Meltdown and Spectre - How to Protect the Enterprise

The news of Meltdown and Spectre has been all over the press. These exploits are critical vulnerabilities in modern processors that allow programs to steal data which is currently processed on the computer. They impact almost every system from desktops to laptops to cloud servers as well as smart phones and potentially more.

With the revelations about the CPU security bugs Meltdown and Spectre, many businesses are looking to protect themselves as they wait for confirmed patches. As of this writing, there are no patches available for Windows Server 2008 and Windows Server 2012. And Intel has actually told users to stop deploying the Spectre patches that were previously released because the patches are causing so many system reboots.

Addressing the Meltdown-Spectre Exposure

Armis can help customers see all devices, their status, and even protect them as they wait for the Meltdown/Spectre patches to come. A number of our customers are using our agentless IoT security platform to protect themselves in the following manner.

  • Inventory/Device Discovery – Using Armis to identify all managed and unmanaged devices.
  • Operating System Tracking – Leveraging our deep device profiling to see which devices’ operating systems have been updated, and those that have not, and are potentially exposed.
  • Protection – Creating policies to automatically disconnect devices that may be compromised and acting suspiciously.

One Source For Critical Insights

In fact, Armis has developed a specific Meltdown and Spectre Insight and can mark the vulnerable devices with a risk factor. The risk factor ‘CPU SECURITY FLAW’ marks the existence of both vulnerabilities, and is accompanied by a high or medium risk level.

This is an example of the Device Report, which identifies the devices at risk.