How to create a secure foundation to keep your business safe

The nature and focus of cyber security has changed massively over the course of the decade thanks to the rapid distribution of the workforce and shifting employee attitudes. The increase in certain types of cyber attacks, too, has prompted businesses - of all sizes in a variety of sectors and geographies - to think more holistically about security and how best to safeguard critical assets. 

Hardware refresh timelines represent a prime example of the shifting lens through which IT decisions are made. Indeed, purchasing hardware used to be considered a fairly standard tick-box exercise, with organizations normally adhering to a three or four-year device lifecycle. However,  the mass move to hybrid and remote working, coupled with a move to protect business devices at every stage – from BIOS to applications – has knocked this slow-but-steady purchasing pattern off course. 

What’s more, the need to focus on preventing the exploitation of new attack vectors (rather than simply resolving any issues after the fact) means IT decision-makers have had to think fast and act decisively, with much of this work going under the radar. Indeed, a small contingent of IT heroes have been working tirelessly to protect their employees and their data. They’ve been helping businesses operate more securely and efficiently, often turning to devices powered by the Intel vPro® platform to ensure the hardware stack is as robust as possible for the post-pandemic threat landscape. 

It’s clear, then, that IT expedited hardware refresh cycles have moved from a luxury many organizations can only dream of funding, to a business necessity that cannot be ignored. 

In January 2023, Intel launched its 13th generation of the vPro platform, which includes critical threat prevention baked in.  All in all, this goes a long way to reducing a device’s attack surface by approximately 70% when compared with a four-year-old machine. 

Cyber security: A changing game

Much of the work IT professionals do on a day-to-day basis goes largely unnoticed. These teams – prevalent in most if not every organization – are the front line of defense against an onslaught of ever-evolving cyber attacks. But most employees don’t strike up interactions with IT staff unless something’s gone wrong. Indeed, when things go right, most employees barely hear a peep from their corporate IT heroes, save for the occasional policy update. The transition from largely in-office working to remote and hybrid working is a perfect example of the additional and often unrecognized work IT teams have put into keeping businesses running, and ensuring employees and assets remain as highly protected as possible.

Flexible and remote working as well as initiatives such as Bring Your Own Device (BYOD) are not inherently new to organizations. But, if we cast our minds back to March 2020, we witnessed an accelerated transition from predominately office-based roles to - in some cases - entirely home-based working. And this move wasn’t as simple as taking out a corporate machine or using your personal PC for work. Hardware provisioning, remote login, setting up virtual private networks (VPNs), ensuring multi-factor authentication (MFA) was enabled, and more measures, were key to ensuring employees were as protected as possible when accessing critical business assets from beyond the business’ perimeter.  

Regardless of the size of an organization, or its sector, the challenges involved remained largely the same in nature, although it’s true that they might vary by scale and severity. Now the dust has settled on pandemic-led changes, the unsung IT heroes are at work once again reviewing the provisioned devices, and assessing whether they’re fit for purpose to meet the security challenges of the post-pandemic landscape. Often, they’re looking for devices powered by Intel vPro, due to its raft of secure-by-design features.

Protecting a device from top to bottom

The importance of a solid security foundation built into the device is underlined by the changing nature of threats facing the enterprise. It isn’t enough in today’s age to rely on protection against vulnerabilities found in applications, or phishing attacks. Indeed, while such threats are certainly pertinent, there are also vulnerabilities in physical hardware as well as the firmware and BIOS software – that connect with the hardware – which must all be protected against. Other layers that need protection are the hypervisor, virtual machine (VM), and the operating system.    

There are a variety of attacks that are either already in circulation or becoming increasingly prevalent, including side-channel, modification, eavesdropping, and supply chain threats in which unauthorized devices are sold to organizations. To protect against these types of exploits, IT teams must take a number of measures including minimizing the attack surface, encrypting all devices, providing real-time monitoring and updating firmware, as well as refreshing older devices. Strong physical security must also be guaranteed, with policies ensuring hardware components are secured where possible. 

Finally, security is needed below the operating system, with features implemented that can, for example, lock down memory in the BIOS when the software runs, to prevent injected malware from compromising the operating system. Running VMs too can allow for security-based isolation, with virtualization with hardware-based encryption helping to protect data at every layer of a machine. 

Building a secure foundation for business success

Given the potent combination of more prevalent hardware-centric cyber security threats, combined with the shifts businesses have sustained post-COVID, IT decision-makers are increasingly ditching the previous approach to hardware refreshes. Devices across the enterprise need top-to-bottom protection, from the CPU level to web security, and most businesses will find themselves managing a fleet of devices from different eras, and therefore of different competencies. Migrating to modern, protected hardware, especially systems powered by Intel vPro, is critical to guaranteeing there are no blind spots or gaps across the estate.

Intel vPro-enabled laptops are built with businesses in mind, and – beyond their lightweight and stylish design – offer business-class performance alongside long battery life and a superior videoconferencing experience. But, more importantly, these devices are built fundamentally with hardware-based security as well as cloud and on-premise modern manageability in mind. 

These units feature security below the operating system, application and data protection, as well as advanced threat protection. Intel vPro also harnesses Intel Thread Director, which allocates a high-resource workload intelligently in 12th Gen and 13th Gen processors. Finally, it facilitates advanced threat detection without disrupting workflow. This comes alongside tools to ensure comprehensive device management, with IT teams able to offer support remotely and even outside of the firewall or when the operating system is down, thanks to out-of-band remote management.  

“For nearly two decades, we’ve been committed to our mission of delivering products and technologies that keep organizations running and workers productive,” said Stephanie Hallford, Intel vice president and general manager of the Commercial Client Division.

“With our new 13th Gen Intel Core processors, the Intel vPro platform remains the premier business computing foundation, providing the best in security, business management and performance for organizations of all sizes.”

IT teams have done a tremendous amount of work in the last few years to keep employees and their organizations safe and secure, whilst ensuring business as usual and productivity gains rather than losses. 

With the latest Intel vPro technology, organizations can take advantage of a number of additional performance benefits. 

These, according to Intel, include:

• Windows application performance that is up to 65% faster when pitted against a three--year-old desktop PC.
• Content creation that is up to 45% faster when multitasking than a current AMD desktop.
• Accelerated (up to 2.3 times) Windows application performance when compared to a three-year-old mobile machine. 
• Increased Windows application performance compared with other devices (up to 40% faster vs a current AMD notebook and up to 25% quicker than an Apple M2).
• Expedited report creation and collaboration (speed increase of up to 58% vs a current AMD notebook).

It’s fair to say that, sometimes, IT heroes have not been given the widespread recognition they perhaps deserve. With the landscape continuing to change and threats intensifying, these same unsung heroes need the best possible tools available to ensure they can continue this invaluable work in the days, weeks, months, years and decades to come.

For more information, please visit intel.co.uk/itheroes