What are hardware roots of trust, and why does your enterprise need them?
Securing the enterprise is more challenging than ever. The number and sophistication of attacks have grown exponentially, while the defenses against them have not.
You can train employees to identify phishing emails, stop opening suspicious attachments, and use more sophisticated passwords. You can implement two-factor authentication, install intrusion prevention systems, and use artificial intelligence to detect malware. You can implement strict policies on data access and transport. But if the hardware you’re using has been corrupted, none of these mitigation measures matter.
The problem of tainted hardware has been exacerbated by the ongoing pandemic. Supply chain disruptions have caused manufacturers to seek out lower tier vendors, increasing the risk of corrupted or counterfeit components, notes Bentsi Ben-Atar, chief marketing officer and co-founder of Sepio Systems, which makes zero trust hardware solutions.
Then there are the relatively new threats like Spectre and Meltdown, which attack vulnerabilities within CPUs. (When the security threats start to sound like Bond villains, you know things have gotten really bad.)
How can enterprises make the hardware that runs their networks and applications more secure? It starts with trust—or, more accurately, the lack thereof.