According to the 2014 Verizon DBIR report, supply chain vulnerabilities and third-party vendors are still a leading cause of enterprise data breaches (Source, Verizon DBIR, 2014). With major brands leaking sensitive enterprise data, it is becoming critical to architect an enterprise security suite that protects memory content from its inception in manufacturing throughout a computing device's life cycle. By providing verification of the CRTM, the first BIOS code that executes, the security of system measurements can be ensured rather than implicitly trusted, reducing the risk of supply chain attacks. A centrally managed security solution working in conjunction with a client's core root of trust for measurement provides client system integrity throughout the supply chain.
A combined security solution from Micron, Wave, Lenovo and AMI would address would enable protection, detection and recovery capabilities for memory content. The planned software solution will integrate with the Trusted Platform Module and other hardware components to provide notification, remote management, and further remediation options for the enterprise.
"Enterprises face ever-increasing pressures to protect their networks, devices and data from attacks orchestrated from the outside as well as from within an organization. Data security throughout a computing device's lifecycle is no longer nice-to-have, it's now a requirement," said Robert Feurle, vice president of compute and networking marketing at Micron. "Micron invests time and resources to protect data at the memory level, collaborating with enterprise security leaders like Wave Systems to provide robust security across the enterprise supply chain."
The companies are targeting the first half of 2015 for future announcements regarding products in development.