The many layers of endpoint security
Endpoint security now requires protection at every level
In the early days of personal computing, the main threat was viruses. First, these were distributed by removable storage sharing files and software. Then email provided a much more convenient way for hackers to disseminate viruses. But cyberthreats have come a long way since those times, and now the attacks are much more sophisticated. In fact, they operate at every level of the computer’s hardware and software, and beyond, which calls for many levels of security to combat the threats.
It is no longer possible just to protect a device with software. If you only secure at this level, cyberthreats will be targeted at the operating system, and if you secure that, the aim will be to compromise the level below that, and so on all the way down to the firmware. This is why security starts at the most basic level of the computer hardware. HP Wolf Security within PCs incorporates the HP Endpoint Security Controller with HP BIOSphere and Sure Start to protect this level. When the PC powers on, HP Sure Start validates the integrity of the BIOS, and can load from a known secure copy if this has been compromised. Any attempt to compromise system firmware is contained and neutralized before it can do any damage, and the boot-up process will start with a secure hardware root-of-trust.
Another modern cyberthreat attempts to inject code directly into memory, create buffer errors, or attack the memory registers of an application. This cannot be detected by traditional pattern-matching approaches to security. Instead, HP Wolf Security includes in-memory breach detection, which will spot these attempts as they occur and contain the errant code, rendering it harmless. This is enforced by the HP Endpoint Security Controller at the hardware level.
Operating System Level
One of the most common forms of cyberthreat attempts to compromise the operating system itself. Having a hardware root-of-trust keeping the BIOS secure prevents this route being used to compromise the operating system. HP Wolf Security for Business’s BIOSphere technology prevents attacks against the master boot record that loads the operating system. HP Sure Run then keeps critical processes running even if malware tries to shut them down, enforced at the hardware level by the HP Endpoint Security Controller. HP Sure Run will also reinstall its software agent if this is stopped and prevent the side effects of malware.
Instead of loading applications directly into memory, modern endpoint security can provide more robust threat containment by running these in their own virtual containers. HP Sure Click, part of HP Wolf Security, creates a complete micro-virtual machine for each browser tab or supported document, with each one hardware-enforced by the CPU and backed by the hardware root-of-trust from the HP Endpoint Security Controller.
HP Sure Access Enterprise isolates critical applications running on Microsoft Windows clients, by creating a hardware-protected virtual machine that is completely isolated from the Windows operating system. This VM secures memory, CPU state, disk structures, keyboard input, display outputs and network traffic. Even if the endpoint itself becomes compromised, this VM with critical applications running inside it remains isolated from the operating system and any malware, inaccessible to the threat.
Application-level malware is continually evolving, such as crypto-miners or “cryptojacking”, which only really came to the fore in the last couple of years. Traditional security systems play a constant game of catch-up to spot these threats. HP Wolf Security incorporates HP Sure Sense, leveraging deep learning and AI in tandem with HP Sure Run to scan files for new threats such as zero-day attacks, which traditional signature-based antivirus software can miss. By focusing on behavior rather than code, this method can contain and neutralize exploits that have never been seen before.
Above The Operating System
Not all levels of threat to endpoints are in the endpoint itself. For employees working remotely in public places, there is a physical, external layer to consider. HP laptops supporting Windows Hello ensure that nobody can learn your password by watching you enter it, because your password is biometric, such as your face. They also won’t be able to snoop easily at your screen, also known as shoulder surfing. HP devices with Wolf Security incorporate HP Sure View. The user can enable this in a public place to drastically reduce the viewing angle on their HP laptop’s screen so only they can see its contents when sitting directly in front of it.
A Level Playing Field
With the switching in emphasis from network to endpoint security as more workers operate remotely during and post-pandemic, companies must consider all the levels of attack now possible on endpoint devices. By taking precautions that address all these multiple layers, companies can ensure their employees work in a safe computing environment wherever they are. The most effective way of achieving this is by equipping your employees with devices that support HP Wolf Security. The portfolio includes versions for Home, Business, Pro Security for small to mid-sized businesses, and Enterprise Security for large companies and government. Selecting one of these appropriate to your business size will make sure your employees stay safe at every level.
From the maker of the world’s most secure PCs* and Printers**, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security*** provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services. For more information, visit www.hp.com/wolf
*Based on HP’s unique and comprehensive security capabilities at no additional cost among vendors on HP Elite PCs with Windows and 8th Gen and higher Intel® processors or AMD Ryzen™ 4000 processors and higher; HP ProDesk 600 G6 with Intel® 10th Gen and higher processors; and HP ProBook 600 with AMD Ryzen™ 4000 or Intel® 11th Gen processors and higher.
**HP’s most advanced embedded security features are available on HP Enterprise and HP Managed devices with HP FutureSmart firmware 4.5 or above. Claim based on HP review of 2021 published features of competitive in-class printers. Only HP offers a combination of security features to automatically detect, stop, and recover from attacks with a self-healing reboot, in alignment with NIST SP 800-193 guidelines for device cyber resiliency. For a list of compatible products, visit: hp.com/go/PrintersThatProtect. For more information, visit: hp.com/go/PrinterSecurityClaims.
***HP Security is now HP Wolf Security. Security features vary by platform, please see product data sheet for details.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download