Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

Intel vPro: Security Beyond the PC

Intel vPro: Security Beyond the PC
By

How many connected devices does the average IT person work or live with? There are the easy targets: desktops, laptops, tablets, smartphones. But how about smart TVs or similarly smart TV adapters, Blu-ray players, amplifiers, exercise equipment, cars, gaming devices, and Internet radios?

According to third quarter survey results from Chetan Sharma Consulting, the average number of connected devices in the American home now stands at five. This represents 19% year-over-year growth for 2012. The numbers specifically for IT professionals may well be higher.

[image: Connected Devices][image: Connected Devices]

[Image: Connected Devices]

One Forbes writer recently predicted that by 2025, there will be more than six connected devices for every person on the planet, totaling more than 50 billion. This matters because each of those devices is a security risk, although few are treated as such. Each has its own hardware, operating system, and application stacks with their respective vulnerabilities. Could hackers someday be able to reach into people’s medical devices with the same frequency as their PCs? 

The answer will depend in part on whether the industry moves to make clients safer and better managed than PCs have been in the past. We recently detailed Intel’s latest vPro platform, which can help secure desktops and notebooks based on Intel’s vPro hardware platform. But this is only one part of addressing a larger problem. With 50 billion non-PC connected devices on the horizon, PCs could become the least of our security worries. Our collective “attack surface” is exploding. Similarly, many of these devices, regardless of their “intelligence” level, will connect in various ways to the cloud.

How can IT secure that connection? Intel’s vPro is only the opening of a broader discussion. 

As any IT security person knows, there is no single way to make a device secure. Networks need firewalls; clients need anti-malware software. Rogue devices can be screened through MAC address filters. But even the most stringent preparations can fail in the face of the most rudimentary appeals to human curiosity. Consider the Department of Homeland Security’s 2011 experiment in which computer disks and USB drives were liberally sprinkled around the parking lots of government buildings and contractor sites. As Government Security News reported, “60 percent of the people who picked up the media plugged them into their computers. For the media labeled with logos, the percentage was even higher -- 90 percent.” 

The deeper in the stack a threat inserts itself, the harder it can be to prevent and/or remediate. Some attacks insert malicious virtual machines. Rootkits can burrow underneath operating systems. With its latest third-generation, vPro-ready Core i3/i5/i7 processors, Intel is leveraging new virtualization tools to monitor kernel-level events, essentially sliding in next to the CPU bare metal to monitor what’s happening under the operating system

“It’s really, really hard to hack hardware,” says Intel enterprise technical specialist Ken Lloyd.“You pretty much have to have physical access to the machine. But moving security down to the hardware level—you can think of this as the DeepSafe patterns and rules -- it’s able to recognize not only known malware but also patterns. If there was a change in the device, a change in the boot sequence, I’m not going to let this machine boot. I’m going to hand this up to my threat intelligence center for McAfee to understand if it’s a real threat and, if so, what to do about it. This is really groundbreaking. There really is no other way to truly defend yourself against rootkits.”

William Van Winkle has been a full-time tech writer and author since 1998. He specializes in a wide range of coverage areas, including unified communications, virtualization, Cloud Computing, storage solutions and more. William lives in Hillsboro, Oregon with his wife and 2.4 kids, and—when not scrambling to meet article deadlines—he enjoys reading, travel, and writing fiction.

See here for all of William's Tom's IT Pro articles.