Protect PCs during transit: Dell commercial PCs – already the most secure in the industry¹ – are now available with more layers of supply chain security and integrity controls. Dell Technologies SafeSupply Chain solutions are offered on top of the Dell Secure Development Lifecycle and standard supply chain security measures. New solutions include:

• SafeSupply Chain Tamper Evident Services help protect against tampering during transport. Tamper-evident seals are added to the device and its box at the factory before shipping. Customers can choose optional pallet seals for extra security.
• SafeSupply Chain Data Sanitization Services prevent spyware or illicit agents from getting injected into a device’s hard drive. With a NIST-compliant hard drive wipe, Dell Technologies helps businesses ensure their device has a clean slate before they add their company image.

Validate server integrity upon arrival: The Dell EMC PowerEdge server portfolio now comes with Secured Component Verification, an embedded certificate that lets companies verify their servers arrive as they were ordered and built – without hardware compromise. Dell Technologies is the first server provider with a portfolio-wide solution for cryptographically verified hardware integrity.⁴ Also, PowerEdge servers are built with a cyber-resilient architecture, including a well-established silicon Root of Trust. The new Secured Component Verification:

• Verifies changes are not made to system components (e.g. memory or hard drive swap, I/O changes, etc.) after the server is sealed and shipped from the factory
• Protects against cybersecurity risks by meeting supply chain security standards across highly regulated industries such as financial and healthcare
• Allows customers to validate and deploy multiple servers efficiently

Redeploy, retire and keep assets securely: Dell Technologies extends its data security-focused services to the entire Dell Technologies infrastructure portfolio:

• Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise services now support the entire Dell Technologies infrastructure portfolio and third-party products.⁶ Dell can provide the services at the customer’s facility to help redeploy or retire assets according to the latest industry and compliance standards.
• Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise services are available for the entire infrastructure portfolio. Sensitive data never leaves customer control while parts are replaced, so businesses can abide by strict data privacy regulations.

Secure infrastructure with customization, automation and intelligence

Forty-four percent of organizations experienced at least one hardware-level or BIOS attack over the past 12 months and 16% have had more than one attack. Companies need to secure infrastructure at the hardware and firmware level to help prevent certain types of vulnerabilities and malicious attacks. Dell Technologies tackles these issues with new levels of security customization, automation and intelligence for the PowerEdge server portfolio.

Customize boot security for servers: The boot process is the secure foundation for any device. If the boot process is compromised, attackers can subvert security controls to access any part of the system. With Dell Technologies server security capabilities, IT staff can customize their server boot process to reduce the threat surface and thwart boot-related attacks. This exclusive capability⁸ – PowerEdge UEFI Secure Boot Customization – provides advanced mitigation for industry-wide bootloader vulnerabilities. This approach is featured in a recent United States National Security Agency report.

Lockdown servers to protect against threats: PowerEdge servers’ integrated Dell Remote Access Controller (iDRAC) offers automated server management both at the server and remotely. With iDRAC, customers can enable or disable a system lockdown without having to reboot. This Dell-only security feature⁹ prevents unintentional or malicious changes to the server’s firmware and critical configuration data. The newest release – iDRAC9 – extends the lockdown capability to include network interface controllers, providing customers more control over the lockdown. The latest release also:

• Offers stronger security controls with multi-factor authentication
• Enables Dell EMC OpenManage Ansible Modules to automate important PowerEdge security workflows such as user privilege configuration and data storage encryption
• Allows customers to manage iDRAC certificates via Redfish APIs for easy access scripting and to automate secure erase scripting across servers

Availability

• Dell SafeSupply Chain is currently available in the U.S. for commercial PCs.
• Dell Technologies Secured Component Verification on PowerEdge Servers will be available by the end of the calendar year 2020.
• Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise Services are currently available.
• Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise Services are currently available.
• Dell Technologies PowerEdge UEFI Secure Boot Customization is currently available.
• iDRAC security updates will be available by the end of the calendar year 2020.
• Dell EMC OpenManage Ansible Modules will be available January 31, 2021.