Intel and Xerox Announcement Offers Glimpse into the Future of Security in the Silicon

With the Intel acquisition of McAfee nearly 1 year ago, some pontificated and others simply speculated about precisely why the chip giant would purchase an information security product company.

For long-time players in the space, the answer was clear. For the rest, Intel’s CTO, Justin Rattner, stated that security was job number one. The immediate play was a tight integration of security technologies into the silicon, which is one of the many “holy grails” (or perhaps banes) of information security.

For years, various trusted platform module (TPM) technologies supporting digital rights management (DRM) initiatives and data-centric controls were built into chipsets and then integrated into a variety of systems.

The concept is somewhat elegant on paper: a virtual secure sandbox for cryptographic keys, SSL certifications, biometric data, AV hives and other controls that would allow for secure and trusted hardware level access on the integrated chipsets.

The whitepapers were compelling, but the industry had some technical challenges and philosophical issues that slowed adoption. Regardless of the various issues, Moore’s law drove the industry onward and Intel was no stranger to the technology.

After a bit of time, and many low vocalized rumblings, the industry is finally getting to see some of the fruits of the acquisition. The following is from a recent announcement from Xerox and McAfee:

“A new survey commissioned by Xerox (NYSE: XRX) and McAfee, reveals that more than half (54 percent) of employees say they don’t always follow their company’s IT security policies (33 percent) or aren’t even aware of the policies (21 percent) – leaving the security of customer credit card numbers, financial reports, and HR and tax documents at risk.”

Their partnered proposed response? Embedding McAfee technologies into Xerox devices.

While the article isn’t specific about what we can expect to see, one can certainly extrapolate that this integration may mean EPo, AV or even DLP style technologies resident in printers, scanners and fax machines.

Within the next decade, the advent of IPv6 and household appliances being issued networked interfaces could lead to refrigerators that keep tabs on milk-freshness and thwart the next malnet (thank you Team Cymru!) that cuts our power and defrosts everything in our freezer.

While this is spoken tongue-in-cheek, the fact of the matter is that as more and more critical systems convert into “green” appliances, our WiFi-enabled, smart-grid connected power meters and radio-frequency identification (RFID) capable edge devices will all carry some critical personally identifiable information (PII) and require continuity of operations. This in turn will require the vendors to integrate security solutions tightly into the firmware/hardware of the systems they provide.

Leave a Reply