View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Step forward for server security

By John Oates

The uncomfortable truth about cyber security is that the new breed of attackers are behaving like a business. They invest in research and development and in improving both the targeting and the social engineering of their attacks.

Enterprises have to innovate at a similar rate in order to stay safe.

Hewlett Packard Enterprise believes its next generation of ProLiant servers have the right innovations to make them the most secure industry standard machines available.

A key loophole for cyber attacks is firmware – the read -only software which machines rely on for their most basic functions. This is the software which is embedded into hardware and gives it the simple instructions needed to ‘boot up’.

Firmware attacks have not been common compared to other forms of malware but there is evidence that ‘proof-of-concept’ code has been created and deployed.

Information Systems Audit and Control Association (ISACA) research found that more than half of cyber security professionals reported at least one incident of malware-infected firmware in 2016.

HPE is creating a ‘digital fingerprint’ of firmware on a chip within the server. This fingerprint is checked against actual firmware installed to check it is identical when the machine boots.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Any disparity between the fingerprint and the firmware and the machine shuts down.

Patrick Moorhead, president and principal analyst of technology analyst and advisory firm Moor Insights & Strategy, said: “A security breach in firmware is one of the most difficult to detect but can be one of the most damaging. Unfortunately, firmware is often overlooked in c-suite conversations about data center security, and cyber criminals are targeting this as a new attack surface. While many servers have some level of hardware security already

built-in, HPE is creating firmware security inextricably tied with its custom made silicon, to help customers protect against these malicious attacks.”

The stored firmware is also available as a back-up if needed.

Together with broader breach detection and encryption the system is a step forward in strengthening enterprise security.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU