I spent much of this week at HP’s Labs in Bristol England and this site, focused on security, is largely why the firm currently has the strongest security on their business class notebooks and business printers. I want much of this effort to eventually migrate to their consumer products where they aren’t as advanced because the effort should be to make every HP customer secure and—I expect—that will eventually happen. My current favorite laptop is the HP Spectre Folio, but it lacks the security features that define their business offerings—making for a hard choice when I’m choosing a laptop to carry with me when I travel.
Let’s talk about security this week and why HP’s business offerings stand out as more secure than their competitors.
The Need For Better Security
Let’s start with the threat landscape, and it is scary out there. According to HP there are 350K new pieces of malware introduced into the market every day. As automated systems that generate these things continue to develop, this attack vector is expected to become much worse going forward. Many of the new viruses attempt to install a rootkit under the operating system which often can’t be detected and won’t be removed even if you reinstall the operating system.
And we have an increasing number of nation state-level players and companies making money selling viruses as a business or emerging to help moderate between compromised companies and ransomware vendors. This last emerged because, often, even if you pay the ransom, you won’t get your information back. (As a side note, apparently some of the ransomware isn’t ransomware at all, it simply destroys the files leaving no path to recovery).
Can you imagine going to your CEO to pay a huge ransom only to find out the data is toast? I doubt that would end well. Oh, and I should add, that the latest trend is to focus on old systems, connected fax machines (seriously pull the plug on those puppies), Windows 7 PCs, and older printers because they lack the defenses to stop modern attacks. One interesting fact is there is a decline in zero day attacks because going after these old machines is so much easier—which certainly suggests getting rid of those older machines would be well advised.
Attacks aren’t just targeting the OS, either. They are attacking defects in the processor (recall Spectre and Meltdown on Intel for instance).
Virtually every time you, or one of your users, connects a new device to your network you are making a security decision and that decision could massively damage your company.
Sadly now, once a system is damaged increasingly the only way even to get it working again is to send it back to the manufacturer so they can remove and replace the compromised parts.
Given most of the breaches reported are the result of an employee clicking on something they shouldn’t, the fix for this isn’t just hardware—it is constantly training and reminding employees not to trust links or open files from suspicious emails or emails you weren’t anticipating. This last is because attackers often spoof the return address but if users would stop and think they can likely prevent much of the problem.
HP wraps their business PCs and printers with similar technology which allows these systems to not only better resist attack but to automatically recover from that attack. While HP has one of the most extensive “defense in depth” efforts on their platforms, three things stand out. One is the fact they are the only vendor using a true deep learning antivirus defense on their systems. The solution, from Deep Instinct, is still the only deep learning (previously called neural network) antivirus solution in market and the benefits aren’t just highly superior speed and accuracy in blocking viruses but a vastly reduced need for updates—providing more protection with far less disruption. Another is their unique on-device dedicated repository for recovery which can fully reset the machine automatically without IT becoming involved at all. Finally, they have hardware-enforced assurance which provides a level of nearly invulnerable protection over their business PCs and printers.
With printers, one of the common attack vectors is to remotely force the printer (and this could also work with virtually any IoT device) to leave the network, trick the printer to logging back onto a rogue network, learn its login information, then clone the printer and introduce the now compromised virtual printer onto the network and exploit it. To address this specific threat, HP has introduced a technology that far more accurately validates that the printer on your network is legitimate.
HP is making security one of their major competitive advantages, and the Labs in Bristol England are a showcase of this massive effort. They are making this effort because not only are the frequency and nature of attacks increasing—but the focus on older hardware and the ability to remotely identify this hardware are increasing dramatically. I should add, however, that even the best security solution will fail unless the users are constantly trained and reminded not to do stupid things like clicking on links in emails—even emails that seem to come from their own company’s executives. If the users are not actively part of the solution they will actively be a huge part of the problem and with the massive increase in the level of financial exposures due to the related liability and an increased focus on fines to punish firms that have avoidable breaches, this security focus should be a far higher priority than it now is.
I was impressed with HP’s effort, and I hope that the related competition will raise all boats in the proverbial harbor because everyone needs to be at least as secure as HP makes their customers.