Hardware security brings smarter IT management - Intel IT Center Connect
Mobility
Topics:BYODCloudData Center ServicesMobility
Security Lock Key

Hardware security brings smarter IT management

Arif Mohamed | Computerworld UK | 10th July 2014

Have you considered the full potential of hardware-based security and IT management? Today, hardware-based control features can reside on the processor, extending automation and control capabilities beyond what can be offered by software alone.

By using smart clients based on second-generation Intel® Core™ vPro™ processors, IT managers can gain an additional layer of built-in protection. It can expand their remote support capabilities and improve inventory accuracy – through writing asset data into protected memory.

Here’s how it works. By design, traditional software-based control features use in-band communication. These operate with the software stack in the operating system and are secured through the OS features.

With hardware-based control, IT managers can support remote PCs more efficiently by using an out-of-band communication tunnel to the remote PC.

This tunnel sits below the OS and the applications, goes through the TCP/IP firmware stack, and is secured with hardware-based TLS encryption and other robust methodologies.

This enables you to implement new, built-in security enforcement checkpoints. You can provide convenient remote support for wired and wireless PCs, unreachable by software solutions alone. You can also streamline and improve the accuracy of your PC and software inventory – all this at little to no additional cost.

Examples of robust hardware-based security features include:

Processor-based controls
Built-in controls continuously monitor all inbound and outbound network traffic, regardless of the state of the PC. If the hardware detects suspicious behaviour, it triggers the PC to port-isolate or cut off its own network data to quarantine a virus and prevent its proliferation.

Automated security tools
Based on intervals set by IT staff, a hardware-based control can poll PCs to make sure security agents and other business-critical applications are present and active at all times. If any PC fails to check in, an automatic alert is logged to the security console for IT intervention.

Security updates at any time
IT staff can push critical security updates for PCs at any time, regardless of their power state – whether they are on, off, hibernating or on standby.

Is your IT team taking advantage of hardware-based security?

To keep up to date with future articles published on the Intel IT Center, along with exclusive access to in-depth guidance, expert insights and a wealth of learning resources on the hottest topics in IT, register here.