Dell Technologies has announced a raft of new cybersecurity resources to help customers simplify zero-trust adoption and improve their cyber resiliency. These include a new Zero Trust Center of Excellence for validating a zero-trust architecture for commercial enterprises, as well as new security advisory/vulnerability management services and products designed to enhance cybersecurity across hardware, firmware, software, and object storage.
Dell’s Zero Trust Center of Excellence to be based on US government architecture
Speaking during a media briefing on September 27, 2022, Dell Global CTO John Roese said that the firm’s Zero Trust Center of Excellence, which will launch in Spring 2023 in conjunction with the Maryland Innovation Security Institute and CyberPoint International, will provide a public-private partnership hub for the intelligence and defense community. The center will incorporate the Department of Defense Zero Trust Reference Architecture as its foundation for organizations to test configurations before deployment in their own environments. “The idea behind it is that the US government arguably is ahead of commercial enterprises in defining things like the controls necessary for zero trust. In fact, they have about 130 controls identified to describe known good behavior and to meet zero-trust objectives.”
Working closely with the government’s zero-trust architecture will allow Dell and organizations to improve product integration to get the ecosystem working together, and to turn these into reference architectures that will be repeatable blueprints for customers around the world, Roese stated. “It’s in everyone’s interest to share our learnings about the right way to implement zero trust, how to get identity policy and threat management tools working to achieve certain business controls, how to do the integration where the integration friction is, and how to overcome it. All that type of work will happen at this zero-trust center of excellence, starting early next year.”
Dell expands cybersecurity service offerings to enhance cyber resiliency, vulnerability management
To further help organizations align with zero-trust principles and achieve better cyber resiliency, Dell announced that it is additionally launching new cybersecurity services. Its Cybersecurity Advisory Services will provide organizations a roadmap to zero trust that builds on their existing cybersecurity assets, helping businesses find and address security gaps, determine advanced technologies customers should implement, and learn how to enable continuous vigilance and governance for long-term cyber resiliency, Dell said.
To minimize attack surfaces and better protect organizations, Dell is also offering a Vulnerability Management Service with experts who regularly scan customer environments for vulnerabilities, provide a full picture of exposures and help prioritize patching efforts, the firm stated. “Dell will be spending much more time with customers through our service organization to help them on this journey. There’s a big request for help because this is difficult, but it’s also something every customer we talk to wants to make progress with,” Roese said. In particular, the new vulnerability service will handle much of the vulnerability management heavy lifting and allow Dell customers to spend more time focusing on implementing things like zero trust and reacting or responding to issues, he added.
New Dell cybersecurity products protect hardware, firmware, and software
As for commercial products, Dell announced new endpoint and cyber protection solutions to help customers build cyber resilience. These include:
- Hardware protections for commercial PCs, allowing customers to opt for Dell to disable PC ports prior to shipment to help prevent tampering of BIOS settings. Dell said it is also expanding availability of tamper-evident seals to Asia-Pacific, Europe, the Middle East, and Africa to offer more physical security measures during shipment.
- Firmware protections to detect growing threats by detecting potential tampering of a PC’s BIOS with new integration of telemetry between Microsoft Intune, as part of Microsoft Endpoint Manager, and Splunk consoles. These capabilities will be available in a future release of Intune.
- Advanced software protections with capabilities that can speed threat detection and remediation. Additionally, a new data loss prevention offering to help protect sensitive data from unauthorized downloads onto external USB storage devices.
Dell turns focus to object storage protection, recovery
Lastly, Dell announced enhanced cyber protection and recovery for object storage with its new ECS Enterprise Object Storage platform. The firm said this has been designed to address the growth of object storage data with cyber protection features that isolate information, detect threats, and enable fast data recovery. The platform expands cyber protection capabilities to help secure object data to an isolated cyber vault residing locally or in a remote environment, with AWS S3 protocol-accessible critical applications and backup servers that can access the isolated copy while supporting legal compliance in the event of a cyberattack that compromises the primary and secondary data copy, Dell added.
Roese said that object storage is becoming much more important for businesses. “Bringing cyber vault technology and air gap technology into more of the primary storage systems is just very logical for us. I would argue that a well-informed enterprise’s strategy should consider cyber vaults and cyber recovery as a foundational component – that means an infrastructure that doesn’t have them is incomplete. We’re trying to make that easy by not necessarily requiring it to be a separate entity.”
Gloss