Tech News and Analysis

DR Technology

Secure Systems Need Hardware-Enhanced Tools, Intel Says

A new Intel study finds that while adoption of hardware-assisted security is still low, there is a lot of interest in how it can secure system layers such as the operating system and hypervisor.

Faced with a growing volume of increasingly sophisticated threats and the fact that data is distributed across multiple systems within the enterprise environment, organizations are realizing that hardware-assisted security capabilities are critical to a robust security strategy. In some cases, performance improvements come from having security baked into the hardware layer rather than installing yet another security software tool.

While only 36% of the 1,406 IT leaders surveyed by Intel say their organizations have deployed hardware-assisted security (HAS) solutions, there is strong interest in these types of technologies. Just under half, or 47%, say their organizations plan to adopt hardware-assisted security solutions in the next six months, and 23% say they plan to do so over the next 12 months.

Just a note: Hardware-assisted security (other terms include hardware-enabled or hardware-enhanced security) is different from hardware security, which focuses on protecting the physical devices and machines.

HAS uses hardware extensions and components to support the security of higher-level machine layers, which encompasses the BIOS, operating system, hypervisor, and installed applications. HAS can speed up security-related processing, protect memory bounds, secure random number generators, isolate app execution, and enable trusted computing via hardware components such as the trusted platform module (TPM) chip.

"[Companies] are demanding assurance capabilities and hardware-enhanced security solutions that help protect the entire compute stack," said Suzy Greenberg, vice president, Intel Product Assurance and Security, in a statement.

In Intel’s survey, 64% say they are more likely to purchase security from vendors considered to be “leading edge.” Two-thirds of the respondents say they are looking for vendors offering HAS elements, such as TPM and an open ecosystem. About a third of the respondents, or 31%, say they already use automated industry software/tools to plan and deploy security and functional updates for BIOS and firmware.

Of those organizations already using hardware-assisted security:

  • 85% of the respondents say hardware and firmware security is a top priority for their organizations.
  • 32% say they have implemented a zero-trust infrastructure strategy, while 75% say they are interested in zero-trust models.
  • 64% say it is important for a vendor to offer both hardware- and software-assisted security capabilities.

Intel says hardware-assisted security complements existing protocols and bolsters overall security hygiene. In the survey, 69% say hardware and firmware security solutions make it easier to manage vulnerabilities.

A little over half of these respondents say they have “good or significant visibility into whether their hardware and firmware are operating in a known good state,” according to the survey.