulnerabilities and malicious attacks. Dell Technologies tackles these issues with new levels of security customisation, automation and intelligence for the PowerEdge server portfolio.

Customise boot security for servers: The boot process is the secure foundation for any device. If the boot process is compromised, attackers can subvert security controls to access any part of the system. With Dell Technologies server security capabilities, IT staff can customise their server boot process to reduce the threat surface and thwart boot-related attacks. This exclusive capability8 – PowerEdge UEFI Secure Boot Customisation – provides advanced mitigation for industry-wide bootloader vulnerabilities. This approach is featured in a recent United States National Security Agency report.

Lockdown servers to protect against threats: PowerEdge servers' integrated Dell Remote Access Controller (iDRAC) offers automated server management both at the server and remotely. With iDRAC, customers can enable or disable a system lockdown without having to reboot. This Dell-only security feature9 prevents unintentional or malicious changes to the server's firmware and critical configuration data. The newest release – iDRAC9 – extends the lockdown capability to include network interface controllers, providing customers more control over the lockdown. The latest release also:

·         Offers stronger security controls with multi-factor authentication

·         Enables Dell EMC OpenManage Ansible Modules to automate important PowerEdge security workflows such as user privilege configuration and data storage encryption

·         Allows customers to manage iDRAC certificates via Redfish APIs for easy access scripting and to automate secure erase scripting across servers