Dell Offers BIOS Verification for Commercial PCs

The product is part of Dell's Endpoint Security Suite Enterprise, and follows the announcement of a new security management offering for channel partners.

Dell PC

This week, Dell pushed its security ambitions even further with the announcement of a new post-boot BIOS verification solution aimed at protecting Dell's commercial PCs from malware during the boot process. Dell said the post-boot BIOS verification capabilities will be integrated into Dell commercial PCs that come with the purchase of an Endpoint Security Suite Enterprise license.

Dell’s Endpoint Security Suite Enterprise includes Cylance technology that uses artificial intelligence and machine learning to more proactively prevent advanced persistent threats (APTs) and malware. Cylance's anti-virus technology can protect systems against zero-day attacks as well as targeted attacks, such as spear phishing and ransomware, Dell said. The new offering stops 99 percent of malware and APTs, compared with a 50 percent success rate for competing solutions, according to the company.

The technology essentially enables businesses to compare and test a BIOS image from a Dell PC with one held by Dell in a BIOS lab, Dell said, noting that it’s better to do the comparing and testing in a secure cloud environment rather than on an infected PC.

The technology initially will be available on Dell's commercial PCs that are powered by a 6th generation chipset from Intel. Those systems include Latitude PCs that were announced at the 2016 Consumer Electronics Show last month and other Precision, OptiPlex and XPS PCs and Venue Pro tablets.

The new offering protects the firmware in the BIOS, which if attacked, damages the performance of the PC. It's designed to make sure that the systems are secure every time users boot them up, according to Brett Hansen, executive director of data security solutions at Dell.

"The growing complexity of BIOS-specific attacks, and with new malware variants possessing the ability to reinstall themselves within the BIOS, organizations need a more sophisticated way to know that their systems have not been compromised," Hansen said in a Feb. 4 statement.

Two days earlier, Dell unveiled a new identity and access management offering aimed at channel partners. Dell One Identity Safeguard for Privileged Passwords, available through the Dell Security channel, is designed to expand the network security portfolio that Dell partners can in turn offer customers. The goal is to offer end users—particularly midsize and smaller companies—complete network security protection from a single source, according to Dell officials.

"Managing privileged passwords doesn't have to be a challenging process for organizations, and giving our global channel partners a solution that simplifies the management of highly sensitive privileged passwords complements the strong set of security solutions they already can offer," Patrick Sweeney, vice president of product management and marketing for Dell Security, said in a statement.

The addition of the Dell One Identity Safeguard for Privileged Passwords for channel partners can help end users bring more protection to the vendor's SonicWall next-generation firewalls by locking down the passwords used for them, Dell said. It includes an easy-to-use interface that offers support through a pre-hardened appliance to protect end users during installation and operations. Eventually, Dell said, the interface will be expanded to enable it to manage all Dell privileged management solutions.

Security has been a main focus throughout Dell’s years-long transition from PC box maker to enterprise IT solutions provider.

The company has built up its security capabilities through the acquisition of SecureWorks, SonicWall and Credant Technologies. Now, it’s deepening that portfolio even more through its planned $67 billion acquisition of EMC. The deal includes security vendor RSA, one of the companies in EMC's federated business model. John McClurg, vice president and chief security officer at Dell, has said that his company is among the top enterprise security vendors in the world.