HP Launches Enterprise Security Edition to Boost Business PC Security

Highlights:

• HP Enterprise Security Edition offers multilayered protections to defend PC hardware and firmware against targeted physical attacks.
• HP Enterprise Security Edition introduces Firmware Lock to counter physical cyber threats.

HP Inc. has launched the HP Enterprise Security Edition, a new set of features designed to enhance the physical security of its business-grade personal computers.

The HP Enterprise Security Edition offers multilayered protection to safeguard PC hardware and firmware against targeted physical attacks. It also provides IT administrators with enhanced visibility to identify unauthorized firmware modifications and component tampering.

The release aims to tackle the growing risk of PCs being compromised by attackers with physical access, especially in an era where hybrid work and “work from anywhere” are the norm. HP emphasizes the importance of ensuring device integrity throughout their lifecycles, providing protection and visibility to reduce the risk of targeted attacks that could establish a persistent presence within an organization.

The HP Enterprise Security Edition tackles these challenges by safeguarding the hardware and firmware layers of PCs and enabling IT teams to detect any unauthorized alterations made by malicious third parties throughout a device’s lifecycle.

“Physical attacks are riskier and more difficult to perform, so they are typically targeted and organized, for instance, as part of a nation-state campaign or corporate espionage. But the lucrative market for selling access to corporate networks means more opportunistic attacks – spotting an unattended PC and briefly plugging in a Thunderbolt device – could be worth the risk for a cybercriminal,” said Dr. Ian Pratt, Global Head of security for Personal Systems at HP.

Through manipulation of device hardware and firmware, he noted, “attackers can gain an almost undetectable foothold on a device, which could help them gain access to a corporate network or mount destructive attacks. This is attractive to bad actors, providing them with unparalleled visibility and control – and multiple ways to monetize.”

To combat physical cyber threats, HP Enterprise Security Edition introduces Firmware Lock, a user-controlled protection mechanism at the firmware level that integrates with HP Sure Admin. Utilizing a cryptographic, passwordless authentication process, Firmware Lock enhances security beyond traditional operating system locks, preventing unauthorized access to the system boot or operating system if a PC is left unattended.

The suite also features Platform Certificates, digital credentials that validate the integrity of hardware and firmware components from manufacturing to the end of a device’s lifecycle. These certificates detect unauthorized changes to key elements like the processor, BIOS, and PCIe devices, providing IT administrators with improved visibility and control over potential tampering.

Sure Start Virtualization Protection, another key feature, provides pre-boot defense against malicious third-party hardware connected through Thunderbolt, USB-C, or PCIe ports. It safeguards the PC by isolating potential threats, running third-party firmware in a micro-virtual machine to prevent hardware infections, and protecting the PC’s firmware from compromised devices.

HP Enterprise Security Edition is now accessible on select HP PC platforms.