Hewlett Packard Enterprise Co. is making a global push for supply chain security in its server line.

Two years ago, HPE launched its Trusted Supply Chain initiative to advance end-to-end security in servers for U.S. federal and public sector customers. This month, HPE is announcing an expansion of this program globally for its ProLiant server portfolio.

“We have launched a comparable service globally called HPE Server Security Optimization Service for ProLiant,” said Cole Humphreys (pictured, right), global server security product manager at HPE. “We can deliver it in the European markets and now in the Asia-Pacific markets. It is a big deal for us, because now we have activated a meaningful supply chain security benefit for our entire global network of partners and customers.”

Humphreys spoke with Lisa Martin, industry analyst for theCUBE, SiliconANGLE Media’s livestreaming studio. He was joined by Ann Potten (pictured, left), trusted supply chain program lead at HPE, and they discussed rising costs of cybercrime, a 360-degree approach to computer security, new tools for component tracking, and protection for hardware end-of-life. (* Disclosure below.)

Supply chain risk

HPE’s drive for meaningful supply chain security comes at a time when the topic is generating significant enterprise interest. Recent compromises of the software supply chain, through exploits such as the SolarWinds attack, have led to greater awareness of software and hardware components.

HPE’s Trusted Supply Chain initiative in 2020 focused on providing customers with cyber assurance to ensure they were receiving verifiably authentic and uncompromised products. The cost of ransomware attacks and breaches has escalated since then, and HPE is seeking to expand enterprise protection.

“It’s estimated that cybercrime cost will reach over $10.5 trillion by 2025 and will be even more profitable than the global transfer of all major illegal drugs combined,” Potten said. “The SolarWinds software supply chain was attacked two years ago, which unfortunately went unnoticed for several months. These things together and coming from multiple directions presents a cybersecurity challenge for an organization and, in particular, its supply chain. This is why HPE is taking proactive steps to mitigate supply chain risk so we can provide our customers the most secure products and services.”

Taking a holistic view

HPE’s Server Security Optimization Service is part of the company’s 360-Degree compute security approach. The company’s holistic view of security encompasses protection that begins in the manufacturing supply chain.

“We’ve launched a dedicated line of trusted supply chain servers with additional security features, including Secure Configuration Lock and Chassis Intrusion Detection,” Potten said. “We can provide platform certificates that allow the user to cryptographically verify that their server hasn’t been tampered with from the time it left the manufacturing facility to the time it arrives at the customer’s facility.”

HPE is also pursuing initiatives in the blockchain space to identify component provenance and trace parts back to original manufacturers, according to Potten. HPE has been providing demonstrations of how manufacturing companies can use distributed ledger solutions and provide transparency in the supply chain.

“We’ve built a robust cybersecurity supply chain risk management program that includes assessing our risk at all factories and suppliers,” Potten said.

Protection for end-of-life

These protection solutions can provide a measure of security from the beginning of a product’s lifecycle, but what about the end? HPE has developed a process for customers of its server products to dispose of hardware in end-of-life decommissioning without creating additional security risk.

“When a product is at its end of life, products are either recycled or disposed using our approved vendors,” Humphreys noted. “Our servers are equipped with the One Button Secure Erase that erases every byte of data, including firmware data.”

The latest extension of HPE’s Trusted Supply Chain initiative illustrates how the enterprise world must confront the reality of global cyber threats. Attacks are increasing everywhere and causing disruption to businesses and governments alike. The geopolitical calculus is also changing as nation states become more active in cyber warfare and the promulgation of new threats.

“We are also seeing a dynamic change in the who and the how of the attacks that are happening,” Humphreys said. “You have nation states going after commercial entities; you have criminal syndicates. We don’t want to leave our customers hanging anywhere in this entire journey. This is what we believe is the only way we’re going to be able to get this done.”

Here’s the complete video interview, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations:

(* Disclosure: Hewlett Packard Enterprise Co. sponsored this segment of theCUBE. Neither HPE nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE