08448380779 Call Girls In Civil Lines Women Seeking Men
Grant Thomas - Understanding Hardware Security Threats
1. BE THE FUTURE.
HP Endpoint Security Solutions
Grant Thomas
Growth Partner Sales Manager (UK&I)
2. Agenda
Introduction: HP Security – A track record in Endpoint Security
1) Device
a. HP SureStart (Self Healing BIOS)
b. HP SureRun
c. HP SureRecover
2) Identity
a. HP MIK
b. HP Image Assistant
c. HP Multi Factor Authentication
3) Data
a. HP SureView
b. HP SureClick
3. EMEA PrintOn! 2017
First
HP security: A track record in
endpoint security
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016
2017
HP Sure Start
self-healing BIOS
(PC & Print)
Firmware intrusion
detection (PC & Print)
Leadership with BIOS
security standard since
2011
(NIST 800-147, ISO 19678)
Cryptographically
secure BIOS
updates First Print security
services
Chair TCG Technical
Committee
Standard
Designed and established TPM
device
security standards (ISO 11889)
First to ship
Certified TPM
Standard
First
First
Standard
First
4. 2018
4
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
5. HP HARDENS THE SYSTEM WITH
HP ENDPOINT SECURITY CONTROLLER
BELOW THE OS
Firmware (BIOS, etc.)
Hardware HP Endpoint Security Controller
TRUSTED BIOS
HP Sure Start Gen42
Creating a Root of Trust: using the
HP ESC, HP’s BIOS is trusted to be
secure.
6. TAKING PROTECTION TO A NEW LEVEL: OS
HARDENING
IN THE OS
Operating System,
Software, Downloads
BELOW THE OS
Firmware (BIOS, etc.)
Hardware HP Endpoint Security Controller
TRUSTED BIOS
HP Sure Start Gen42
STRENGTHEN THE OS
HP Sure Run3, HP Sure Click8, HP Sure Recover4
In 2018, the HP Endpoint Security Controller will extend
HARDWARE-ENFORCED protection into the OS – building a
chain of trust.
7. ENFORCING COMPLIANCE WITH
MANAGEABILITY
IN THE OS
Operating System,
Software, Downloads
ABOVE THE OS
Manageability
BELOW THE OS
Firmware (BIOS, etc.)
Hardware
ENFORCE COMPLIANCE
HP Management Integration Toolkit6
HP Endpoint Security Controller
TRUSTED BIOS
HP Sure Start Gen42
STRENGTHEN THE OS
HP Sure Run3, HP Sure Click8, HP Sure Recover4
HP MIK ensures the systems continues working as it
should
8. 2018
8
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
9. DEFEND AGAINST DEVASTATING FIRMWARE
ATTACKS
Protect your BIOS with HP Sure Start Gen4 2
HP Sure Start is the industry’s first
and still the only self-healing BIOS.
The BIOS is the first million lines of code that
run. It is the key to your PC’s foundation.
Why should customers care?
Once the BIOS is corrupted, the hackers
“own” your PC: all other protection is useless.
Antivirus, anti-malware, and OS firewalls will not detect an
infected BIOS!
10. 2018
10
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
11. MALWARE TRIES TO ATTACK OS DEFENSES
Software security processes help keep your PC
safe:
• Antivirus in Windows Security Center stays on
the lookout to protect against known malware
• Firewall helps protect against attacks coming
through the network
• Cryptographic services keep your secrets
secured
Malware often tries to take out these
defenses
Designed to be the Most
Secure Windows Ever
Windows
10
HP
Products
OS
Processes
3rd Party
Processes
What makes sure these protections stay up and running?
12. MAKE SURE ATTACKERS CAN’T TURN OFF
YOUR ANTIVIRUS Protect critical security processes with HP Sure
Run3
HP Sure Run extends the HP Endpoint
Security Controller’s self-healing protection into
the OS.
It monitors key processes, alerts users and IT of
any changes, and restarts them automatically if
they’re stopped.
Designed to be the Most
Secure Windows Ever
Windows
10
HP
Products &
Processes
OS
Processe
s
3rd Party
Processe
s
OS
Processes
3rd Party
Processes
HP Sure Start
HP Sure Run
Secure the Processes that Secure your PC
HP Endpoint Security Controller enables
hardware-enforced application persistence
13. 2018
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
14. MINIMIZE DOWNTIME
Recover quickly with HP Sure Recover4
14
HP Sure Recover offers
secure, automated, network-
based software image
recovery.
Using the HP Endpoint Security Controller,
it can quickly and securely reimage
machines to HP’s or the company’s latest
software image - using only an internet
connection
!
Because HP Sure Recover4 is based in hardware, you
can reimage a PC, even from a bare hard drive.
15. REIMAGE ON DEMAND OR ON SCHEDULE
RESILIENT BY DEFAULT FOR SMB. CUSTOMIZABLE FOR ENTERPRISE.
User initiated IT
scheduled
!
FRESH START: IT can schedule
routine reimaging, so malware
doesn’t have a chance to stick
around.
• Ideal for Hospitality, Retail,
Healthcare, Education, etc.
ENABLING USERS to quickly
reimage their own machines
without IT support
AUTOMATED RECOVERY:
If no OS is found, the PC will
automatically present the user the
option to reimage
FLEXIBLE: Defaults to latest HP
image, or may be configured in
firmware to recover custom
enterprise image
16. 2018
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
17. ENSURE EVERY PC STAYS PROTECTED.
Enforce your company’s security policies with HP Manageability Integration Kit
Gen26
Set policies for HP Sure
View7 and additional HP
Software
Manage new! HP Security
features
• HP Sure Run3
• HP Sure Recover4
Manage policies for 3 factors
or VPN credentials in HP
Multi-Factor Authenticate5
New UI makes it even easier
for ITDMs to create and
manage policies
N O W Y O U C A N M A N A G E M O R E H P S E C U R I T Y, M O R E H P
F E AT U R E S
HP Manageability Integration Kit is
the first and only Microsoft certified plug in for
SCCM
now in its second generation.
18. IMPROVE YOUR IMAGE
Build better software images in minutes with HP Image Assistant
New for 2018!
• Image Assistant now supports HP
Thunderbolt dock firmware
• Now with quick access to Product
Change Notifications and Customer
Advisories
R E F E R E N
C E
I M A G E T A R G E T
I M A G E
Image Assistant will report:
• Security issues
• Driver issues
• BIOS settings
Can install missing or outdated
components
Essential for Win 10 transition
An essential, free IT Admin tool to
develop, maintain, and support
software images for optimal Windows
performance.
- Compare HP factory image to corporate image to uncover
latest drivers, BIOS updates, updated components, and
more
19. 2018
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Endpoint Security Controller
Key Additions and
Updates
HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
21. 2018
21
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
HP Sure View Gen27
Built-in privacy screen
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Sure Click8
Browsing security solution
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
22. WORK FREELY IN PUBLIC SPACES
HP Sure View Gen27: the world’s ONLY integrated PC privacy screen12
Now in it’s SECOND GENERATION, HP Sure View
Gen2 enables a better visual experience in light OR
dark environments – from the plane to the café
What’s New
• Performs great in BRIGHT and DARK environments
• IPS panel technology
• Improved 120Hz REFRESH RATE, for smooth motion
• Reduced display thickness - ULTRA-THIN DESIGNS
HP Sure View Gen27 protects
against visual hacking with the press
of a button.
23. 2018
23
ABOVE
THE
OS
IN
THE OS
BELOW
THE OS
HP Sure Start Gen42
Self-healing BIOS with Runtime Intrusion
Detection
HP BIOSphere Gen410
Comprehensive BIOS management
HP Client Security Manager
Gen4
• HP Multi-Factor Authenticate
Gen25
MFA with hardened policies, 3-factor, face
log-in
• HP SpareKey
Self-service password recovery
• HP Device Access Manager
Just-in-Time access for ports and devices
Certified Self-Encrypting Drives
HW data encryption
HP Work Wise11
Proximity-based authentication
HP Secure Erase9
Permanent data removal on HDD/SSD
DATADEVICE IDENTITY
HP Sure Run3
Protection for critical applications
HP Sure Recover4
Automated network-based image recovery
HP Image Assistant Gen3
Image creation and testing
HP MIK Gen26
Centralized security management
HP Endpoint Security Controller
Key Additions and
Updates
HP Sure Click8
Browsing security solution
HP Sure View Gen27
Built-in privacy screen
But let me clarify one thing: HP is not new to this topic. When we look to the future, we draw from a deep history.
In fact, we have been leading, inventing, reinventing endpoint security for the last 20 years.
We have a history of actively working with the industry to develop security standards that create a safer and more trusted internet, and introducing industry firsts, raising the bar in PC and print security over the years, and continuing to do so today in our most recent product portfolio.
For example, HP invented modern computer security architecture as you know it, working with leading industry partners like Microsoft or Intel. Almost a decade ago, we founded the Trusted Computing Group (which standardizes hw-based security for modern PCs: TPM, self-encrypting drives, …) where HP has always to this day held key leadership positions like the technical committee or the certification program chair.
HP invests millions of dollars in research and development at HP Labs, devoting substantial resources to innovate on security and stay ahead of ever-more-sophisticated security threats for the new Blended Reality future.
Some of our more recent firsts include:
First Print Security Services in 2016
HP Sure Start Self-healing BIOS in PC & Print (2013 and 2015)
Firmware Intrusion Detection built-in to our business printers and PCs
This particular slide
As you can see, this year the stack as expanded, highlighted by the