This post originally appeared on Dell, December 7, 2020.
One area emerging as a newer security threat is hardware and the firmware stored within that hardware. Find out more about the cybersecurity options to protect your business and customers.
Start Strong, Stay Strong, Keep Your Opponents in Check
Cyberattacks have the most impact and are a persistent threat to any organization, especially those leveraging information technology to achieve a competitive advantage. Just look at a few of the headlines over the last six months: “Tech Giant Down After Ransomware Attack,” “Cruise Line Suffered A Ransomware Attack In Which Guest And Employee Data Was Accessed,” “Business Giant Data Leaked After Ransomware Attack.” What is going on? There are so many safeguards available today to prevent this kind of impactful breach, what’s missing?
It isn’t that there’s anything missing, per se, it’s that the IT security landscape is constantly shifting, and many IT teams struggle to keep up. Devon Ackerman, head of incident response at Kroll North America was recently quoted by ZDNet as saying, “The ongoing evolution of ransomware creators is constantly shifting the goalposts for those trying to defend data and systems, so vigilance must remain at the top of CIOs to do list.” One area emerging as a newer security threat is infrastructure security, including hardware and the associated firmware.
The server hardware, consisting of the baseboard, memory, CPUs, storage, and so forth, is probably assumed to be the most secure part of the IT infrastructure. It takes some serious Mr. Robot kind of hacking to compromise a server’s hardware. Recent analysis by Forrester shows that 63% of companies have experienced a data compromise due to an exploited vulnerability in hardware- or silicon-level security.¹ Nevertheless, there are hardware hacking proofs of concept and the threat is real. Getting ahead of the problem is the best mitigation strategy.
Start Strong – Validate Your Hardware Configuration from Day One
Dell Technologies has a well-established supply chain and continues to address the evolving threat landscape. Suppliers for Dell systems are vetted, inspected, and validated continuously to meet stringent security requirements for the infrastructure portfolio. Key requirements encompass physical security, cybersecurity, and personnel security as well as risk management processes that incorporate continuous improvement. Providing a reliably secure supply chain reinforces the root of trust that serves as the foundation for our customers’ secure computing and storage environments.
One recent enhancement to our PowerEdge line is the ability to automate the work required to inventory and deploy new systems. With Dell Technologies Secured Component Verification, you can validate the servers’ “as-delivered” hardware inventory compared to the “as-built” inventory, quickly identifying and correcting any changes from the expected configuration. A small detail in the bigger picture, but it’s an improvement with a significant impact to the chain of trust for server infrastructure.
Simply put, when a new system is built in our manufacturing facility, we perform an automated inventory that is cryptographically signed and stored in that new system. When the system arrives, this same inventory process can be run again, and results compared with the trusted inventory stored on the system. Comparing these two inventories guarantees that if anything changed in transit, it can be inspected and corrected before deployment.
Stay Strong – Enhance Your Firmware’s Resiliency
While we’re talking about hardware, let’s bring firmware certificate management into the mix. Certainly not the most exciting part of any system administrator’s day, firmware is an emerging “attack vector” for newer, more sophisticated cyberattacks. The big problem with firmware hacks – if successful, is that they can persist, undetected, because virus protection software is unable to check this level of integrity. Breaching the firmware’s security destroys the chain of trust, rippling into compromised applications and data storage. Some of the most secure computing environments we work with require higher security procedures when it comes to firmware certificate management and validation.
To harden firmware security, we’ve extended the management capabilities for our platform’s secure boot process with Dell EMC PowerEdge UEFI Secure Boot Customization. This new capability enables granular control of the firmware certificate validation process. Customers may now select which firmware and OS bootloaders are authorized to operate on their PowerEdge servers, eliminating dependence on third party certificate authorities. While this level of independence does require more planning and server infrastructure management, it comes with the benefits of increased control, security and reduced exposure to related vulnerabilities in the boot process.
It’s no surprise that the Dell Technologies’ implementation of UEFI Secure Boot Customization was highlighted in the National Security Agency (NSA) recent technical paper “UEFI Secure Boot Customization.” Given our industry leading work in this area, it was rewarding to see PowerEdge servers used to illustrate examples of how to use customization for UEFI secure boot.
Outmaneuver Your Opponents – Enable Intelligent Automation for Your Secure Environment
Dell Technologies makes extensive use of intelligent automation, so you can stay a step ahead of bad actors and keep your opponents in check. With these newest innovations, in addition to the automation capabilities already available in iDRAC, you can rest assured you have the right tools to help build a secure IT infrastructure. Secured Component Verification and UEFI Secure Boot Customization move the security bar higher, increasing the intelligence of the automated processes you rely on to keep pace with your organization’s demand for IT resources.
Understand that your success is our vested interest, so delivering our portfolio of infrastructure products with a secure supply chain and intrinsic security capabilities is a top priority today and going forward. Learn more about our server security approach by reading our Server Security: IT Leaders Guide and Cyber-Resilient Security with PowerEdge Whitepaper.
For over 25 years, InfoSystems has provided reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations. Headquartered in Chattanooga, TN, our trusted team of experts specialize in traditional infrastructure, IT optimization and cybersecurity services, as well as next gen solutions such as hybrid cloud and automation, from partners such as IBM, Red Hat, Dell Technologies, Nutanix, Arctic Wolf and VMware.
¹Forrester Consulting Thought Leadership Paper Commissioned by Dell, BIOS Security – The Next Frontier for Endpoint Protection, June 2019.