Enhanced BIOS Verification Protects PC Firmware Against Sophisticated Threats

As commonplace threats are being thwarted more frequently, cyber criminals are looking for more advanced ways to gain the critical information. As a result, targeted attacks against PC firmware has become an area of concern. In these instances, protecting the PC BIOS, the lowest level of the PC stack, is critical to an organization’s security posture. If an attacker gains access to the BIOS, they can compromise all of a device’s endpoint security capabilities, as well as an organization’s entire network. This type of attack is highly technical and when executed, very damaging.

With the growing frequency of BIOS-specific attacks, and new malware variants possessing the ability to reinstall themselves within the BIOS, organizations need a more sophisticated way to not only protect their systems, but confidently verify that their systems have not been compromised.

Answering that call, Dell Technologies is enhancing its Dell SafeBIOS offering with a new utility for off-host BIOS verification and integrations with CrowdStrike, Secureworks and VMware Workspace ONE for off-host BIOS verification with their tools. Off-host verification offers superior protection as on-host-only approaches are susceptible to local attack. The Dell off-host BIOS verification provides additional security to complement the on-host protection.

Dell’s unique post-boot BIOS verification technology for its commercial PCs gives IT the assurance that employees’ BIOS have not been altered. Should the BIOS get corrupted or tampered with, Dell provides customers flexible reimaging options so that the contaminated BIOS can be analyzed to understand the nature of the attack.

This capability is available as a standalone tool from Dell Support, and is integrated with VMware Workspace ONE, Secureworks and CrowdStrike. VMware Workspace ONE provides IT management with new visibility of BIOS status for unified endpoint management. Customers can leverage Secureworks threat intelligence to not only identify compromises, but provide analysis and remediation. With the CrowdStrike integration, security operations have a more complete view of endpoint risk. Rather than relying on generic BIOS measurements, partners can ensure integrity when performing BIOS checks through their tools and interfaces without having to deploy additional software or access separate consoles. These combined capabilities provide the ability to more quickly identify and remediate potential risks.

Dell SafeBIOS is part of the larger Dell Trusted Security portfolio including:

  • Trusted Devices: With tools like SafeBIOS, Dell enables a secure foundation for customers’ workforce transformation strategies on the world’s most secure commercial PCs. In addition, SafeID protects end user credentials delivering fast, multi-factor authentication you’ve come to expect from the world’s most secure PC portfolio.
  • Trusted Data: Dell constantly monitors and protects the endpoint ecosystem with Dell SafeGuard and Response, while giving IT confidence that data is secure even while end users collaborate freely with Dell SafeData.
Brett Hansen

About the Author: Brett Hansen

Brett Hansen is Vice President, Dell Unified Workspace. In this role, he is responsible for developing solutions that enable customers to simplify and streamline their client lifecycle, secure their endpoints, and ultimately provide users with a more productive and modernized workspace environment. With Dell Technologies uniquely positioned to deliver these solutions, Mr. Hansen harnesses capabilities from Dell Client, Dell Services, VMware and Secureworks to deliver integrated solutions spanning hardware, software and services. These technologies are optimized on Dell Client portfolio, but also embrace the multi-OS and device heterogenous environments of our customers, ultimately providing them with the choice, simplification, and productivity improvements they desire. Brett engages with customers, channel partners and product developers on a daily basis, leveraging his more than 15 years of experience leading business development and channel functions in the software industry. Brett joined Dell after 12 years with IBM Software Group. In his last position at IBM, he served as Director, IBM Tivoli Demand Systems Marketing where he held global responsibility for generating and managing the Tivoli pipeline.