Author: Brian Richardson, Security Pillar Lead, Intel Corporation
Intel Platform Security is No Accident
As the 21st century moves along, the demand for accurate cross-platform data exchange continues to increase every day. New technologies are developed, new applications are implemented, and exciting technological avenues are discovered and explored at breakneck speed. Devices and applications that would have been considered sci-fi just a few years ago are finding their way into our pockets and onto our desktops, and public expectations demand that they all work together seamlessly.
Unfortunately, the connections between these technologies are a tempting target for attackers looking for new and creative ways to undermine the system and gain access to the data — either for notoriety or personal gain. They know that if they nibble around the edges of any system long enough, they will eventually find a vulnerability that can be exploited.
Top-to-Bottom Focus on Security
At Intel, we understand that this constant pressure to perform and the equal pressure to protect requires strong, consistent application of sound security strategies. We maintain a steady focus on the potential security risks at every level of our product development and manufacturing processes, beginning at the drawing board, and continuing until long after product delivery. This is accomplished in two main forms:
- The Intel Security Development Lifecycle (SDL) is a comprehensive set of practices we apply to our hardware, software, and firmware to integrate security principles and privacy tenants at every step of product development, from concept through end of servicing.
- Threat discovery and incident response, including dedicated offensive research of our products and emerging security threats, as well identifying vulnerabilities, mitigations, coordinated disclosure to the industry.
Critical security features are built into every chip and are present at every level — including the silicon itself. We innovate to protect data and privacy, centered around three key priorities:
- Foundational Security: critical protection to help verify trustworthiness of devices and data.
- Workload and Data Protection: trusted execution for hardware-isolated data protection.
- Software Reliability: platforms that help protect against a range of cybersecurity threats.
Intel’s hardware components provide the backbone of a strong security foundation to build solid application platforms. The processor logic adds another layer of security, and the resulting product architecture within each chip can be used to support virtually any application.
With ongoing investments in security research and processes that span the product lifecycle, security doesn’t end at product launch. Instead, security updates are made as needed until end of servicing to continually improve product resilience.
Providing every legitimate workload with a trusted execution environment for hardware-isolated protection of data in use, scaled to fit workloads of varying sizes. These security technologies extend to help protect virtual machines and operating systems against a variety of targeted attacks.
Software vulnerabilities represent the biggest opportunity for attackers, who patiently search for any potentially unsecured opening or unintended weakness. Between internal and external security research along with robust incident response, Intel seeks out potential vulnerabilities and works to mitigate them before they can be exploited. Simultaneously, we look for ways to architect security capabilities into the silicon to improve resilience for common software issues.
It Takes a Village (or an ecosystem)
We recognize that extensive testing and real-world application are necessary to improving security. So, we rely on the relationships with our developer ecosystem, including external security researchers and partners. These developers use our products to build marketplace solutions and identify potential vulnerabilities.
We appreciate every opportunity to work with them and create security solutions that work on every level. In addition, we work with programmers from all corners of the world as part of our Bug Bounty Program. This program promotes research and coordinated disclosure of potential vulnerabilities by ethical hackers and security researchers.
Together, the people and processes employed by Intel ensure a layered security approach that powers devices you can count on. For more information on the people, the processes and the products that make Intel special, please read Martin Dixon’s ‘People, Processes, Products Define Intel’s Security Strategy’ article available in the Intel Newsroom.
About the Author
Brian Richardson is the Security Pillar Technology Marketing Lead for Intel Technology Leadership Marketing (TLM). Prior to this role, Brian focused on the firmware that quietly boots billions of computers. He focused on implementation of the Unified Extensible Firmware Interface (UEFI), migrating the industry from 16-bit PC BIOS, and promoting standards-based firmware development (tianocore.org). Brian has presented at technical conferences including Intel Developer Forum, Bsides, LinuxCon, FOSDEM, and UEFI Plugfest. Brian incorporates his interest in photography, video production, and event hosting at Dragon Con into his work in technical marketing. He also incorporates his interest in martial arts into his farm improvement projects by occasionally kicking things that don’t work properly.
Notices & Disclaimers
¹ Source: Intel-2020-product-security-report
Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates. See sources cited for configuration details. No product or component can be absolutely secure.
© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.