Brought to you by Data Center Knowledge
Data centers these days are busy replacing expensive hardware solutions with "software-defined" everything, but the trend is the opposite when it comes to security. While software still prevails in keeping servers secure, hardware is often being added to the mix as another layer of protection, especially during the boot process, when a computer is vulnerable to dangers such as maliciously modified firmware.
This trend started when UEFI — and Secure Boot — replaced BIOS on computers, and was carried a step further when Google began including an additional custom designed hardware security chip on all servers and peripherals in its data centers. In June, Hewlett Packard Enterprise followed suit and announced it was joining the secured-by-hardware crowd by including its own custom chip on its Gen10 servers. Lenovo also includes a degree of security-on-a-chip technology on its line of servers, through XClarity Controller.
There are several advantages to having security protections contained in chipsets that are separate from a server's CPUs. Being isolated from the server's main components, they are more difficult for an outside hacker who manages to get through a system's defenses to find and penetrate. In addition, they can utilize read-only memory that can be difficult or impossible to modify.
See also: Here's How Google Secures Its Cloud
At its Cloud Next event in March, Google unveiled a custom security chip
Is Offshore Hosting For You?
Find out why you too should be hosting offshore. Click here now!