A Guide to Hardware-Enforced PC Security

Adapted from The World's Most Secure PCs: A complete guide to HP security


Over 350,0001 new malware variants are created every day, and if you want to keep up - it's time to fight fire with fire. Traditional antivirus can't always recognize new attacks. To ensure you stay ahead, hardware-enforced security in every PC is critical to the overall security of your business. Our security team at VLCM strongly recommends arming your workforce with HP PC's that are designed at ALL levels of the OS with security measures that not only protect your device, but protect your identity and data as well. 


With HP Sure Sense, you can catch zero-day attacks


HP has developed proprietary deep learning algorithms and advanced neural network technology to instinctively recognize malware AND protect against never-before seen attacks.

HP Sure Sense harnesses the power of deep learning AI to provide real-time detection and prevention of zero-day threats coupled with behavioral detection of ransomware activity, all with minimal impact to system performance2.


HP security features designed to protect your data and IP


Each year the cost of a data breach rises, and in a never-ending security arms race, security spending rises in tandem.

Yet, the value of security goes far beyond a price tag to include your name, your reputation, and perhaps most importantly of all - your IP. HP offers a suite of solutions to protect all your assets from web threats, prying eyes, and malicious intruders on the brink of capturing your most sensitive data:


HP Sure Click

Web browsers are a primary attack vector for malware and other online threats. HP Sure Click is a hardware-enforced secure browsing solution that isolates web content in a CPU isolated virtual machine, where malware cannot affect other tabs, applications, or the operating system3.


HP Sure View

privacy screen

Even the best security software can’t prevent visual hacking—unauthorized users viewing confidential information on an unguarded display. At the touch of a button, HP Sure View activates an integrated privacy screen that makes data visible only to the user sitting directly in front of it4.


HP Privacy Camera

privacy camera

Work confidently knowing you’re not being spied upon, with the HP Privacy Camera, a physical shutter to protect from malicious surveillance5.


HP Secure Erase

Simply deleting files from a hard drive doesn’t make them unrecoverable. HP Secure Erase is a BIOS-level feature that permanently destroys sensitive information from hard drives and solid-state drives, so it can never be recovered or compromised6.


Certified Self-Encrypting Drives

Self-encrypting hard drives and solid-state drives employ hardware-based encryption to protect their contents even after the drive is removed from the PC. And because the data encryption process is hardware-based, there’s little or no discernible impact on performance7.


Rapidly recover compromised devices


There were over 3,800 data breaches in the first half of 2019 alone, this was up 54%8 compared to the same time the year before. The truth is, it’s hard to stop attacks entirely, which means the smartest IT teams recover the quickest.

HP’s suite of security of products can recover devices without the manual work. When it comes to advanced defense targeting malware, like H1N1, Sure Run provides network isolation to stop the attack from spreading beyond the first victim. For firmware attacks, like LoJax, Sure Start protects the BIOS. While in the case of wiper and ransomware attacks, like Satana, Sure Recover provides fast, effective recovery.


HP Sure Start


HP Sure Start perpetually inspects the system BIOS and automatically self-heals if the BIOS is damaged by malware, rootkits, or corruption. By ensuring that only trusted BIOS code is executed, HP Sure Start protects your PC at its most fundamental level9. It is the world’s only self-healing BIOS.


HP Sure Run

HP Sure Run uses hardware enforced protection to keep critical processes running, even if malware tries to shut them down. Backed by the HP Endpoint Security Controller, HP Sure Run monitors key processes, alerts users and IT of any changes, and restarts them automatically if they are stopped10.


HP Sure Recover

Built into system hardware and firmware, HP Sure Recover enables users to restore their machines quickly and securely to the latest image using only a network connection. It can even enable IT to schedule reimaging for the entire fleet11.


HP BIOSphere

multi factor

Building on over a decade of BIOS security leadership, HP BIOSphere offers an ecosystem of protections to help defend your PC, including automated protections, customizable safeguards, and easy manageability to protect against attacks without interrupting employee productivity12.


Introducing the new HP Elite Dragonfly - where smart security decision meet corporate expectations




Designed with both IT Managers and Corporate Professionals in mind, HP's 2020 Elite Dragonfly Laptop defies expectations. Packed with security and IT features that businesses demand, this "lighter-than-air" 2-in-1 laptop includes speedy hardware, 20-hour battery life, and can include a built-in Tile solution so users can find their device near or far - even when the PC is turned off. 

Most importantly, the Dragonfly features the world-class security features listed above.

Learn more about HP's Elite Dragonfly, and test it out with our 2-week demo at www.vlcmtech.com/dragonfly. 




1. AV-TEST Institute

2. HP Sure Sense is available on the new HP EliteBook 800 G6 series, as well as the HP ZBook 14u and HP ZBook 15u.

3. HP Sure Click is available on select HP platforms and supports Microsoft Internet Explorer and Chromium. Check http://h20195.www2.hp.com/v2/GetDocument.aspx?docname=4AA7-0922ENW for all compatible platforms as they become available.

4. HP Sure View integrated privacy screen is an optional feature that must be configured at purchase.

5. HP Privacy Camera only available PCs equipped with HD or IR camera and must be installed at the factory.

6. HP Secure Erase conforms to the methods outlined in the National Institute of Standards and Technology Special Publication 800-88 “Clear” sanitation method.

7. Self-encrypting drives are available as an option on select HP PCs.

8. TechRepublic, August 2019, Data breaches increased 54% in 2019 so far, https://www.techrepublic.com/article/data-breaches-increased-54-in-2019-so-far/

9. HP Sure Start Gen4 is available on HP Elite and HP Pro 600 products equipped with 8th generation Intel processors.

10. HP Sure Run is available on HP Elite products equipped with 8th generation Intel or AMD processors.

11. HP Sure Recover is available on HP Elite PCs with 8th generation Intel or AMD processors and requires an open, wired network connection. Not available on platforms with multiple internal storage drives or Intel Optane™. You must back up important files, data, photos, videos, etc. before use to avoid loss of data.

12. HP BIOSphere Gen4 requires 8th generation Intel® or AMD processors. Features may vary depending on the platform and configurations.