Article By David Konetski, Dell Fellow and Vice President, Client Solutions Office of the CTO Dell Technologies
Cybercriminals are opportunistic by nature, altering their attack methods to compromise endpoints and access critical data. This is never truer than during times of change such as now with the overnight shift to a global remote workforce. With cybercriminals ramping up activity, organizations need to protect their remote workers starting with the devices they use to get their jobs done.
One area attackers will target is the PC BIOS, the core system built deep inside the PC that controls critical operations like booting the PC and ensuring a secure configuration. To protect against BIOS attacks, organizations need built-in security solutions to protect endpoints. In response, Dell Technologies is introducing Dell SafeBIOS Events & Indicators of Attack (IoA) to further protect our commercial PCs, which are already the most secure in the industry. SafeBIOS Events & IoA uses behavior-based threat detection, at the BIOS level, to detect advanced endpoint threats.
With remote work increasing security gaps and the high economic pressure for businesses large and small to perform, Dell Technologies is arming customers with security solutions and best practices to better secure their PCs so they can stay focused on serving their end customers.
Dell SafeBIOS Events & Indicators of Attack
As workforces transition to remote work nearly overnight, organizations need to ensure their workers’ PCs are secure, starting below the operating system in the BIOS. Securing the BIOS is particularly critical because a compromised BIOS can potentially provide an attacker with access to all data on the endpoint, including high-value targets like credentials. In a worst-case scenario, attackers can leverage a compromised BIOS to move within an organization’s network and attack the broader IT infrastructure.
Organizations need the ability to detect when a malicious actor is on the move, altering BIOS configurations on endpoints as part of a larger attack strategy. SafeBIOS now provides the unique ability to generate Indicators of Attack on BIOS configurations, including changes and events that can signal an exploit. When BIOS configuration changes are detected that indicate a potential attack, security and IT teams are quickly alerted in their management consoles, allowing for swift isolation and remediation. SafeBIOS Events & IoA provides IT teams the visibility into BIOS configuration changes and analyzes these for potential threats – even during an ongoing attack.
Detection at this level allows organizations to respond to advanced threats quickly and successfully, interrupting the attack chain before it’s able to do more damage. The SafeBIOS Events & IoA utility is available globally today for download on Dell commercial PCs as part of the Dell Trusted Device solution.
Helping Organizations Securely Work from Home
As many organizations enable remote working, it is critical they have the security tools and knowledge to work safely and securely. That’s why Dell Technologies is offering existing customers flexible endpoint security solutions to help them:
- Better secure today’s new working model as quickly as possible with VMware Carbon Black who has eliminated endpoint limits until June 20, 2020.
- Pressure test remote work deployments with Secureworks’ accelerated vulnerability assessments, and get faster deployment and flexible payment options for Secureworks’ managed detection and response and incident response solutions.
- Securely deploy work-from-home devices with Dell Technologies who is offering temporary licenses for Dell Encryption until May 15, 2020.
For companies who have recently taken their workforces remote, check out this informational webcast interview with Dell Technologies Chief Security Officer John Scimone for insight into the broad range of security issues organizations face when supporting a remote workforce.
 Based on Dell internal analysis, January 2019