HP Inc., a multinational information technology company, has announced enhancements to its HP Wolf Security endpoint protection portfolio through the launch of Sure Access Enterprise (SAE), which protects users with the right to access sensitive data, systems, and applications.
SAE safeguards against attackers from hijacking these privileged sessions; regardless of whether the users’ endpoint device is compromised, access to high-value data and systems remains safe. This prevents modest endpoint compromises from escalating into significant security problems. The program utilizes HP’s unique task isolation technology to operate each privileged access session within its own hardware-enforced virtual machine (VM). The program is available for both HP and non-HP devices.
In addition, the application safeguards the privacy and authenticity of the data by separating it from any malicious software running on the Operating endpoint system. Users can safely perform privileged, non-privileged, and personal activities from a single computer. This improves the user experience, lowers IT costs and increases security.
Ian Pratt, Global Head of Security for Personal Systems at HP Inc., said, “Securing access to the device of a privileged user is a vital stage in the attack chain.” An attacker can scrape credentials, elevate privileges, move laterally, and exfiltrate sensitive data from this point. “Sure Access Enterprise is a unique solution that prevents escalation and thwarts attackers.”
Read also: Africa Data Centre Joins Force With IXPN Nigeria
Significant importance of SAE to organizations
In organizations, several users may regularly need access to privileged information, systems, and applications, ranging from IT administrators and IoT/OT support employees to customer service representatives and accounting professionals. There is a high degree of vulnerability in allowing these users to carry out privileged and non-privileged tasks on the same PC.
If the endpoint is hacked, attackers may be able to hijack privileged sessions, acquire sensitive data and credentials, or inject malicious code and instructions (for instance, through injected keystrokes, clipboard capture, or memory scraping). This can still occur even if a Privileged Access Management (PAM) system is used to manage access to privileged systems.
The standard protocol has always been to provide privileged’ users with unique Privileged Access Workstations (PAW) with which they can perform only specified activities. However, this causes difficulties for end users and raises IT costs due to the necessity to purchase and manage two different systems.
The program can also secure critical assets
SAE creates protected VMs leveraging sophisticated hardware-enforced virtualization that is segregated from the desktop operating system and thus cannot be accessed, manipulated, or controlled by it. Hence, without the operational expense and complexity of issuing a separate PAW, the confidentiality and integrity of the application and data within the protected VM can be secured.
Pratt elaborates, “Sure Access Enterprise breaks the attack chain by isolating tasks in protected VMs, which are transparent to the end user.” “As well as protecting System Administrators accessing high-value servers, SAE can be used to protect other sensitive assets – for example, protecting credit card details accessed by customer support at a retailer, patient data access at a healthcare provider, or connections to an Industrial Control System at a manufacturer.”
Sure Access Enterprise is now available. Highlighted below are its features:
- Strong Integrations with Privileged Access Management (PAM) solutions (e.g., CyberArk, BeyondTrust), IPSec remote access tunnels and Multifactor Authentication (MFA).
- Centralized Management enables separation of duties and flexible policy options – such as locking connections to specific PCs or users or requiring HP Sure View activation for privacy.
- Hardware root of trust, supported by the latest Intel® technologies, to prevent malware from bypassing security controls
- Encrypted, tamper-resistant session logging to track access without recording sensitive data or credentials, easing compliance.
About HP Wolf Security
HP Wolf Protection is new endpoint security from the makers of the world’s most secure PCs and printers. HP’s portfolio of hardware-enforced security and endpoint-focused security services is intended to assist enterprises in protecting PCs, printers, and people from cyber predators. HP Wolf Security offers full endpoint protection and resilience, beginning with hardware and extending to software and services.