Dell's new BIOS security tool makes its laptops harder to hack

Giving you protection from the moment you hit that power button

Dell is planning to beef up security on its business laptops (and PCs) by introducing a new tool which helps to protect the UEFI (BIOS) from being compromised by malware.

This sort of attack is a thorny issue, as it's not something your typical security software – which sits in the operating system – can handle. And when it comes to the cure, even wiping your system drive won't help, because this is something that is kicking in at the first moment of boot-up – loading before the OS – and it requires the firmware to be flashed afresh to get rid of the issue.

So Dell has introduced this new tool which makes a copy of the clean UEFI which is kept in the cloud, and compares this snapshot with the machine's UEFI every time it boots. If something's been hacked or messed with, there'll be a discrepancy between the two which the comparison will flag up.

Automatic cleanse

The user or admin can then be notified of the problem, and the system subsequently reverted to the clean UEFI. That will still have to be done manually at this point, but in the future Dell aims to automate the entire process.

As David Konetski, Executive Director, End User Computing at Dell told PC World, in this ideal future scenario the hacked UEFI will be capable of "auto-remediating" itself, which would be pretty nifty indeed.

The system will be optional, and will cost extra for users who decide they'd like this level of protection. It will be available on Dell's Precision and OptiPlex models, along with XPS PCs and Venue Pro tablets.

Last autumn, Dell revealed a number of enterprise security solutions at Dell World, including a fresh approach to Advanced Persistent Threat (APT) detection and blocking, and better security for cloud apps.