- Companies will Collaborate to Strengthen Core Root of Trust for Measurement for the Enterprise Supply Chain
BOISE, ID / NORCROSS, GA: Micron Technology, Inc. (NASDAQ: MU), a global leader in advanced semiconductor systems, and Wave Systems Corp. (NASDAQ: WAVX), a leading provider of endpoint security, today announced they intend to expand their collaboration to include Lenovo (HKSE: 992) (ADR: LNVGY) and AMI. Together, the four companies plan to develop advanced enterprise-class security offerings to address the escalating concerns of governments and multinational businesses.
To meet the overall objective of verifying and securing software components, these solutions will significantly strengthen the Core Root of Trust for Measurement (CRTM) to offer best-in-class protection against current and emerging pre-boot threats within the supply chain. The companies intend for these solutions to form the basis of a new industry standard designed to ensure the integrity of the supply chain.
According to the 2014 Verizon DBIR report, supply chain vulnerabilities and third-party vendors are still a leading cause of enterprise data breaches (Source, Verizon DBIR, 2014). With major brands continually leaking sensitive enterprise data, it is becoming even more critical to architect a comprehensive enterprise security suite that protects memory content from its inception in manu-facturing throughout a computing device’s life cycle. By providing verification of the CRTM, the first BIOS code that executes, the security of system measurements can be ensured rather than implicitly trusted, reducing the risk of supply chain attacks. A centrally managed security solution working in conjunction with a client’s core root of trust for measurement provides client system integrity throughout the supply chain.
A combined security solution from Micron, Wave, Lenovo and AMI would address the foundational level of a client’s security by enabling advanced protection, detection and recovery capabilities for memory content, creating an unrivaled level of trust from the supply chain to the corporate environment. The planned software solution will integrate with the Trusted Platform Module and other hardware components to provide notification, remote management, and further remediation options for the enterprise.
“Enterprises face ever-increasing pressures to protect their networks, devices and data from attacks orchestrated from the outside as well as from within an organization. Data security throughout a computing device’s lifecycle is no longer nice-to-have, it’s now a requirement,” said Robert Feurle, vice president of compute and networking marketing at Micron. “Micron invests time and resources to protect data at the memory level, collaborating with enterprise security leaders like Wave Systems to provide robust security across the enterprise supply chain.”
“We’re pleased to further strengthen our relationship with Micron, Lenovo and AMI to continue to develop advanced solutions that combine hardware and software security to protect against the new wave of supply chain threats,” said Wave CEO Bill Solms. “While Micron, Lenovo and AMI have been our supporting OEMs for years, this will give them direct access to the Wave portfolio and allow us to build on our existing software solutions to take enterprise supply chain security and eventual NIST 800-155 support to the next level.”
“By building on a hardware root of trust, we can create an immutable mechanism for controlling, measuring and reporting the execution of the BIOS,” said Anthony Corkell, Vice President, Security Office, Lenovo Corporation. “This means that unauthorized modifications and anomalies can be detected before they turn into attacks, and give administrators certainty that their devices have not been compromised.”
“AMI’s focus has always been on enabling the development of platforms which are secure from power-on to hand-off to the operating system, supporting and integrating all relevant industry security standards. As such, AMI is greatly pleased to participate in this joint initiative between Micron, Wave, Lenovo and ourselves with the adoption of our flagship Aptio® UEFI BIOS Firmware for the UEFI Development Platform. AMI continues to demonstrate its commitment to delivering solutions with the most trusted and reliable security features to its partners and OEM customers,” said Subramonian Shankar, President and CEO of AMI.
The companies are targeting the first half of 2015 for future announcements regarding products in development.
About Micron
Micron Technology, Inc. is a global leader in advanced semiconductor systems. Micron’s broad portfolio of high-performance memory technologies—including DRAM, NAND and NOR Flash—is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of technology leadership, Micron’s memory solutions enable the world’s most innovative computing, consumer, enterprise storage, networking, mobile, embedded and automotive applications. Micron’s common stock is traded on the NASDAQ under the MU symbol. To learn more about Micron Technology, Inc. visit www.micron.com.
About Wave Systems Corp.
Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the hardware security capabilities built directly into endpoint computing platforms themselves. Wave has been among the foremost experts on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.
About Lenovo
Lenovo (HKSE: 992) (ADR: LNVGY) is a US$39 billion personal technology company – the largest PC maker worldwide and an emerging PC Plus leader – serving customers in more than 160 countries. Dedicated to exceptionally engineered PCs and mobile internet devices, Lenovo’s business is built on product innovation, a highly-efficient global supply chain and strong strategic execution. Formed by Lenovo Group’s acquisition of the former IBM Personal Computing Division, the Company develops, manufactures and markets reliable, high-quality, secure and easy-to-use technology products and services. Its product lines include legendary Think-branded commercial PCs and Idea-branded consumer PCs, as well as servers, workstations, and a family of mobile internet devices, including tablets and smart phones. Lenovo, a global Fortune 500 company, has major research centers in Yamato, Japan; Beijing, Shanghai and Shenzhen, China; and Raleigh, North Carolina. For more information see www.lenovo.com.
