HP has expanded its Wolf Security endpoint security portfolio Sure Access Enterprise (SAE). The solution helps tightly secure access rights to sensitive data, systems and applications using dedicated VMs.

The new security solution should protect both compromised and uncompromised endpoints from hijacking privileged access sessions. Aside from protecting endpoint data and systems, the solution ensures that attacked devices cannot cause larger security incidents.

Dedicated VMs

The HP Wolf Security SAE solution uses task isolation technology. The solution allows each privileged access session to run on its own hardware-enforced virtual machine. The use of a dedicated VM ensures that the secrecy and integrity of data remain intact. Data are thus isolated from any malware nested in the endpoint’s operating system.

End users of the endpoint can still perform privileged, non-privileged and personal tasks with the device through the VM. This helps improve the user experience, reduces IT technology requirements and improves the protection of end users’ devices.

HP emphasizes that the VMs are inaccessible to unauthorized users. This ultimately ensures the confidentiality and integrity of the application and data hosted in the VMs. According to HP, the solution reduces costs by eliminating the need to provide employees with a separate privileged-access workstation.

Features

HP Wolf Security SAE is directly available. The endpoint security solution offers integrations with PAM solutions from CyberArk and BeyondTrust. Other features include IPSec remote access tunnels and MFA.

For compliance reasons, the tool also supports Intel-based hardware root of trust. This should prevent malware from bypassing security controls and encryption. Furthermore, the technology allows non-modifiable logging tracks of sessions without recording sensitive data and login credentials.

It’s risky, but so is PAM

The solution allows both privileged and non-privileged tasks to run on the same system. Although HP acknowledges that the latter can be risky, the organization emphasized that Private Access Management (PAM) tools are no different. Cybercriminals can take over privileged sessions in either case. In contrast to PAM tools, HP Wolf Security SAE blocks attackers from capturing sensitive data and login credentials or inserting malware and commands.

Tip: Cybercriminals hack Microsoft Exchange servers with zero-days