Because security is key to keeping business working, HPE focuses on building security into its hardware, its supply chain, and all of its technology platforms and solutions.
By guest blogger Ed Tittel, technology writer/consultant
Creating and maintaining security works best when businesses select a vendor who understands that security must be designed and built into systems and software from their first beginnings all the way through the entire lifecycle. SMBs can take comfort from understanding that HPE provides complete security coverage for them from end to end, for all users and the networks, systems, and services they consume.
The 2021 security landscape
The best way to understand cybersecurity is as an organized collection of tools, technologies, processes, and practices focused on protecting digital systems and assets. That means cybersecurity seeks to protect networks, devices, software, and data from loss, harm, damage, attack, and unauthorized access. Security runs from end to end, and encompasses all the systems, devices, links, communications, data, and programs that belong to or participate in the business IT environment.
Risk management is a key ingredient of cybersecurity. Because reducing or eliminating risk is a given, management comes into play by using intelligence and understanding to prioritize or rank the risks an organization faces. Simply put, it makes most sense to devote time, money, and resources to mitigating risks that will most likely cause damage or harm. In fact, because the threat landscape keeps changing and shifting, todayโs high-priority โhair-on-fireโ risks may be tomorrowโs secondary โweโll get to it laterโ risks. HPE can help SMBs deal with all their security concerns, and ensure their risk management strategies align with their business objectives.
Various HPE technologies help SMBs address specific security risks, especially for HPE servers and technology solutions. These include silicon root of trust, HPE Pointnext security services, the Trusted Platform Module (TPM), and HPEโs Trusted Supply Chain.
Silicon root of trust
A silicon root of trust seeks to protect systems against targeted low-level firmware and BIOS attacks. HPE builds a root of trust into the silicon on its HPE ProLiant servers, and also establishes a secure link between that silicon and the companyโs Integrated Lights-Out (iLO) firmware. A silicon root of trust prevents compromised or suspect code from running by imposing integrity checks on firmware before it executes, using special read-only checksums and comparison tools. These checks arenโt accessible to the operating system or programs that it runs, so theyโre difficult to attack or defeat.
If hardware checks detect evidence of tampering or change, HPE iLO firmware wipes suspect firmware. It then uses a valid and demonstrably correct firmware image from a trusted source to replace the old code with a known, good working version. In fact, HPE builds encryption into its breach detection tools so that only safe firmware ever gets executed. If a server is unable to obtain or run safe firmware, it shuts down rather than use suspect code. This is how HPE protects ProLiant servers from rootkits and other pre-boot attacks.
HPE Pointnext Services
HPE Pointnext Services is the companyโs support, consulting, professional, and educational services organization. Pointnext experts work with HPE customers to address security and risk management challenges as help and input are needed. HPE gladly works with SMBs to help them prepare their workers and re-skill employees with security training and certification. HPE Digital Learner subscriptions bring HPE technical training to SMB teams, and combine access to its complete library of training offerings at reduced cost.
Trusted Platform Module
A TPM takes the form of a computer chip (microcontroller). Itโs purpose-built to securely store information used to authenticate runtime platforms and activities, including client and server PCs. Since January 2021, Microsoft requires all new Windows Server platforms to support TPM version 2.0, with Secure Boot enabled by default, and with BitLocker encryption recommended to protect system/boot drives. HPE has supported and implemented TPM since 2009, when it became ISO/IEC Standard 11990. All modern HPE ProLiant servers meet or exceed these requirements, and HPE offers a solid, protected silicon root of trust to all ProLiant users.
HPE Trusted Supply Chain
Because some customers are subject to high security requirements, by law or by choice, HPE operates a special Trusted Supply Chain. Typical customers for the products it builds include U.S. government and public sector entities who must buy only U.S.-sourced products with verifiable cyber assurance. Customers around the globe can purchase from this supply chain (except for China, Taiwan, and India).
HPE builds security into the Trust Supply Chain in two ways. First, all products in the supply chain feature built-in security hardening from the silicon level into firmware and tools. Those hardening techniques include a silicon root of trust, TPM, UEFI secure boot, a reduced attack surface, tamper-proofing at the silicon level, embedded tamper alarms, and physical locks. Second, HPE employees supervise the entire supply chain from end to end during manufacturing. That is, HPE employees vet all parts, observe assembly, and ensure packaged devices are tamper-free until customers accept delivery.
Visit the HPE Security Solutions page to learn more about HPEโs baked-in, end-to-end security through its silicon root of trust, TPM, Trusted Supply Chain capabilities, and more.
Meet our Compute Experts guest blogger Ed Tittel, technology writer/consultant
Compute Experts
Hewlett Packard Enterprise
twitter.com/HPE_SMB
linkedin.com/showcase/hpe-servers-and-systems/
hpe.com/servers
ComputeExperts
Our team of Hewlett Packard Enterprise server experts helps you to dive deep into relevant infrastructure topics.
