New Server Security Technologies Are Coming & Why We Need Them

 

 

The other day I had the opportunity to talk with Jeff Casazza and James Green from Intel’s Server Platform Group.  The topic? server security.  Our conversation was focused on the introduction of some new security technologies that are on their way and why we need them.  During our discussion, I found myself thinking back to my days in the US Navy, where security was a core topic of everything we did. The introduction of submarines transformed naval tactics and the stealth fighter changed aviation tactics.

 

 

So, why does IT put so much emphasis on information security?  … because the cost of a data breech is extremely high.  Imagine if a data breech of your IT systems resulted in losing employee social security numbers or customer information – the cost to recover that data (if possible) and the legal costs (penalties from regulatory agencies) is very, very high.   Jeff and James mentioned that business models are also exposed if these types of information escapes happen – a company’s brand, business and employee relationships could be at risk given the nature of trust and integrity that circle throughout our business.

 

 

Security always ranks high in importance, especially when we feel at risk.  As I have transitioned into my new role inside Intel IT, I have found a significant focus on security solutions especially as new threats (for profit attacks), new usages (client / server virtualization, cloud computing) and new collaboration tools (social media) challenge our existing paradigms of information security.

 

 

During my discussion, I learned about two technology standards that Intel is implementing for servers that reduce security risks and address the changing nature of information security attacks happening today and expected tomorrow.

 

 

Stealth Fighters Attacking Your Data: The nature of security attacks have changed.  Previous generation hackers used to target broad wide spread attacks on corporations or the worldwide web trying to disrupt business, gain notoriety with the ability to affect tens of thousands of people.  The newer generation attackers are seeking a smaller target .. a single laptop or a single server.  These new for-profit attacks are aimed at both industrial (business) or government entities and only need a single penetration into your infrastructure to get enough information to create a serious issue for your business.

 

 

Encryption: A solution to defend against the stealth fighter point attack on your data is increased encryption of data.  Data encryption is not new.  Secure Sockets Layer (SSL) encryption for communication over the internet, harddisk encryption and enterprise application encryption are all standard methods IT shops use to protect information.  Unfortunately, encryption is not free, and I’m not talking about purchase cost .. but rather compute cost.  Encryption is a compute intensive process that consumes processing cycles. Intel is planning on introducing new instructions for Advance Encryption Standards (AES-NI) that are intended to dramatically improve the efficiency of encryption in a future version of it’s processor micro architectures.

 

 

Submarines Seeking Your Data From Under Your Hypervisor: Much of the anti-virus and security protection that resides on servers and client machines resides and is run through either the Operating System, Hypervisor or Application layer.   New malware software and root kits are targeting systems at startup before the hypervisor and/or OS boot up undermining the protection you have at the higher levels of the application stack.

 

 

A new server technology from Intel, called Intel® Trusted Execution Technology (Intel TXT) works to ensure your system can boot up to the secure, protected environment you have deployed through your software stack.  In doing this, TXT ensures that your anti-virus software “perimeter” is secure and has not been compromised by a root kit “submarine”.  TXT has been available in Client Intel® vPro™ processor technology-based platforms since 2007.

 

Tune into the upcoming Intel Developers Forum (www.intel.com/idf) to learn more about plans for securing your server’s data and many other technology innovations from Intel.

 

 

Chris