Tuesday, October 28, 2014

Micron, Wave Systems, Lenovo and American Megatrends to create new industry standard to meet global security requirements

BOISE, USA: Micron Technology Inc.and Wave Systems Corp. intend to expand their collaboration to include Lenovo and American Megatrends Inc.(AMI).

The four companies plan to develop advanced enterprise-class security offerings to address the escalating concerns of governments and multinational businesses.

To meet the overall objective of verifying and securing software components, these solutions will significantly strengthen the Core Root of Trust for Measurement (CRTM) to offer best-in-class protection against current and emerging pre-boot threats within the supply chain. The companies intend for these solutions to form the basis of a new industry standard designed to ensure the integrity of the supply chain.

According to the 2014 Verizon DBIR report, supply chain vulnerabilities and third-party vendors are still a leading cause of enterprise data breaches (Source, Verizon DBIR, 2014). With major brands continually leaking sensitive enterprise data, it is becoming even more critical to architect a comprehensive enterprise security suite that protects memory content from its inception in manufacturing throughout a computing device's life cycle.

By providing verification of the CRTM, the first BIOS code that executes, the security of system measurements can be ensured rather than implicitly trusted, reducing the risk of supply chain attacks. A centrally managed security solution working in conjunction with a client's core root of trust for measurement provides client system integrity throughout the supply chain.

A combined security solution from Micron, Wave, Lenovo and AMI would address the foundational level of a client's security by enabling advanced protection, detection and recovery capabilities for memory content, creating an unrivaled level of trust from the supply chain to the corporate environment. The planned software solution will integrate with the Trusted Platform Module and other hardware components to provide notification, remote management, and further remediation options for the enterprise.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.