Cybersecurity. Just hearing that word sends chills up and down the spines of most IT folks I know. It is a complex and unrelenting challenge every company wrestles with as they embark on or continue their digital transformation. It is the “thing that keeps you up at night” and is the #1 subject on the minds of every public and private Board of Directors.
On that topic, it isn’t every day you have the opportunity to claim cybersecurity enhancements across your entire portfolio. Today, Dell Technologies is expanding on our foundation of cybersecurity features that help establish and maintain a secure IT ecosystem, from the edge to the core and the cloud. These elements, separately and combined, are intended to bolster your trust and confidence in Dell Technologies as the primary source of IT solutions in today’s digital era.
Our story is quite simple for this announcement – battling cybersecurity is about starting strong, staying strong, and outmaneuvering threats. It sounds simple on paper, but it is not simple in execution. Let me take you through what we’re doing to enhance our systems’ intrinsic security so you can focus on your customer and driving your business.
Starting strong is about laying down a trusted IT infrastructure foundation. That foundation starts with the silicon design and permeates the system’s lifecycle, from supply chain management to manufacturing, delivery, production, and retirement – all from a single, trusted vendor. In this domain, we’re introducing Dell Technologies Secured Component Verification, part of our Cyber Resilient Architecture for PowerEdge servers. Secured Component Verification provides “as-built” hardware validation upon delivery to ensure that nobody has modified your new systems’ hardware configuration in transit.
Complementing this capability for Dell Trusted Devices is the new Dell SafeSupply Chain solution, which delivers additional layers of supply chain security and integrity controls to what are already the industry’s most secure commercial PCs. The new services include tamper-evident seals and a NIST compliant hard drive wipe.
We’re formalizing our service offerings for Enterprise customers to simplify system lifecycle management. With services such as Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise, customers maintain complete control over failed parts, never letting sensitive data out of their sight. With Data Sanitization for Enterprise and Data Destruction for Enterprise services, data residing on end-of-life systems is secured in accordance with NIST 800-88 standards. New to this offering is the ability to offer onsite service as well as the capability to sanitize 3rd party systems, delivering a more complete portfolio that serves evolving customer needs.
Staying strong is about being constantly vigilant, looking over the horizon for emerging threats, and providing solutions before there is a (big) problem. This involves systems going into production as well as live systems with critical customer data. Here we’re offering Dell EMC PowerEdge UEFI Secure Boot Customization to address industry-wide firmware certificate authenticity issues. This supports our most secure customers establish and maintain complete control over their server operations. There was recently an industry-wide vulnerability in the Linux GRUB2 bootloader (aka “BootHole”) discovered. Key to the advanced mitigation solution was the use of UEFI Secure Boot Customization. The Dell Technologies implementation of UEFI Secure Boot Customization was highlighted in the National Security Agency (NSA) in their recent technical paper “UEFI Secure Boot Customization.”
Staying strong is also about being resilient and coming back stronger when cyberattacks happen. Last week we announced that PowerProtect Cyber Recovery became the first and is currently the only solution to receive endorsement for meeting all of the data vaulting requirements of the Sheltered Harbor standard. Sheltered Harbor is an industry-led initiative created to protect customers, financial institutions, and public confidence in the financial system if a catastrophic event like a cyberattack causes critical systems to fail. PowerProtect Cyber Recovery Solution utilizes a policy-based workflow to securely move business critical data into an isolated environment, preserving and shielding it from invasive cyberattacks. If a major attack occurs, a copy of your most valuable data is secure and ready to restart your IT operations.
Outmaneuvering threats is about using every possible advantage to anticipate and mitigate the risks, both outside and inside, aimed at your infrastructure. Here we talk about automation, telemetry, and leveraging AI/ML. For automation, we’re further enhancing Dell EMC OpenManage Ansible Modules. OpenManage Ansible Modules simplifies the automated provisioning, deployment, and updating of PowerEdge servers and modular infrastructure for administrators and developers using RedHat Ansible. For the DevOps team, this integration enables Infrastructure as a Service (IaaS) and Infrastructure as Code (IaC). For the Security team, this enables automated security workflows for configuring user privileges, data storage encryption, secure erasure, and firmware updates, to name just a few.
Embedded with every PowerEdge server is the Integrated Dell Remote Access Controller (iDRAC). The iDRAC provides secure, comprehensive, embedded management across the PowerEdge family of servers. iDRAC9 improvements in this release take our unique system lockdown feature to the next level, by locking a NIC to prevent changes to the firmware from the OS and any resident malware. Also, two-factor authentication (2FA) and RSA SecureID support extend the already impressive set of security features available today.
Finally, and just as important as everything else outlined here, there is leveraging the telemetry available from iDRAC. The iDRAC sends real-time data for over 5000 different server elements to analytic tools such as Splunk, from CPU utilization to power consumption to network utilization. While the vastness of the available server data is compelling, the value lies in analyzing and learning from the data of all the systems that make up the server infrastructure. This is where the real game of “cat and mouse” is played, where intelligent systems may see early signals of potential attacks and send alerts before the situation turns into a breach. Solutions like CyberSense for PowerProtect Cyber Recovery Solution and Dell Endpoint Security are also available to help you thwart ransomware and malware attacks on your servers, desktops, laptops, and tablets.
Confidence from the Start
Products and services, such as the ones we’re announcing today, ultimately have one goal – instill confidence in your IT infrastructure so that your time and energy is spent on innovation and thrilling your customers. Nobody wants to spend all their time chasing shadows, always worried about how severe the next attack will be. We’re here to enable you to be proactive and resilient when it comes to cybersecurity, today and throughout your entire lifecycle.
To learn more about all the new cybersecurity elements in this launch please view the our Security Point of View Paper, explore our Virtual Security Experience and visit our Emerging Technologies page.