Dell Announces New Supply Chain Security Offerings
Dell Technologies on Thursday announced new security offerings designed to address threats targeting the supply chain, a device’s boot process, and sensitive data.
For supply chain security, Dell unveiled SafeSupply Chain solutions. This includes SafeSupply Chain Tamper Evident Services, which involves adding tamper-evident seals to ensure a device has not been modified during transport — for extra security customers can also request pallet seals. The offering also includes SafeSupply Chain Data Sanitization Services, which enables organizations to perform a hard drive wipe before deploying their own images to ensure that there is no spyware or other malware on the device.
Dell also announced that EMC PowerEdge servers will use Secured Component Verification, which leverages an embedded certificate to cryptographically verify that the hardware has not been tampered with after it left the factory.
As for data security, Dell says its entire infrastructure portfolio now supports services for redeploying and retiring assets, specifically Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise. In addition, its Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise services ensure that sensitive data does not leave the customer’s control when components are being replaced.
In terms of boot security, Dell informed PowerEdge customers that they can customize the boot process on their servers to reduce the attack surface. This capability is called PowerEdge UEFI Secure Boot Customization.
PowerEdge server users have also been informed that the integrated Dell Remote Access Controller (iDRAC) allows them to enable or disable a system lockdown without the need for a reboot, preventing inadvertent or malicious modifications to firmware or configuration data. Dell says the latest iDRAC release (iDRAC9) gives users more control over the lockdown, and it offers stronger security controls with multi-factor authentication.
Most of these new services and capabilities are already available and the rest should become available by the end of the year.