UC Advanced - issue #14

57% suffer from FOMU (Fear of Making Updates) when it comes to firmware l A lack of tools and knowledge is leaving teams defeated n 79% say they need to increase their understanding of hardware and firmware security n 60% have accepted defeat, saying it’s “impossible” to detect and mitigate hardware or firmware attacks l An inability to securely decommission devices impacts ESG efforts n 68% of respondents say reducing e-waste should be an easy win in terms of achieving broader ESG targets n 59% say its too hard to give devices a second life due to data security concerns. Short-term Decisions can be costly In the face of squeezed budgets, it’s tempting for an ITSDM to make purchasing decisions that are short-term, but there could be consequences. Addressing security gaps and strengthening platform security posture should be at the forefront of decision-making. Supplier audits entail work, but are worth it to expose gaps or hopefully, to improve working relationships. Insist on devices that are tamper-free and remove reliance on legacy BIOS passwords. Deploy firmware updates quickly and invest it tools that enable remote configuration on devices. Purchase devices with in-built capabilities, so they can effectively protect themselves and deny access to security threat-actors. Leave budget aside for safe recycling and secure decommissioning. Comprehensive approach required The findings underscore the need for a comprehensive approach for managing platform security end-to-end at every stage of a device’s lifecycle. This will mitigate risks, reduce cost, increase efficiency, and improve productivity, all while improving the users’ and IT team’s experience.

Tips for Distributors and Resellers

l Take a “lifetime approach” with the customer – with both relationships and inventory – you’re there for project management and to resolve issues when they arrive. l Your reputation is only as good as the devices you are supplying to your customers – recommend investing in devices that offer the highest security protection in hardware, firmware and software. l Offering devices with longer lifetimes will help towards meeting ESG targets l Encourage customers to keep complete and accurate records of all devices, and hold this in your records too l Predict the lifespan of devices, so that planning and procurement is neither a last-minute thought nor an emergency purchase

HP Wolf Security report was compiled with the input from 803 IT and security decision- makers and 6,055 work-from-anywhere employees. The 803 ITSDMs were in companies with 1,000+ employees and the countries included US, Canada, UK, Japan, Germany and France

l Remind the customer of the increasing security threats that

are posed, to help ensure customers’ device fleets are

best placed to meet today’s IT security risks – at every stage of the device lifecycle.

ucadvanced.com