PALO ALTO, Calif., October 20, 2022 —– HP Inc. (NYSE: HPQ) today announced enhancements to its HP Wolf Security endpoint protection portfolio, with the launch of Sure Access Enterprise (SAE). SAE protects users with access rights to sensitive data, systems and applications. It prevents attackers from hijacking these privileged sessions – even if users’ endpoints are compromised, access to high-value data and systems can remain secure. This prevents minor endpoint breaches from turning into major security incidents.
Available for HP and non-HP devices, SAE leverages HP’s unique task isolation technology to run each privileged access session within its own hardware-enforced virtual machine (VM). This guarantees the confidentiality and integrity of the data consulted, isolating them from any malicious software in the operating system of the terminal. Users are free to conduct privileged, unprivileged, and personal activities securely from a single machine. This improves user experience, reduces IT overhead, and improves protection.
“Access to a privileged user’s device is a critical step in the attack chain. From there, an attacker can strip credentials, elevate privileges, move laterally, and exfiltrate sensitive data. commented Ian Pratt, Global Head of Personal Systems Security at HP Inc. “Sure Access Enterprise is a unique solution that prevents this escalation and thwarts attackers.
Organizations have multiple types of users who need daily access to privileged data, systems, and applications. These users range from IT administrators, IoT and OT support staff, to customer support and finance teams. Allowing these users to perform privileged and non-privileged tasks on the same PC carries considerable risk. Even if a privileged access management (PAM) system is used to control access to privileged systems, attackers can still spoof privileged sessions, steal sensitive data and credentials, or insert code and commands malicious (for example, via injected keystrokes, clipboard capture, or memory scraping) if the endpoint is compromised. Traditional best practice is to assign privileged users to separate dedicated Privileged Access Workstations (PAWs) that are used only for privileged tasks. However, this inconveniences users and increases the IT overhead of buying and managing two systems.
SAE uses advanced hardware-enhanced virtualization to create shielded virtual machines that are isolated from the workstation’s operating system and therefore cannot be viewed, influenced, or controlled by it. Thus, the confidentiality and integrity of the application and data inside the protected virtual machine can be ensured, without the operational cost and complexity of issuing a separate PAW.
“By isolating tasks in shielded virtual machines, which are transparent to the end user, Sure Access Enterprise breaks the attack chain,” continues Pratt. “In addition to protecting system administrators who access high-value servers, SAE can be used to protect other sensitive assets – for example, protecting credit card details accessed by customer support at a retailer, access to patient data at a healthcare provider or connections to an Industrial Control System at a manufacturer.
Sure Access Enterprise is available now and offers:
- Solid integrations with Privileged Access Management (PAM) solutions (e.g., CyberArk, BeyondTrust), IPSec remote access tunnels, and multi-factor authentication (MFA).
- Centralized management to enable segregation of duties and flexible policy options, such as locking connections to specific PCs or users or requiring HP Sure View to be enabled for privacy.
- Hardware root of trustsupported by the latest Intel® technologies, to prevent malware from bypassing security controls
- Encrypted and tamper-proof session recording to track access, without logging sensitive data or credentials, making compliance easier.
To learn more, visit: https://www.hp.com/uk-en/security/endpoint-security-solutions.html
HP Inc. is a technology company that believes that a thoughtful idea has the power to change the world. Its product and service portfolio of personal systems, printers and 3D printing solutions helps bring these ideas to life. Visit http://www.hp.com.
About HP Wolf Security
From the maker of the world’s most secure PCs and printers, HP Wolf Security is a new generation of endpoint security. HP’s portfolio of hardware-enhanced security services and endpoint-centric security services are designed to help organizations protect PCs, printers and people from surrounded cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends to software and services.