Today Dell Technologies announced several security advancements across several areas including supply chain, services, devices, and infrastructure. Aside from the supply chain (which is in and of itself a big deal), the company is offering protection through the boot process and dynamic system lockdown. Dell doesn’t stop at its own products but extends the data security-focused services to third-party products as well.
Today Dell Technologies announced several security advancements across several areas including supply chain, services, devices, and infrastructure. Aside from the supply chain (which is in and of itself a big deal), the company is offering protection through the boot process and dynamic system lockdown. Dell doesn’t stop at its own products but extends the data security-focused services to third-party products as well.
Security is one of the top concerns and attacks aren’t going down any (we all get the call about our vehicle’s extended warranty). The digital landscape has rapidly changed over the last few years but there can be lots of resistance to embracing these changes, and reaping the benefits, if security is one’s main concern. Research from Futurum has shown that recently as high as 56% of companies had cyberattacks that were attributed to a vulnerability in hardware or silicon-level security.
Dell Technologies is not new to security issues or making their devices and services more secure. They claim to have embedded hundreds of professional security engineers across the company to design and build security into its supply chain, services, infrastructure and devices. Their security measures ran the entire gamut of the company from root of trust in their PowerEdge servers to end-to-end encryption in its PowerMax to cyber recovery solutions in PowerProtect to security below the operating system in the company’s PCs.
A big issue is securing the supply chain. A vendor can do everything right but have a nefarious actor somewhere in the supply chain compromise security. Compromise can be adding malware or counterfeit parts, or tampering with the firmware. There have been a few high-profile examples of this in the last few years. Dell Technologies is looking to assuage fears with its new supply chain security offerings and data security-focused services for Dell Technologies infrastructure and commercial PCs. This offering strengthens secure supply chain practices.
For commercial PCs, Dell is beefing up its supply chain security and while in transit. According to the company, Dell Technologies SafeSupply Chain solutions are offered on top of the Dell Secure Development Lifecycle and standard supply chain security measures. New solutions include:
For Dell EMC PowerEdge servers, the new more secure supply chain measures include a server validation for integrity upon arrival. This Secured Component Verification is an embedded certificate that lets companies verify their servers arrive as they were ordered and built. This makes Dell Technologies one of the first major server vendors to offer cryptographically verified hardware integrity. The above new security measures build upon the existing cyber-resilient architecture, including a well-established silicon Root of Trust. The new Secured Component Verification:
The above new features are great for those that are buying new gear, but as well all know servers get moved around and repurposed quite a bit, another layer where security can be compromised. Dell Technologies isn’t stopping at securing new infrastructure, they are going back through their existing portfolio as well with these two new features:
The above is great for securing the devices that are being created or transported. While this is an area of concern, roughly half of the attacks come are at the hardware-level or are BIOS attacks. That means security needs to be strong at the hardware and firmware level. Dell is looking to secure its PowerEdge servers through a combination of security customization, automation and intelligence.
As servers boot up, if there is an issue and the boot is compromised bad actors can get into any part of the system. Dell Technologies is releasing customizable boot security for the PowerEdge servers. This custom approach, PowerEdge UEFI Secure Boot Customization, allows IT to setup the boot process, lowering the chance of a successful attack. The feature is said to provide advanced mitigation for industry-wide bootloader vulnerabilities.
The final security feature announced today is the ability to lockdown servers. The latest version of iDRAC enables customers the ability to enable or disable a system lockdown without rebooting. Through this feature, admins can prevent malicious or unintentional changes to the server’s firmware. The new release also includes:
Engage with StorageReview
Newsletter | YouTube | Podcast iTunes/Spotify | Instagram | Twitter | Facebook | RSS Feed
iXsystems has launched the TrueNAS Enterprise H-Series platforms, designed to give organizations ultimate performance. The H10 model is now available,…
Hannover Messe 2024 represents a significant event in the global industrial sector, serving as the world's largest industrial trade fair.…
The IBM Storage Assurance program offers access to the latest FlashSystem hardware and software, supporting investment protection from day one.…
Proxmox Backup Server 3.2 has been released - open-source solution designed for backup of VMs, containers, and physical hosts. (more…)
IBM has unveiled the FlashSystem 5300, setting a new standard for entry-level all-flash storage systems by providing impressive performance, high…
Proxmox Server Solutions has released the latest update to their server virtualization management platform, Proxmox VE 8.2. (more…)