If you’re looking for a new PC - make sure it has these security features

 

20170226_SHOT5_B_CONFERENCE_DSC7019_original_rgb_r1_rgb-(1)

 

With cyberattacks increasing 238%1 during covid, and primarily targeting remote workers, you’re going to want a PC to protect you as much as possible. In today’s blog, we will be focusing on HP’s 2021 introduction of HP Wolf Security, a newly integrated portfolio of secure-by-design PCs, hardware-enforced endpoint security software, and endpoint security services built to protect customers from growing cyber threats. 

 

Firstly, we have to mention that HP’s new security platform wasn’t born yesterday. HP Wolf Security builds on over 20 years of security research and innovation to offer a unified portfolio for customers focused on delivering comprehensive endpoint protection and cyber-resiliency.

 

As we continue to see a significant number of people working from home, PC security is at risk. When business PCs are used outside of the secure office environment, traditional network-based security alone cannot meet security needs. 

 

In these changing times, endpoint devices are the first line of defense, and hardware-based PC security is needed more than ever. While the digital landscape keeps changing and security risks evolve, the security solutions engineered into HP Business PCs are designed to protect your business. 

 

From the moment your PC is switched on, the security products in the HP Wolf Security for Business portfolio work together in the background to protect your business PCs.

 

HP Wolf Security For Business Components

 

HP Endpoint Security Controller 

The HP Endpoint Security Controller is the hardware component at the foundation of the HP Business PC security architecture. This physically isolated and cryptographically protected hardware microcontroller below the OS creates the hardware root of trust that enables hardware-enforced, self-healing, manageable security solutions like the HP BIOSphere Sure Start, HP Sure Run, and HP Sure Recover. 

 

HP Biosphere Gen 6

Building on over a decade of BIOS security leadership, HP BIOSphere PC firmware automates BIOS protection and delivers improved manageability. The BIOS is a series of boot instructions used to load critical hardware components and initiate firmware. HP BIOSphere creates an ecosystem of protection around the BIOS below the OS to help defend your PC. With automated protections, customizable safeguards, and easy manageability, HP BIOSphere protects your PC against attacks without interrupting employee productivity.

 

HP Sure Start Gen 6

From the moment the PC is switched on, HP Sure Start works below the OS to protect the device by communicating with the HP BIOSphere to confirm the BIOS is unchanged. If any BIOS tampering is detected, HP Sure Start, in concert with the HP Security Controller, replaces the BIOS with a clean version and boots up the computer with clean and fully functional BIOS. HP Sure Start continues to perpetually inspect the system BIOS and automatically self-heals if the BIOS is damaged by malware, rootkits, or corruption. By ensuring that only trusted BIOS code is executed, HP Sure Start protects your PC at its most fundamental level. 

New for Gen6:

  • Now available on extended portfolio from ProBook 400 series to EliteBook 1000 series, including AMD PCs.
  • Smart Flash technology provides a 91% recovery time improvement by erasing and pre-programming any 4kb block that is not as it should be.
  • Endpoint Security Controller runtime intrusion detection delivers Memory Protection Unit (MPU) support within Endpoint Security Controller by detecting and blocking any rogue code execution on Endpoint Security Controller.
  • Protects against preboot DMA attacks on internal slots with visual on the bottom of Intel PCs.

 

HP Client Security Manager Gen7

HP Client Security Manager provides the strength of hardware-based security authentication to support the efforts of users and IT professionals to protect by configuring and controlling a variety of security features embedded in HP PCs within the OS, including HP Sure Run and HP Sure Recover. 

 

HP Sure Admin

HP Sure Admin provides IT professionals a path to move away from password-based BIOS management with an optional no password-required BIOS management tool. HP Sure Admin offers a modern approach based on strong public-key cryptography that can be used to securely manage HP business PC BIOS settings without the need to reveal the authorization secret. HP Sure Admin remote management tools offer an innovative way to empower the Remote Administrator and Locally Present Administrator to remotely manage HP business PC BIOS settings to serve the user quickly and securely. 

 

HP Sparekey 

Forgot your Windows password? HP SpareKey works within the OS to protect identity, reset passwords, and restore access to locked PCs without intervention from IT personnel by taking the user through a series of predetermined security questions. 

 

Certified Self-Encrypting Drives 

Self-encrypting hard drives and solid-state drives employ hardware-based encryption to protect their contents even after the drive is removed from the PC. And because the data encryption process is hardware-based, there’s little to no discernable impact on performance.

 

HP Secure Erase

Simply deleting files from a hard drive doesn’t make them unrecoverable. HP Secure Erase is a BIOS-level feature that protects data by permanently destroying sensitive information from hard drives and solid-state drives, ensuring the deleted information can never be recovered or compromised.

 

HP Sure Click

Users are increasingly accessing consumer and enterprise applications on the go, on untrusted networks, and often from their own personal devices. Web browsers are a primary attack vector for malware and other online threats. HP Sure Click provides a revolutionary solution developed through the collaboration of HP and Bromium, the pioneers of application isolation using patented micro-virtualization technology. HP Sure Click is a hardware-enforced, secure browsing solution within the OS that isolates web content in a CPU-isolated virtual machine, where malware cannot affect other tabs, applications, or the operating system. By effectively isolating the contained browser activity, HP Sure Click reduces the ability of a compromised process to do damage.

With HP Sure Click, the endpoint device can shrug off browser-borne attacks. Malware is blocked from accessing documents, enterprise intranets, or even other websites, and automatically erased when the browser tab is closed, thereby eliminating costly remediation and downtime. HP Sure Click task isolation protects users as they work and play, delivering unparalleled security and privacy within a fast, familiar, and responsive user experience.

 

HP Sure Sense

With an increasing risk of AI being used in malware attacks, Sure Sense is the HP solution that uses Deep Learning AI with malware protection capabilities that are light years ahead. HP Sure Sense detects zero-day never-before-seen threats and protects your PC in real-time. HP Sure Sense operates within the OS in concert with HP Sure Run to keep endpoints protected 24/7 whether or not the endpoint is online. The HP Sure Sense highly advanced Deep Learning algorithm scans every file on the endpoint and recognizes any new threats instinctively, even unknown zero-day attacks that traditional, signature-based antivirus software might miss. The HP Sure Sense instinctive malware recognition system needs to be updated only four times per year. HP Sure Sense ships on a select list of PCs and is also available as a Softpaq download so IT professionals can add it to the corporate image. HP Sure Sense protects against ransomware, exploits, spyware, and executable threats in real-time—investigating remediating and containing the threat in less than a minute. HP Sure Sense delivers all this powerful protection with a remarkably light usage of 1% CPU system resources.

 

HP Sure View

Even the best security software can’t prevent visual hacking—unauthorized users viewing confidential information on an unguarded display. HP has a solution to prevent data being compromised visually. At the touch of a button, HP Sure View protects data by activating an integrated privacy screen that makes data visible only to the user sitting directly in front of it. HP Sure View allows users to work confidently from any location without fear of on-screen data being compromised by prying eyes, yet users maintain the flexibility to share their screen with clients and colleagues with a single quick keystroke, toggling the feature on and off. No matter where you use your PC—on an airplane, in a healthcare setting, or at any remote location—HP Sure View empowers employees with the power of privacy. With HP Sure View, your screen is your own and you can choose to share the view or not. 

 

HP Tamper Lock

Due to open source information sharing among attackers, detailed instructions on how to perform attacks are now readily available to would-be attackers. It’s becoming much more common for attackers to physically open a PC chassis and hack into components to remove login passwords, modify traffic, or detect keystrokes. HP Tamper Lock detects when the PC chassis has been opened or tampered with, then generates a request for the HP Sure Admin BIOS password to be entered in order to boot the PC.

 

Conclusion

As the creator of the world’s most secure PCs, HP takes Business PC Security seriously. HP has engineered a robust suite of security tools that work synergistically to relentlessly protect your endpoint assets and your data, so you can focus on your business. Learn more about these HP Security Solutions with one of our VLCM reps by visiting www.vlcm.com/contact-us

 

For our short-list of business PCs featuring the above features of HP’s Wolf Security portfolio, take a look at our New Year, New PC guide at: www.vlcm.com/new-pc

 

  1. HP Wolf Security’s Blurred Lines & Blindspots Report