HP introduces "Sure Access Enterprise" to safeguard systems, data

HP Incorporated has announced the enhancements to its HP Wolf Security endpoint protection portfolio, with the launch of Sure Access Enterprise (SAE) that protects users with rights to access sensitive data, systems and applications.

The Global Head of Security for Personal Systems, HP, Ian Pratt, stated in a statement on Thursday that the SAE prevents attackers from hijacking privileged sessions.

Pratt said that even if the users' endpoint device was compromised, the access to high value data and systems could remain secure.

According to him, SAE is available for HP and non-HP devices, and leverages HP's unique task isolation technology to run each privileged access session within its own hardware-enforced virtual machine (VM).

Pratt said that SAE ensures the confidentiality and integrity of the data being accessed, isolating it from any malware in the endpoint operating system.

"Users are free to conduct privileged, non-privileged, and personal activities securely from one machine. This improves user experience, reduces IT overheads, and enhances protection.

"Gaining access to a privileged users' device is a critical step in the attack chain. From there, an attacker can scrape credentials, escalate privileges, move laterally, and exfiltrate sensitive data.

"SAE is a unique solution that prevents this escalation, thwarting attackers," he said.

Pratt added that organisations had several types of users ranging from IT administrators, IoT and OT support staff, through to customer support and finance teams that need to access privileged data, systems, and applications daily.

He noted that allowing these users to perform privileged and non-privileged tasks on the same PC comes with considerable risk.

"Even if a Privileged Access Management (PAM) system is used to control access to privileged systems, attackers can potentially still usurp privileged sessions, steal sensitive data and credentials, or insert malicious code and commands if the endpoint is compromised.

"Traditional best practice has been to issue privileged users with separate dedicated Privileged Access Workstations (PAW) that are used solely for privileged tasks. However, this inconveniences users and increases IT overheads purchasing and managing two systems.

"SAE uses advanced hardware-enforced virtualisation to create protected virtual machines that are isolated from the desktop operating system and hence cannot be viewed, influenced, or controlled by it.

"By isolating tasks in protected VMs, which are transparent to the end user, Sure Access Enterprise breaks the attack chain," Pratt said.

Pratt said that SAE could also be used to protect other sensitive assets such as protection of credit card details access by customer support at a retailer, patient data access at a healthcare provider, or connections to an Industrial Control System at a manufacturer.

Supreme reports that SAE is now available on https://www.hp.com/uk-en/security/endpoint-security-solutions.html and features strong Integrations with Privileged Access Management (PAM) solutions with details.