Dell announces several new cyber security resources including a Zero Trust Center of Excellence.
Dell Technologies has announced a raft of new cyber security resources to help customers simplify zero-trust adoption and improve their cyber resiliency.
These include a new Zero Trust Center of Excellence for validating a zero-trust architecture for commercial enterprises, as well as new security advisory / vulnerability management services and products designed to enhance cyber security across hardware, firmware, software, and object storage.
Speaking during a media briefing on September 27, 2022, Dell Global CTO John Roese said that the firm’s Zero Trust Center of Excellence, which will launch in Spring 2023 in conjunction with the Maryland Innovation Security Institute and CyberPoint International, will provide a public-private partnership hub for the intelligence and defence community.
The centre will incorporate the Department of Defense Zero Trust Reference Architecture as its foundation for organisations to test configurations before deployment in their own environments.
“The idea behind it is that the US government arguably is ahead of commercial enterprises in defining things like the controls necessary for zero-trust,” he said. “In fact, they have about 130 controls identified to describe known good behaviour and to meet zero-trust objectives.”
Working closely with the government’s zero-trust architecture will allow Dell and organisations to improve product integration to get the ecosystem working together, and to turn these into reference architectures that will be repeatable blueprints for customers around the world, Roese stated.
“It’s in everyone’s interest to share our learnings about the right way to implement zero-trust, how to get identity policy and threat management tools working to achieve certain business controls, how to do the integration where the integration friction is, and how to overcome it. All that type of work will happen at this zero-trust centre of excellence, starting early next year.”
Dell expands cyber security service offerings to enhance cyber resiliency, vulnerability management
To further help organisations align with zero-trust principles and achieve better cyber resiliency, Dell announced that it is additionally launching new cyber security services.
Its Cybersecurity Advisory Services will provide organisations a roadmap to zero-trust that builds on their existing cyber security assets, helping businesses find and address security gaps, determine advanced technologies customers should implement, and learn how to enable continuous vigilance and governance for long-term cyber resiliency, Dell said.
To minimise attack surfaces and better protect organisations, Dell is also offering a Vulnerability Management Service with experts who regularly scan customer environments for vulnerabilities, provide a full picture of exposures and help prioritise patching efforts, the firm stated.
“Dell will be spending much more time with customers through our service organisation to help them on this journey,” Roese said. “There’s a big request for help because this is difficult, but it’s also something every customer we talk to wants to make progress with.”
In particular, the new vulnerability service will handle much of the vulnerability management heavy lifting and allow Dell customers to spend more time focusing on implementing things like zero-trust and reacting or responding to issues, he added.
New cyber security products protect hardware, firmware, and software
As for commercial products, Dell announced new endpoint and cyber protection solutions to help customers build cyber resilience.
These include hardware protections for commercial PCs, allowing customers to opt for Dell to disable PC ports prior to shipment to help prevent tampering of BIOS settings. Dell said it is also expanding availability of tamper-evident seals to Asia Pacific, Europe, the Middle East, and Africa to offer more physical security measures during shipment.
In addition, the vendor rolled out firmware protections to detect growing threats by detecting potential tampering of a PC’s BIOS with new integration of telemetry between Microsoft Intune, as part of Microsoft Endpoint Manager, and Splunk consoles. These capabilities will be available in a future release of Intune.
Also unveiled were advanced software protections with capabilities that can speed threat detection and remediation. Additionally, a new data loss prevention offering to help protect sensitive data from unauthorised downloads onto external USB storage devices.
Dell turns focus to object storage protection, recovery
Lastly, Dell announced enhanced cyber protection and recovery for object storage with its new ECS Enterprise Object Storage platform. The vendor said this has been designed to address the growth of object storage data with cyber protection features that isolate information, detect threats, and enable fast data recovery.
The platform expands cyber protection capabilities to help secure object data to an isolated cyber vault residing locally or in a remote environment, with AWS S3 protocol-accessible critical applications and backup servers that can access the isolated copy while supporting legal compliance in the event of a cyberattack that compromises the primary and secondary data copy, Dell added.
Roese said that object storage is becoming much more important for businesses.
“Bringing cyber vault technology and air gap technology into more of the primary storage systems is just very logical for us,” he added.
“I would argue that a well-informed enterprise’s strategy should consider cyber vaults and cyber recovery as a foundational component – that means an infrastructure that doesn’t have them is incomplete. We’re trying to make that easy by not necessarily requiring it to be a separate entity.”