Dell announces new protections for its PC and server supply chain

Dell to start using tamper-evident seals during physical transport and provide a software reset feature to wipe hard-drives before customer deployment.
Written by Catalin Cimpanu, Contributor
Image: Dell

PC maker powerhouse Dell announced today a flurry of new enterprise security solutions for the company's line of enterprise products.

The new services can be grouped into two categories, with (1) new solutions meant to protect the supply chain of Dell products while in transit to their customers and (2) new features meant to improve the security of Dell products while in use.

Physical supply-chain security

While Dell has previously invested in securing its customers' supply chains, the company has announced today three new services.

The first is named SafeSupply Chain Tamper Evident Services and, as its name implies, involves Dell adding anti-tampering seals to its devices, transport boxes, and even entire pallets before they leave Dell factories.

The anti-tampering seals will allow buyers of Dell equipment to determine if any intermediary agents or transporters have opened boxes or devices to alter physical components.

The second supply chain security offering, named the Dell SafeSupply Chain Data Sanitization Services, is meant for tampering made at the storage level.

"With a NIST-compliant hard drive wipe, Dell Technologies helps businesses ensure their device has a clean slate before they add their company image," Dell said today about this new service.

Further, Dell is also adding a new security feature named Secured Component Verification for its line of PowerEdge custom-ordered servers.

Dell says that with the help of an embedded cryptographically-signed certificate, companies would be able to verify that their PowerEdge servers arrive as they were ordered and built after the server is sealed and shipped from the factory.

According to Dell, the new Secured Component Verification will help by:

  • verifying that changes are not made to system components (e.g., memory or hard drive swap, I/O changes, etc.);
  • protecting against cybersecurity risks by meeting supply chain security standards across highly regulated industries such as financial and healthcare;
  • allowing customers to validate and deploy multiple servers efficiently, without having to audit each component in part.

New security features for in-use products

But Dell also rolled out updates to existing solutions to make managing the security of its devices much easier. One of these is an update to the Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise service that allows bulk management of Dell gear, which now supports the entire Dell Technologies infrastructure portfolio and third-party products, and not just a select list of products.

In addition, Dell will also launch next year a new security offering named Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise.

While it's a mouthful of a product name, this service allows companies to keep sensitive data stored on their devices and under their control while sensitive hardware parts are being replaced — a crucial privacy regulation that many companies must abide by while servicing their outdated enterprise infrastructure.

In addition, Dell is also rolling out the ability to customize the boot process of PowerEdge servers via its new PowerEdge UEFI Secure Boot Customization, which also comes with advanced mitigation for industry-wide bootloader vulnerabilities.

The same PowerEdge servers are also getting an update to their integrated Dell Remote Access Controller (iDRAC) service.

The new update will allow system administrators to lock down Dell systems by cutting off their network access without having to reboot systems.

Other security features included in the iDRAC updates include the ability to use multi-factor authentication when accessing iDRAC accounts and more scripting capabilities via the Redfish API.

And last but not least, iDRAC will also add support for Dell EMC OpenManage Ansible Modules so that system administrators can automate some PowerEdge security workflows such as user privilege configuration and data storage encryption.

Availability for the new services:

  • Dell SafeSupply Chain is currently available in the US for commercial PCs.
  • Dell Technologies Secured Component Verification on PowerEdge Servers will be available by the end of the calendar year 2020.
  • Dell EMC Data Sanitization for Enterprise and Data Destruction for Enterprise Services are currently available.
  • Dell EMC Keep Your Hard Drive for Enterprise and Keep Your Component for Enterprise Services are currently available.
  • Dell Technologies PowerEdge UEFI Secure Boot Customization is currently available.
  • iDRAC security updates will be available by the end of the calendar year 2020.
  • Dell EMC OpenManage Ansible Modules will be available beginning January 31, 2021.

All the major Intel vulnerabilities

Editorial standards