Sealing Entry Points and Weak Links in the Environment – How Dell is Building an Iron Wall of Defense
Preparing for cyberattacks is just part of being a discerning business organization. These days, the road to cyber preparedness begins with studying organizations’ own vulnerabilities – and doing it often so that nothing escapes notice – rather than obsessing about the perils that live outside.
SecOps and SOCs are on perpetual overtime running tests, doing reconnaissance, scanning endpoints, configuring tools and keeping an eye on every single vector that can potentially become a vulnerability.
Laterally, they have to respond to a dizzying number of feeds and alerts sent down by both teams and tools in the environment.
Recognizing risks and vulnerabilities unique to the organization is foundational to cyber protection as it helps pick the right tools for the right risks. However, many companies are grappling to do this end-to-end in the environment.
Asking a few pointed questions can reveal deep details about the cyber health of an environment and tell you exactly where it’s lacking, says Sameer Shah.
“This is where organizations may have a feel for where they may have weaknesses and vulnerabilities specific to their environments,” he said.
Mr. Shah who is the marketing leader at Dell Technologies’ cyber portfolio pointed to some of these questions while presenting at the Security Field Day event in October.
Things like whether you have perimeter-based security implemented, or if you are protected against credential theft, he said, can instantly tell you if you are doing continuous verification, and how open the attack surface really is.
“A third of cyberattacks originate from some sort of credential theft or compromise,” Mr. Shah noted.
An equally worrying trend is rising physical and digital supply chain attacks that have exploded since the pandemic.
“We’ve seen digital supply chain issues related to open-source code,” he said. “A few months ago, there was an open-source code vulnerability that a Microsoft developer happened to find and patch before it could cause any damage. It was a good reminder that we also have to think about software development digital supply chain and ensure that those risks are addressed.”
In talking to many CEOs, Mr. Shah learned that IT leaders consider signed BIOS and firmware updates critical to maintaining foundational security. However, many of these organizations lacked consistency in their cyber security practices. For example, penetration testing, attack simulation and vulnerability management are “only as good as often as they are done. They are not one-and-done scenarios,” he said.
“It may seem kind of common sensical but when you think about the talent gap in cybersecurity, when you think about the understaffed and overworked SOC teams, the discipline falls as there’s a million alerts to deal with and not a big enough team. As a result, we are seeing a growing number of attacks that exploit vulnerabilities that exist from just the lack of regular patching.”
Through cycles of growth and regression, and continued evolution of the organization, these practices over and over ensure that tooling is synced with the changing risk profiles, he reminded.
Dell recognizes that there cannot be a silver bullet for the kinds of peril that exist today. However, embedding a set of security features in all products and solutions can annihilate a broad sweep of internal weak links.
So, keeping a few key strategies in near focus – most crucially zero-trust – and targeting outcomes like supply chain security, system hardening, containment and authentication, Dell has designed features that it has baked in across the length and breadth of its infrastructure and endpoint portfolio. These features, it says, will help organizations contract the attack surface and become slim targets to emerging threats.
Dell’s 14th generation PowerEdge servers are embedded with immutable, silicon-based Root of Trust (RoT). Designed into the hardware to protect against malware tampering, the silicon-based Root of Trust technology allows the servers to confirm the integrity of BIOS and iDRAC firmware, cryptographically.
“We burn read-only encryption keys into our PowerEdge servers at the factory during the manufacturing process which makes it immutable,” said Mr. Shah.
Security is built-in on the networking side too through features like cryptographic encryption for data in flight, network segmentation, ACL restrictions on the control plane and secure authentication.
One can never fully foresee the threats looming across the supply chain, nor have control over them. So Dell offers a range of endpoint security solutions that it says make its devices the “most secure commercial PCs.” Dell invites customers to do a feature-by-feature comparison with other vendors to back this claim.
Dell’s endpoint solutions are secure from the first boot. Through rigorous supply chain controls and a combination of hardware and software security that allows it to provide supply chain assurance, secure development lifecycle and secure component verification, Dell makes the endpoints secure by design.
Mr. Shah highlighted that security at the BIOS and firmware level helps assure the security of all devices in use.
In addition to features built into the box, Mr. Shah said that add-on features and software can be optionally added to PowerEdge servers for extra security.
Offered alongside these are a spectrum of solutions like readiness assessment, penetration testing, vulnerability scanning and attack simulation management – that help unmask hidden vulnerabilities.
“The services are a way to work in concert with the hardware to reduce the attack surface across the infrastructure.”
Furthermore, leveraging Dell Common Identity Management Solutions, users can create bespoke security solutions for use cases that apply across the portfolio.
“This isn’t a product; what it does is it makes security management simpler by ensuring that all products work together,” told Mr. Shah.
In 2023, IT and telecom became the second leading vertical to invest in the Identity and Access Management space. According to Futurum Intelligence estimates, the vertical captured approximately 22% of the total IAM market worldwide.
Go to Techfieldday.com to watch the Security Field Day presentations where Dell explains how the solutions work under the hood.