Dell Technologies (NYSE: DELL) brings intrinsic security to the forefront with new solutions and services that protect customers’ data. By building security into its supply chain, services, infrastructure and devices, Dell Technologies helps customers lower risk and become more cyber resilient.

Organizations face increasing pressure to protect themselves and their customers as security risks intensify. The Dell Technologies 2020 Digital Transformation Index found that data privacy and cybersecurity concerns are the No. 1 barrier to digital transformation.² Recent Futurum Research also found that 56% of companies experienced an external cyberattack attributed to a vulnerability in hardware or silicon-level security.³

“As digital value is created, security threats follow,” said John Roese, global chief technology officer, Dell Technologies. “Security is the foundation of everything we do, and our intrinsic security approach addresses our customers’ need for trusted technology and partners to help them fend off attacks and lower business risk.”

For years, Dell has embedded hundreds of professional security engineers across the company to design and build security into its supply chain, services, infrastructure and devices. From hardware Root of Trust in PowerEdge servers and security below the operating system in Dell PCs, to end-to-end encryption in PowerMax and cyber recovery solutions in PowerProtect, security is top of mind.

“Every new technology and offering should have security at its core,” said Patrick Moorhead, president and principal analyst, Moor Insights & Strategy. “IT infrastructure must have built-in security at every juncture, and that security must be predictive rather than reactive, self-defending and generally resilient.”

Secure the supply chain and device lifecycle with end-to-end protection

More than three-quarters of organizations prioritize supply chain security during vendor selection³ to address security threats such as counterfeit components, malware and firmware tampering. Dell Technologies relieves these concerns with new supply chain security offerings and data security-focused services for Dell Technologies infrastructure and commercial PCs. The new offerings strengthen its comprehensive secure supply chain practices.

Protect PCs during transit: Dell commercial PCs – already the most secure in the industry¹ – are now available with more layers of supply chain security and integrity controls. Dell Technologies SafeSupply Chain solutions are offered on top of the Dell Secure Development Lifecycle and standard supply chain security measures. New solutions include:

• SafeSupply Chain Tamper Evident Services help protect against tampering during transport. Tamper-evident seals are added to the device and its box at the factory before shipping. Customers can choose optional pallet seals for extra security.
• SafeSupply Chain Data Sanitization Services prevent spyware or illicit agents from getting injected into a device’s hard drive. With a NIST-compliant hard drive wipe, Dell Technologies helps businesses ensure their device has a clean slate before they add their company image.

Validate server integrity upon arrival: The Dell EMC PowerEdge server portfolio now comes with Secured Component Verification, an embedded certificate that lets companies verify their servers arrive as they were ordered and built – without hardware compromise. Dell Technologies is the first server provider with a portfolio-wide solution for cryptographically verified hardware integrity.⁴ Also, PowerEdge servers are built with a cyber-resilient architecture, including a well-established silicon Root of Trust. The new Secured Component Verification:

• Verifies changes are not made to system components (e.g. memory or hard drive swap, I/O changes, etc.) after the server is sealed and shipped from the factory
• Protects against cybersecurity risks by meeting supply chain security standards across highly regulated industries such as financial and healthcare
• Allows customers to validate and deploy multiple servers efficiently

Redeploy, retire and keep assets securely: Dell Technologies extends its data security-focused services to the entire Dell Technologies infrastructure portfolio:

• Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise services⁵ now support the entire Dell Technologies infrastructure portfolio and third-party products.⁶ Dell can provide the services at the customer’s facility to help redeploy or retire assets according to the latest industry and compliance standards.
• Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise services⁷ are available for the entire infrastructure portfolio. Sensitive data never leaves customer control while parts are replaced, so businesses can abide by strict data privacy regulations.

Secure infrastructure with customization, automation and intelligence

Forty-four percent of organizations experienced at least one hardware-level or BIOS attack over the past 12 months and 16% have had more than one attack.³ Companies need to secure infrastructure at the hardware and firmware level to help prevent certain types of vulnerabilities and malicious attacks. Dell Technologies tackles these issues with new levels of security customization, automation and intelligence for the PowerEdge server portfolio.

Customize boot security for servers: The boot process is the secure foundation for any device. If the boot process is compromised, attackers can subvert security controls to access any part of the system. With Dell Technologies server security capabilities, IT staff can customize their server boot process to reduce the threat surface and thwart boot-related attacks. This exclusive capability⁸ – PowerEdge UEFI Secure Boot Customization – provides advanced mitigation for industry-wide bootloader vulnerabilities. This approach is featured in a recent United States National Security Agency report.

Lockdown servers to protect against threats: PowerEdge servers’ integrated Dell Remote Access Controller (iDRAC) offers automated server management both at the server and remotely. With iDRAC, customers can enable or disable a system lockdown without having to reboot. This Dell-only security feature⁹ prevents unintentional or malicious changes to the server’s firmware and critical configuration data. The newest release – iDRAC9 – extends the lockdown capability to include network interface controllers, providing customers more control over the lockdown. The latest release also:

• Offers stronger security controls with multi-factor authentication
• Enables Dell EMC OpenManage Ansible Modules to automate important PowerEdge security workflows such as user privilege configuration and data storage encryption
• Allows customers to manage iDRAC certificates via Redfish APIs for easy access scripting and to automate secure erase scripting across servers

Availability

• Dell SafeSupply Chain is currently available in the U.S. for commercial PCs.
• Dell Technologies Secured Component Verification on PowerEdge Servers will be available by the end of the calendar year 2020.
• Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise Services are currently available.
• Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise Services are currently available.
• Dell Technologies PowerEdge UEFI Secure Boot Customization is currently available.
• iDRAC security updates will be available by the end of the calendar year 2020.
• Dell EMC OpenManage Ansible Modules will be available January 31, 2021.

Additional resources

• Blog: Thrive with the Confidence of Cyber Resilience
• Paper: Dell Technologies Security Point of View
• Dell Technologies Security Transformation
• Connect with Dell via Twitter, Facebook, YouTube and LinkedIn

¹ Based on internal analysis, January 2020

² Dell Technologies 2020 Digital Transformation Index

³ Futurum Research, Four Keys to Navigating the Hardware Security Journey, Oct. 2020

⁴ Based on Dell analysis of publicly available data, October 2020. Available on PowerEdge 14G and 15G, except for XE7100, XE7420, XE7220, C6420 and C6525.

⁵ For more information, please see the Dell Media Sanitization Statement. Dell makes no recommendations regarding the customer’s security needs or representations regarding the effectiveness of one method of data removal over another. It is the customer’s responsibility to protect any confidential or sensitive information contained on its hard drives recovered by Dell.

⁶ Non-Dell branded products’ eligibility is based on technology type, not vendor.

⁷ Hard drive retention is not available on Chromebook or Venue tablets, except the Venue 11 Pro.

⁸ Feature available on PowerEdge 14 G and newer. Requires customer certificate(s).

⁹ Based on Dell analysis of publicly available data, Oct. 2020.