Robust Endpoint Security Begins With Hardware




A new malware specimen will emerge on the internet about every four seconds1. Yet this is just the tip of the iceberg - as threats to information security continue to grow, not just in frequency, but also in variety and scope. 


Hardware-enforced security in every PC is critical to the overall security of your business. Between the frequency of cyber threats and the security slip-ups non-IT employees are subject to (especially when working away from the office), it is imperative to have the strongest defense against the serious dangers that threaten your business. 


Read this blog to learn how HP PCs with hardware-enforced security running on the most secure Windows OS ever with Intel processors are your strongest defense against the serious dangers that threaten your business.


Very briefly, run though what exactly hardware-enforced security IS?




Hardware-enforced security has protection, detection, and recovering features embedded into every level of the operating system. 


HP’s line of Elite PCs, powered by 10th Gen Intel CorevPro processors deliver a comprehensive set of solutions and technologies to support a continuous foundation of protection for the device, your employee's identity, and your company data.


Let’s dive deeper, what specific security features do HP PCs have baked into their hardware?


From protecting your assets from web threats, prying eyes, and malicious intruders on the brink of capturing your most sensitive data, HP offers a suite of solutions to keep both your data AND your IP secure:


  1. Real time detection and prevention

    HP Sure Sense harnesses the power of deep learning AI to provide real-time detection and prevention of zero-day threats coupled with behavioral detection of ransomware activity, all with minimal impact to system performance.2
  2. Secure web browsing

    Web browsers are a primary attack vector for malware and other online threats. HP Sure Click is a hardware-enforced secure browsing solution that isolates web content in a CPU isolated virtual machine, where malware cannot affect other tabs, applications, or the operating system.3
  3. Visual hacking prevention

    Even the best security software can’t prevent visual hacking—unauthorized users viewing confidential information on an unguarded display. At the touch of a button, HP Sure View activates an integrated privacy screen that makes data visible only to the user sitting directly in front of it.4

  4. Physical privacy

    Work confidently knowing you’re not being spied upon, with the HP Privacy Camera, a physical shutter to protect from malicious surveillance.5

  5. Permanent destruction

    Simply deleting files from a hard drive doesn’t make them unrecoverable. HP Secure Erase is a BIOS-level feature that permanently destroys sensitive information from hard drives and solid-state drives, so it can never be recovered or compromised.6

  6. Hard drive and solid-state drive encryption

    Self-encrypting hard drives and solid-state drives employ hardware-based encryption to protect their contents even after the drive is removed from the PC. And because the data encryption process is hardware-based, there’s little or no discernible impact on performance.7

  7. Closing critical gaps

    On or offline, with or without power, before and after boot, hardened endpoints help close critical gaps that software can’t update. With Intel Inside®, more robust security has your back, working seamlessly in the background while staying out of people’s way. 

  8. Defend against modern threats

    by running with the most secure Windows OS EVER - Windows 10.


It’s always good to have a Plan B


There were over 3,800 data breaches in the first half of 2019 alone, this was up 54%8 compared to the same time the year before. The truth is, it’s hard to stop attacks entirely, which means the smartest IT teams have a Plan B to help PCs quickly recover. 


HP’s suite of security products can recover devices without manual work. When it comes to advanced defense targeting malware, like H1N1, Sure Run provides network isolation to stop the attack from spreading beyond the first victim. For firmware attacks, like LoJax, Sure Start protects the BIOS. While in the case of wiper and ransomware attacks, like Satana, Sure Recover provides fast, effective recovery.


Good security shouldn’t be overwhelming to manage


HP's hardware-enforced security comes with a complete, easy-to-manage ecosystem. Through HP Endpoint Security Controller is the hardware component at the foundation of the security architecture of HP’s Elite Line of PCs. Its physically isolated and cryptographically protected hardware creates the root of trust that enables hardware-enforced, self-healing, manageable security solutions like HP Sure Start, HP Sure Run and HP Sure Recover


HP Elite PCs also include tools to:

  • Help users and IT professionals configure and control the security features embedded into HP PCs
  • Keep your network and VPN safe through multi-factor authenticate
  • Safely reset passwords and restore access to locked PCs without IT personnel
  • Stay up to date with the latest software patches and upgrades
  • Maintain software and security settings across your fleet of PCs


The takeaway


VLCM’s team of cybersecurity experts strongly consider making the switch to hardware-enforced security PCs to better protect against cyberthreats and employee slip-ups. By deploying protected HP PCs powered by Intel and utilizing Windows 10, you can better defend, protect, and recover from malicious threats.


VLCM (pronounced val-com) is an HP Power Services Partner and an enterprise IT solutions provider focused on end-to-end data center and business solutions. From outfitting organizations with the right data center infrastructure, the right security, or the right PC solution, VLCM 'Gets IT Right' by partnering with the industry's top-performing hardware and software technology solutions, and it services organizations from all verticals and all sizes.


  1. AV-TEST, Security Report 2018/2019,
  2. HP Sure Sense is available on the new HP EliteBook 800 G6 series, as well as the HP ZBook 14u and HP ZBook 15u
  3. HP Sure Click is available on select HP platforms and supports Microsoft Internet Explorer and Chromium. Check for all compatible platforms as they become available.
  4. HP Sure View integrated privacy screen is an optional feature that must be configured at purchase.
  5. HP Privacy Camera only available PCs equipped with HD or IR camera and must be installed at the factory.
  6. HP Secure Erase conforms to the methods outlined in the National Institute of Standards and Technology Special Publication 800-88 “Clear” sanitation method.
  7. Self-encrypting drives are available as an option on select HP PCs.
  8. TechRepublic, August 2019, Data breaches increased 54% in 2019 so far,