On-Premises Infrastructure - Hardware Security

Verify, Don't Trust

The global supply chain is highly complex, and most IT infrastructure comes with hidden security risks:

  • Multiple sub-manufacturers
  • Components from various international suppliers
  • Numerous opportunities for tampering

The solution is secure provenance

Covert hardware and firmware implants are the gold standards for antagonists, as these techniques create a backdoor that can go undetected for years. Unfortunately, even today, the biggest IT appliance brands or cloud providers will not offer any form of appliance security guarantee. Instead, they talk about risk mitigation, but common sense says risk removal is better than risk reduction, that’s why we offer secure provenance.

Why you are a target

Enterprise security tends to focus on data as the asset to be protected, but in national security, subverting and/or bringing down the infrastructure itself can have immediate and much more serious implications to life and liberty than a compromise of information. In these scenarios mitigating the risk of compromised hardware in the infrastructure becomes paramount.

Consider that just one appliance from any major IT brand can have numerous sub-manufacturers, each using components from a multitude of international suppliers. Then consider that every stage; from design through component supply, manufacturing, coding and assembly, presents opportunities for tampering.

The security of critical national infrastructure is fundamental. Secure provenance is something you should demand from your suppliers, and should be something you should have on your specification contracts.

Protection through provenance

The hardware and firmware risk is bigger than is generally acknowledged, as announcing breaches has wide-ranging implications for those affected, and so many events are managed discreetly. Those who work in defense, intelligence or insurance will already know how deep the problem is.

Secure provenance ensures that the appliance is true, that it is precisely as designed and specified, nothing more, nothing less. It verifies there are no additional or duplicitous components or any hidden code, and you can see this for yourself with SoftIron.

100% ownership of design & manufacturing

Secure provenance verifies appliance and software integrity, and achieving this requires a 360-degree transparent audit of the entire design, supply chain, manufacturing, and delivery path.

All design and engineering is done by SoftIron. There are no third party ODMs (Original Design Manufacturers) involved in any way with SoftIron.

All manufacturing, including surface-mount assembly, is done in-house. There are no white-label components inside a SoftIron box. Our name is our reputation and we take that very seriously.

Full-stack control

SoftIron is in the unique position of being a full-stack manufacturer, so we have authorship, ownership and total responsibility for all code that goes into HyperCloud. Any code we don’t write we read line by line—we know every single instruction and why it needs to be there. SoftIron will never install a binary file without taking it back to the source code for a forensic check.

Only strictly specified components (including manufacturer and batch) are used in SoftIron appliances, and only from fully vetted supply partners. All components are checked and tested before installation.

References

Browse our growing library of qualified opinions and data-driven insights on security vulnerabilities and provenance in our industry.

A SoftIron secure provenance audit

A 360° transparent audit to demonstrate secure provenance will reveal:

  • All design done in-house
  • All circuit schematics
  • No SKU has multiple bids
  • Fully vetted supply partners
  • Component verification (x-rays, parameter testing, etc.)
  • Firmware and OS code in source form, line-by-line
  • Secure manufacture and assembly in-house
  • Individual appliance test and seal
  • End-to-end forensic chain of custody
  • Tamper-evident packaging before leaving our secure facility
  • Any external component precisely specified (manufacturer and batch)

The audit process validates the product is exactly as designed and specified. It will demonstrate there are no additional or duplicitous components, nor any hidden coding.

Discover Secure Provenance

Threats

Hardware security threats are a reality in private cloud solutions and understand the critical need for secure infrastructure

Transparency

SoftIron leads private cloud providers in secure provenance, ensuring unmatched transparency and integrity in their manufacturing process

Trust

SoftIron advocates for trustless security in cloud on-premises solutions, emphasizing validation over trust for transparent, verifiable data protection

References

Discover the importance of hardware security and supply chain integrity through our detailed overview of cybersecurity threats and protective strategies
Top