The focus of security has shifted from the network to endpoints, in large part because of the switch to remote working during the pandemic. To cope with this situation and keep employees secure wherever they might be working from, a company needs the best possible defenses on its side. It needs HP Wolf Security.
The core of HP Wolf Security is that it is based at the hardware level on HP devices. The HP Endpoint Security Controller is the foundation of the stack. This is a physically isolated and cryptographically protected microcontroller that sits below the level of the operating system and orchestrates protective features as a secure root-of-trust.
The HP Endpoint Security Controller provides the hardware enforcement for HP BIOSphere, HP Sure Start, HP Sure Run, and HP Sure Recover. HP BIOSphere protects the BIOS as it starts the system hardware components and loads firmware. It prevents attacks so that this stage of the system initialization is secure. HP Sure Start works with BIOSphere to ensure the BIOS has loaded securely. In tandem with the HP Endpoint Security Controller, HP Sure Start can replace the BIOS with a clean version if it has been compromised. It also continually monitors and repairs damage from malware and rootkits, reducing the possibility of corruption. The latest Gen6 of HP Sure Start also protects against pre-boot direct attacks on system memory.
HP Sure Run keeps critical processes operational, preventing malware from shutting these down. Again, the HP Endpoint Security Controller helps monitor system routines, so Sure Run can alert users or the IT department if any changes occur, as well as restart processes automatically. HP Sure Run can also enforce policies, and the software agent itself can be reinstalled automatically if malware tries to stop it.
Another HP Wolf Security technology with powerful capabilities for reinstating a user’s computing environment is HP Sure Recover. This also works at the hardware level and allows machines to be recovered with the latest image using only a network connection. Using Embedded Reimaging***, the user can also reinstall their operating system and drivers from local storage without assistance from the IT department. This works even if the primary drive has been completely erased.
Speaking of erasing drives, HP Wolf’s Secure Erase is a BIOS-level deletion system that permanently erases sensitive information on hard drives and SSDs, so it can never be reinstated. This means storage devices can be disposed of safely without the need to physically destroy them. Select HP devices can also integrate certified self-encrypting drives that secure data with hardware-based encryption that keeps the files safe even if the drive is removed from the device.
Working remotely usually entails accessing multiple resources via browsers and cloud-based resources. This is a primary route of attack for cyberthreats. HP Wolf integrates Sure Click, which employs micro-virtualization technology developed in collaboration with Bromium and now owned by HP. This creates secure browsing where downloaded documents (as well as web content) are isolated within a micro-virtual machine (micro-VM). The result is that any malware infesting a document is contained in the micro-VM and cannot access any wider systems. Untrusted documents can even be edited and saved safely with the micro-VM.
Malware attacks are constantly evolving, which makes traditional signature-based detection ineffective. HP Wolf’s Sure Sense uses AI and deep learning to detect zero-day attacks in real time as they emerge. Files are scanned and new threats recognized by their behavior rather than their code. This protects against ransomware, exploits, spyware and other executable threats in tandem with HP Sure Run. Despite these powerful abilities, the algorithms used by HP Sure Sense only take 1% of system resources, producing a negligible effect on usability.
HP Wolf Security provides a host of facilities to keep devices safe for remote workers without on-site access to IT administration. But it also provides tools to help the IT department deliver the support workers need at a distance. HP Client Security Manager provides hardware authentication to configure and control security features such as HP Sure Run and HP Sure Recover. HP Sure Admin provides local and remote management for BIOS settings based on strong public key cryptography eliminating the need for a BIOS password.
HP devices are protected from physical forms of attack as well. HP Sure View narrows the angle of view of the screen at the touch of a button, to make it much harder for “shoulder surfers” to see the screen of a laptop being used in a public place, unless they are sitting right in front of it. HP Tamper Lock protects against attackers who try to circumvent system security by physically opening a device. It detects this tampering and notifies the user and IT department, with the possibility to initiate protective measurements upon detection.
All these facilities together provide an unprecedented level of safety for employees working remotely, as well as robust tools to help the IT department administer their systems from a distance. This is why you need HP devices with the Wolf on your side, to protect your employees against the new threats of remote work.
Disclaimer
From the maker of the world’s most secure PCs* and Printers**, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security*** provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services. For more information, visit www.hp.com/wolf
Disclaimer
*Based on HP’s unique and comprehensive security capabilities at no additional cost among vendors on HP Elite PCs with Windows and 8th Gen and higher Intel® processors or AMD Ryzen™ 4000 processors and higher; HP ProDesk 600 G6 with Intel® 10th Gen and higher processors; and HP ProBook 600 with AMD Ryzen™ 4000 or Intel® 11th Gen processors and higher.
Disclaimer
**HP’s most advanced embedded security features are available on HP Enterprise and HP Managed devices with HP FutureSmart firmware 4.5 or above. Claim based on HP review of 2021 published features of competitive in-class printers. Only HP offers a combination of security features to automatically detect, stop, and recover from attacks with a self-healing reboot, in alignment with NIST SP 800-193 guidelines for device cyber resiliency. For a list of compatible products, visit: hp.com/go/PrintersThatProtect. For more information, visit: hp.com/go/PrinterSecurityClaims.
Disclaimer
***HP Security is now HP Wolf Security. Security features vary by platform, please see product data sheet for details.
