Page 173 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 173

What’s more, employees may hold onto old laptops and PCs, creating further visibility and security gaps
            if these machines still carry sensitive corporate data.

            If organizations do not have a secure way to erase sensitive hardware and firmware data and enable
            safe decommissioning, they are missing out on quick and easy Environmental, Social, and Governance
            (ESG) wins. They are also unable to redeploy devices securely, and reduce the Total Cost of Ownership
            (TCO) of machines.




            The pathway to device security

            To  address  these  challenges,  organizations  should  first  bring  IT,  security  and  procurement  teams
            together to ensure they bring security requirements into purchasing decisions that consider the entire
            device lifecycle. Next, investigate solutions that flag when devices have been tampered with, and that
            enable zero-touch onboarding, as well as stronger alternatives to BIOS passwords. Organizations then
            need to prioritize devices and tools that allow hardware, firmware configurations, and security updates to
            be managed proactively and remotely across the fleet.

            Finally, organizations should look for devices that can securely and verifiably erase sensitive hardware
            and firmware data even when the devices are powered down – solutions that already exist on the market.
            This will streamline decommissioning and help organizations meet sustainability goals. Securing PCs,
            laptops and printers is often overlooked or taken for granted. But since they are critical entry points into
            corporate IT infrastructure, they must be judiciously procured, so that teams have the tools and device
            capabilities to enable them to closely manage, monitor, and securely decommission their fleets.



            About the Author

            Boris  Balacheff  is  Chief  Technologist  for  System  Security  Research  and
            Innovation  at  HP.  He  leads  HP's  Security  Lab's  research  strategy,  from
            analyzing and reporting on trends in the threat landscape, to designing security
            from the hardware and firmware up. Boris shapes security technology strategy
            at HP in partnership with HP business units and customers. He and his team
            drive  academic,  industry  and  government  collaborations  to  improve  on  the
            state of the art and progress standards, from supply chain security to migration
            to  post-quantum  cryptography.  Named  on  over  40  US  patents,  Boris  is  an
            inventor of modern approaches to hardware design for firmware and software
            resilience, and an early contributor to Trusted Computing standards and technologies. Boris is a Director
            of the Trusted Computing Group (TCG) where he chairs the Certification Program Committee.

            Boris can be reached online at LinkedIn https://www.linkedin.com/in/boris-balacheff-26381 and at our
            company website https://www.hp.com.









                                                                                                            173
   168   169   170   171   172   173   174   175   176   177   178