Photo: Evdokimov Maxim – shutterstock.com
An end to the cyber attacks on companies and their employees is not in sight – on the contrary: the number and variety of attacks continues to increase. According to a recent study by the accounting firm Deloitte, around 85 percent of all medium-sized and large companies in Germany are exposed to cyber attacks. About 28 percent of the companies report daily attacks, and another 19 percent do so at least once a week.
Large companies are particularly often involved in cyber attacks – 40 percent of companies with 1,000 or more employees are attacked every day. The frequency of attacks has increased according to the security report compared to previous years. At around one in five companies, such attacks have already caused noticeable – in some cases even massive – damage, the report says.
To prevent such and other security problems and to protect their employees’ computers, IT managers today generally rely on security software such as virus and malware scanners. Practice shows, however, that purely software-based protection is incomplete and unreliable. Software-based security solutions can neither protect against theft and data theft, nor against the infiltration of malicious code via vulnerabilities in firmware and driver software. A recent Forrester survey commissioned by Dell found that 63 percent of companies had already been compromised due to a hardware or chip vulnerability.
Hardware-based security functions, such as those provided by the Intel vPro platform, can help to close security gaps fundamentally – beyond virus protection programs – by supplementing the software-based protective measures. Unlike the software-based features, the hardware-based functions are implemented at the silicon level. They offer a solid basis for the endpoint security strategy of every company.
The Intel platform vPro is based on a multi-dimensional approach. Hardware-based protection improves firstly the effectiveness of threat detection, secondly protection against theft and manipulation, thirdly the protection of the identity of the user and his data and fourthly the recovery after a data breach.
As shown in the graphic, the Intel hardware protection shield acts as the basis for the vPro platform with functions that build on this basis and support the IT teams in achieving the four primary security goals. Apart from that, the implementation and administration of protective measures of the computing infrastructure is more efficient with the vPro platform.
Photo: Intel
Hardware-based threat detection plays a central role in the vPro platform. Today’s cyber threats often attack devices at levels below the operating system, where they can cover their tracks under the radar of anti-malware software.
An error or a weak point in the firmware or in the device drivers can be used by hackers to inject malicious code such as rootkits and bootkits into the computer and to hide this code from antivirus solutions. This lack of protection allows malicious code to secretly hijack systems when devices are started.
The vPro platform provides a number of functions to ward off such firmware attacks and reduces the attack surface at the firmware level. Intel Hardware Shield, for example, takes care of BIOS and firmware and ensures that the operating system only runs on authorized hardware. It prevents injection of malicious code by restricting memory access in the BIOS at runtime.
A central challenge for those responsible for security is the increasing remote working in the home office and at other remote locations outside the company firewall. Here, IT can easily lose control of a device to a malicious actor via firmware vulnerabilities. The latter can then steal or delete valuable data – or even demand a ransom for returning the device.
Firmware vulnerabilities in remote computers can only be eliminated with great effort. A remote administrator usually needs to connect to the operating system to interact with this device and apply a software patch. Some firmware patches must be run before the operating system starts up. Others require IT technicians to physically interact with the device firmware below the operating system.
Unfortunately, it is not always possible to quickly physically access the device from a remote location to turn it off before a damage event. This is where the vPro platform comes in. With Active Management Technology (AMT), it offers the possibility to patch devices remotely. In an emergency, AMT can take control and even reclaim the devices from hackers. It also makes it easier to retire or rededicate PCs and notebooks by securely deleting drives at the end of their useful life.
However, remote access is not only important in the service of security. In view of the increasing number of remote workers, the topic of remote management is becoming increasingly important and this is exactly what Intel developed the Endpoint Management Assistant (EMA) for. It extends the management capabilities on remote computers so that system administrators can boot and patch computers remotely, upload system images and restore systems. On computers with integrated Intel HD graphics, the administrator can even operate the PC using KVM remote control (keyboard, video, mouse) as if he were sitting in front of it.
If the mobile computer is lost or stolen, another security fiasco threatens. In the worst case, the loss of sensitive business data and unforeseeable financial damage can be expected. For many companies, possible damage to their image, which can hardly be quantified financially, is likely to be even more serious.
The vPro platform can prevent such worst-case scenarios using a variety of multi-factor authentication functions. Multi-factor authentication such as fingerprint scanning or face recognition reliably protects mobile computers against identity theft – the data and identities are protected from prying eyes in the event of loss or theft.
How do the vPro security features perform in the eyes of analysts? According to the Forrester Consulting Total Economic Impact study mentioned at the beginning, the hardware-based security and management functions of the vPro platform clearly reduce the risks of data breaches in companies. 75 percent of the companies surveyed rated the computers as more secure than before by using the platform.
The platform is also worth it financially. Forrester analysts found vPro-based PCs reduced the time spent on security support by 7,680 hours annually. That means a risk-adjusted saving of $ 1.2 million over three years.