Professional Documents
Culture Documents
com
Inside:
CTOlabs.com
Executive Summary
The implementation of open standards and security protocols in hardware is providing a new foundation that enterprises can make use of to dramatically enhance the security and functionality of their information technology. But many organizations do not know of the significant benefits that can be gained by leveraging these capabilities, most of which are probably already in the hardware you have bought. Since todays advanced persistent threats exploit weaknesses that can be found in every layer of software, mitigating these threats requires full spectrum defenses that start with security features built into hardware. This paper provides information you need to know to enable these features in your enterprise.
Summary
Enterprise IT professionals have long sought increased means to automate management of their technology, especially when it comes to automation of security. Industry leaders have responded by establishing collegial standards bodies which help set systems management standards. The Distributed Management Task Force (DMTF), for example, is the leading industry standards group enabling more effective management of millions of IT systems worldwide. They bring the entire IT industry together to collaborate on the development, validation and promotion of systems management standards. The result: Firms like Intel Corporation are able to field DMTF implementations in hardware, resulting in enhanced security and functionality. Intels implementation of the DMTF standards is embodied in their vPro security suite.
An introduction to vPro
vPro technologies are implemented in the hardware and firmware of the Intel chipset in Intel Core 2 Duo computers and above which can provide everything from secure remote management to hardware-assisted virtualization to trusted execution of code (which ensures your systems are running the right code vice malicious software). Computers that do not have vPro technologies cannot tell whether or not they are running bad code. They simply compute whatever they are told. Computers
with vPro can take advantage of special chips that watch the computing on the primary chips and ensure the right/trusted code is being run. This provides a foundation of secure computing. The key capabilities of vPro are Active Management Technology (AMT) and Trusted Execution Technology (TXT).
CTOlabs.com
enabled software. For example, USB keyboards can be configured to have encrypted communications with the system, which will mitigate the ability of keyloggers to capture data. And software applications can be developed using more secure systems calls to the computer display, preventing other applications that might sniff internal communications from stealing sensitive information.
Theft Protection
Theft protection is provided in vPro by enabling the out-of-band communication capabilities builtin the to vPro system. This can alleviate fears about stolen laptops and desktops. IT departments can enable a secure, known only to the enterprise, poison pill. The poison pill is a code that can be sent remotely by system administrators from an asset management console to the device to render it inaccessible and useless by deleting encryption keys and disabling key boot processes. This code can be sent via wireless 3G, wired, WiFi, or SMS to the target device. When the poison pill is sent, the target computer a variety of actions can be kicked off. Different conditions can be set for the computer to activate its theft mode locally as well, such as a specified number of login failures, or failure to check in with the remote server after a designated time interval.
CTOlabs.com
Next Steps
Ensure your hardware has security coded in. And ensure your security team, integration partners and software tools are ready to leverage these advanced security features. Doing so will significantly enhance your security posture while enhancing user functionality. Not doing so will leave you open to the threats that challenge your enterprise.
CTOlabs.com is a technology research, consulting and services agency which focuses on firm. Crucial Point LLC focuses on the national security sector and the technologies required to enhance the security of the nation. Visit Crucial Point LLC online at http://crucialpointllc.com
Mr. Gourley was named one of the top 25 most influential CTOs in the globe by Infoworld in 2007, and selected for AFCEAs award for meritorious service to the intelligence community in 2008. He was named by Washingtonian magazine as one of DCs Tech Titans in 2009; and one of the Top 25 Most Fascinating Communicators in Government IT by the Gov2.0 community GovFresh. He holds three masters degrees, including a master of science degree in scientific and technical intelligence from the Naval Postgraduate School, a master of science degree in military science from USMC university, and a master of science degree in computer science from James Madison University. Mr.Gourley has published more than 40 articles on a wide range of topics and is a contributor to the book Threats in the Age of Obama (2009). He is a founding and current member of the board of directors of the Cyber Conflict Studies Association, and serves on the board of the Naval Intelligence Professionals, on the Intelligence Committee of AFCEA, and the Cyber Committee of INSA.
CTOlabs.com