Compliance and compensating controls

Supply chain security, firmware security and device integrity have become priorities across a wide range of industry standards and regulations. Many industry cybersecurity regulatory standards stem from NIST guidance, such as the FBI Criminal Justice Information System (CJIS) requirements and Centers for Medicaid and Medicare Services Acceptable Risk Safeguards (ARS). Lenovo Firmware Security helps to ensure device integrity compliance and configure compensating controls if remediation is not possible.

Threat, risk and vulnerability management

Traditional vulnerability scanners, endpoint monitors, manufacturer monitoring and security tools stop in the shallow end. To verify your device’s integrity, you have to go under the application code.

Leaving that code vulnerable means you could be exposed to threats through compromised endpoints and other IT infrastructure. Lenovo Firmware Defense allows you to Integrate firmware into risk and vulnerability management processes and monitor devices for tampering.

Zero trust architecture 

According to Gartner, the average endpoint arrives on its user’s desk or lap with 15 to 20 embedded firmware components. Additionally, all networked and connected devices now come with manufacturer-embedded firmware.

Zero trust enterprises must know which versions of firmware or infrastructure code systems are running, which may be vulnerable, and which are actively being exploited in the wild. Healthy device results are required by NAC, conditional access control or other ZTA policies.

Travel and geographies of concern 

High-risk regions are often associated with greater levels of cyber threats, including malware, hacking and data breaches. Secure-by-design device fleets can provide additional layers of protection against these threats, making it harder for attackers to make unauthorized changes in device integrity and firmware components.