HOW TO PLAN

FOR ENDPOINT
SECURITY AGAINST
EVER-EVOLVING
CYBERTHREATS
Making the right decisions for IT security can safeguard your
devices, data and reputation. Discover how robust hardware
and services can keep your organization protected.
CO N T E N T S

01
Staying protected against cybercrime pg. 3

02
Changing work styles bring new security challenges pg. 5

03
Scanning the current cybersecurity landscape pg. 7

04
What threats should be on your radar? pg. 10

05
Starting at the endpoint pg. 13

06
Security requirements for your next RFP pg. 17

07
Asking the right questions to strengthen security pg. 20

PA G E 2
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

01 STAYING PROTECTED
AGAINST CYBERCRIME

In today’s ever-evolving digital landscape, organizations are under a growing risk

from sophisticated cybercrime. From the changing ways employees work to the
rising number of serious threats that take aim at endpoints, there are plenty of
areas where an organization’s IT security can be left vulnerable.

The stakes are high. But there are ways to strengthen your defenses.

To avoid becoming the next name in the news because of a cyberbreach,

organizations need to focus attention on security features at the device level and
start to move towards services that can help tackle current security risks, and
the unknown threats of the future.

PA G E 3
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

IS YOUR ORGANIZATION PRIORITIZING THESE THREE AREAS?

Over the next few pages, we’re going to take you through some of the most
dominant cybersecurity trends and threats to today’s endpoints. But first,
ask: what is your organization doing to stay protected? Do your PC purchasing
decisions include these three key aspects? We’ll give you more information about
how to ensure your IT incorporates these features in a later section.

Resilient hardware

1 that protects firmware and applications, and can

reimage and recover the BIOS quickly, so you can
get back to business fast.

Layers of protection

2 to proactively defend against threats below, above

and in the OS, and prevent impact to the network
– from hardware to threat prevention technology.

Proactive management

3 to enforce your security policies, and actively

monitor and respond to threats.

PA G E 4
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

02 CHANGING WORK
STYLES BRING NEW
SECURITY CHALLENGES
Our powerful digital environment means we’re better connected than ever. And
it’s made flexible working not only possible, but a popular option for teams
around the world. There’s a growing desire for flexibility in the workplace, and
while it can lift both productivity and employee wellbeing, it also brings new
locations, devices and networks into the environment. And working on unsecure
networks or endpoint devices leaves organizations vulnerable to attacks.

of businesses say productivity is better with

85% flexible working,1 but as employees move
outside the office, so can sensitive data.

PA G E 5
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

CURRENT OUTLOOK: WAYS TO RESOLVE:

Work tasks are completed in new Considerations that protect against risks of flexible
locations and on new devices working

Over half of global employees Management services can offer support when away from
work outside the office at least the office, equip users with secure, up to date devices and
2.5 days a week.1 offer remote data wipe.

Coffee shops and cafes are Self-healing hardware can detect and protect against
the second most popular place attacks that lurk on unsecure networks, containing the
to work.2 threat in real time to stop it from spreading. Plus, built-in
privacy screens can avoid visual hacking.

Only 40% of personal devices Security and threat analytics give visibility and insights to
used for work tasks are subject predict issues, and a managed service can monitor status
to security regulations.3 and analyse threats.

“People can work on the go – they work in coffee shops, hotels and planes. A
lot of people are connecting to random wireless networks, they have no idea of
credentials. And then they go back to the office, plug back into the environment and
that system has been compromised, thus putting the whole company at risk.”
Michael Calce, a.k.a. ‘MafiaBoy’, Chairman of HP’s Security Advisory Board

FOUR THINGS TO CONSIDER

The following questions can help you begin to assess the current status of your
hardware and services, and whether your organization can sufficiently guard
against potential attacks.

• D oes your organization have a patch management process to systematically

fix software vulnerabilities?
• Would your organization benefit from regular insights into the status and
effectiveness of your security position?
• What type of technology does your organization currently invest in for
endpoint security?
• Do you have end-user security training, and if so, how effective is it?

PA G E 6
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

03 SCANNING THE CURRENT

CYBERSECURITY LANDSCAPE

The internet is fundamental to how we do business today. But as the internet and
digital world grows in complexity, so does cybercrime and its threat to security.
Threats are growing in number and intricacy, and are fast to infiltrate the wider
organization once they’ve made their way into a system.

Organizations have decisions to make and features to look out for when acquiring
new services and devices, to safeguard against the rising risks. By looking towards
hardware and services that can respond to threats quickly, users stay up and running,
and organizations stay productive and avoid the long-term financial consequences
that come with cybercrime.

68% of business leaders

say cybersecurity risks are
increasing.4

The average cost of a cyberattack

is $13m, up 12% in a year.4

Cyberattacks and data fraud are

two of the top five risks CEOs are
likely to face.4

PA G E 7
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

A LOOK AT DATA BREACHES IN INDUSTRIES

Over the last few years, stories of data breaches and computer fraud have
become more commonplace across the media. Cybercrime doesn’t discriminate.
From hospitality firms and social media giants to municipalities and healthcare
providers, even the biggest organizations from around the world can make the
headlines for losing control over its customer, employee and company data.

FACEBOOK
In April 2019, Facebook was once
again under scrutiny as millions of
user records had been exposed. The
popular social networking site allowed
two apps access to the personal
information of its users – and the data
had been stored on insecure servers. A
total of 540 million records, including
Facebook IDs, comments and likes,
could be found.5

This comes less than a year after

Facebook announced the largest data
breach in its history, which exposed
personal information of up to 50 million
users – an incident that was followed
by the social media’s stock falling by
more than 3%.6

PA G E 8
HOW TO PLAN FOR ENDPOINT SECURIT Y AGAINST
E V E R - E V O LV I N G C Y B E R T H R E AT S

US CITIES OF BALTIMORE
AND GREENVILLE
According to Verizon’s 2019 data breach
investigation, 16% of breaches involved
public sector entities – the highest
percentage of sectors investigated.7
In May 2019, a ransomware attack hit
“The reality is we’re getting to a Baltimore, Maryland, infecting around
point where most cities are facing 10,000 government devices with
a new strain of ransomware called
a million of these attacks every RobbinHood,8 which blocked essential
week – this is now what local city services such as the payment of
municipalities are up against.9” water bills and property taxes. Hackers
initially demanded the city pay 13
Nicole Perlroth, cybersecurity reporter, New York Times
bitcoins, approximately $100,000, to
restore access to the systems. The city
didn’t pay the ransom, and the resulting
costs reached millions of dollars.

Baltimore was the second city to fall

victim, after Greenville, North Carolina,
which experienced the same strain of
malicious cyberattack in the month
previous. And it doesn’t end there.
Many other cities around the world
have been attacked, but have remained
unannounced to the public.
AUSTRALIAN
NATIONAL UNIVERSITY
The university confirmed that an
estimated 200,000 people, including
staff and students, had been affected
by a major data breach, discovered
in May 2019. In a message to the
university body, the vice-chancellor
stated that personal information,
going back 19 years, such as names,
addresses, payroll and bank account
details had been accessed by an
unauthorized, malicious actor.10

PA G E 9
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

04 WHAT THREATS SHOULD

BE ON YOUR RADAR?

“We have been seeing a rise in firmware attacks, which are

attacks on the software embedded in hardware, that can
provide an attacker with control over an entire system. To
address this degrading threat environment, HP has been
leading the industry in designing systems and devices with
security built-in from the hardware up, to help protect, detect
and remediate attacks, with minimal interruption to users.”
Boris Balacheff, Chief Technologist for System Security Research and Innovation,
HP, for HP Innovation Journal, Cybersecurity special edition

Threats are lurking. And they come in many different forms.

But with every threat there’s a way to stay protected.
Here are several ways you could be compromised, and
what to do about it.

PA G E 1 0
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

CURRENT OUTLOOK: WAYS TO RESOLVE:

The threats on the rise Features to look out for to protect against the
threats

Unsecure devices for remote workers

More and more employees work across Real-time monitoring and analytics give an
different devices, locations and connections oversight of device health and can see where
– and not all will be secure. attacks are coming from to ensure prompt
response to the security event.

Advanced malware attacks

Malware that has a specific target – modified Deep-learning AI can identify and protect
with different ways and techniques to against new, never before seen malware.
infiltrate a system – can avoid detection by
traditional security controls and antivirus.

Firmware attacks
Firmware security, particularly in the BIOS, Self-healing BIOS protection can detect threats
can be vulnerable to malware and exploited and automatically recover the BIOS from attacks
by hackers. or corruption, without intervention from IT.

PA G E 1 1
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

CURRENT OUTLOOK: DECISIONS TO MAKE:

The threats on the rise Features to look out for to protect against the
threats

Ransomware
The second most common type of malware Hardware-enforced protection can help
incident7 – up 15% in the first half of 20193 – protect PCs from ransomware and facilitate
ransomware is designed to lock, encrypt and fast recovery to minimize impact and reduce
deny access to data until a ransom is paid. downtime.

Cryptojacking
A form of cyberattack where a hacker Management services can ensure you’re
hijacks a target’s processing power to equipped with the latest devices, up to date
mine cryptocurrency. Cryptomining software and sophisticated protection.
malware soared by 4000% in 2018, McAfee
found11 and can be costly in electricity, Want to know more about cryptojacking? View
network performance and vulnerability to our Cryptojacking Guide to discover how to keep
other attacks. jackers at bay.

Human error and endpoints Advanced malware protection with isolation

Endpoints are common attack vectors. technology contains email, browser and file
Pair this with employee susceptibility attacks to prevent the spread from victim 0.
to cybersecurity attacks, threats to the
endpoint can be common and, ultimately,
successful. Email is the most common point
of entry for malware and accounts for 94%
of delivery.7

Security policies and antivirus software alone are insufficient – and

organizations should be considering additional layers of protection and
services for the final line of defense.

PA G E 1 2
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

05 STARTING AT
THE ENDPOINT

Endpoints are a target for cyberattacks, and it’s with growing frequency that
breaches are traced back to starting at the endpoint.12 From the decentralization
of the workplace – where devices can be difficult to keep track of – to the
pressure from attacks that antivirus miss, a lack of endpoint security can mean
huge disruption to an organization, to productivity and to the bottom line.

64%
of organizations reported a major breach
that started at the endpoint.12

PA G E 1 3
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

CURRENT OUTLOOK: WAYS TO RESOLVE:

Endpoints represent a weak link in security Considerations that protect endpoints against
threats

Zero-day attacks are four times more likely Managed security services can protect against
to compromise organizations.12 zero-day attacks through real-time threat
protection and analytics services.

57% of successful attacks are missed by Going beyond traditional antivirus protection
traditional antivirus.12 with deep-learning-based artificial intelligence
can further protect devices.

Over half of breaches take months or longer Services that give a full overview of device
to discover.7 health and insights reporting can help
organizations uncover issues and protect
devices.

The frequency of new or unknown zero-day With new types of malware appearing every
attacks has increased from 24% to 37% in day, deep learning AI can protect against never
2018.12 before seen attacks, before they happen.

48% of malicious email attachments are Real-time threat isolation technology traps
Office files.13 malware from email attachments and file
download attacks, preventing them from
impacting the device and network.

Want to know more?

Discover Five Reasons the Security of Your Endpoints Could be at Risk.

PA G E 1 4
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

THE HUMAN ELEMENT

Where there are endpoints, there are employees. And where there are people,
there’s inevitable human error, and fraudsters poised to take advantage.
Verizon’s 2019 data breach report found that 21% of breaches were caused
by human error, up 5% in 5 years.7 Could this be due to a lack of security
awareness? Research from Proofpoint found that employees are answering
almost a quarter of security-related questions incorrectly,14 including categories
related to mobile encryption, actions to take following a suspected breach and
identifying phishing attacks.

Social engineering, from spear phishing to pretexting, can trick employees

into visiting and entering sensitive information into fraudulent sites, or into
downloading and installing malware onto their devices. Although the frequency
of breaches caused by phishing is moving in the right direction,7 organizations
have certainly not seen the end of socially-engineered attacks.

• 32% of breaches involved phishing12

• 65% of groups use spear phishing as the primary infection vector13
• Almost 25% of people will click a phish each year15
• The more phishing emails people click, the more likely they are to click again15

PA G E 1 5
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

“Statistically speaking, employees are often the

weakest link. But they’re not necessarily at fault.
Employees need to be equipped with the right
technology. They need built-in security on their systems
to help them navigate this never ending, vast space of
potential breaches and attack vectors.”
Michael Calce, aka ‘MafiaBoy’, Chairman of HP’s Security Advisory Board

When human error brings vulnerability, decision makers need to explore new
ways to protect the rest of the network. And although internal training and
policies can work to cut down susceptibility, introducing security-enforced
hardware, threat protection solutions and managed services can bolster
defenses and fill in the security gaps.

GOING BEYOND THE BOTTOM LINE

The cost to organizations goes further than dollars. Trust, loyalty and
reputation are impacted when an organization experiences a data breach. In
fact, employee morale and business relations are the two top forms of damage
caused by cybercrime.

Level of impact16

47% 38% 36%

employee morale business relations reputation/brand strength

PA G E 1 6
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

06 SECURITY REQUIREMENTS
FOR YOUR NEXT RFP

“A lot of the traditional technology for security today is

signature-based detection, and that’s just not sufficient
anymore. I’m really excited with what HP have been developing
with HP Sure Sense, which is essentially a behavioural type of
detection versus signature based. So, there is a lot of defense
being made to respond to attackers.”
Michael Calce, aka ‘MafiaBoy’, Chairman of HP’s Security Advisory Board

The forecast for today’s threats, vulnerabilities and risks may seem cloudy,
but asking the right questions can equip your organization with the right
protection. Your hardware and service requirements should reflect
the changing face of cybersecurity and support your IT department in
addressing the current and future risks – so prioritizing security features
when acquiring new resources is a must. Think resilient hardware, layers
of protection and proactive management.

PA G E 1 7
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

TODAY’S RFP REQUIREMENTS

When completing a request for proposal and choosing an IT provider, explore
these five crucial areas to help you meet the rising tide of security threats.

1 HARDWARE
Don’t allow malware or ransomware to take down your
fleet and stall important projects. Choose hardware that’s
designed to detect and recover from attacks, keeps you
alerted to changes and limits the spread of breaches, so if
an attack gets in your users can be back to business quickly.

Solution: HP Sure Start,17 HP Sure Run18 and HP Sure

Recover19 for resilient hardware that can self-monitor and
self-heal.

•HP Sure Start secures your PCs with hardware-enforced,

self-healing protection that automatically recovers the
BIOS, even before the PC boots into the OS.
•HP Sure Run keeps critical security protections up and
running to prevent unwanted changes to settings.
•HP Sure Recover ensures fast, secure and automated
recovery of your OS, with embedded reimaging, with only a
network connection.

2 THREAT PROTECTION
When one in ten URLs leads to malware,13 your organization
needs to keep endpoints protected against malicious
websites and attachments. Look for resilient hardware
features that can recognize new risks and secure your
systems, in real time, against the advanced malware that
employees and traditional antivirus can miss.

Solution: HP Sure Click20 for isolation technology that

empowers your users to click with confidence by protecting
against infected files and malicious sites. With the deep
learning AI of HP Sure Sense,21 you’re protected against
never before seen attacks.

PA G E 1 8
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

3 ANALYTICS AND INSIGHTS

Staying informed of device health and protection status
can help IT to resolve issues before they affect users. Get
access to analytics and reports around security incidents to
identify threats, support security policies and give you the
information and insights to protect devices and data.

Solution: HP Proactive Management with HP TechPulse

for unique predictive analytics that gives a holistic view of
device protection status, plus additional reports and alerts
about unprotected devices and attempted threats – helping
you monitor security and mitigate issues.

4 MANAGED SERVICES
IT security teams are faced with a complex, busy workload
and little time for other priorities. Work with a provider that
offers managed services to keep an eye on device health.

There’s a global talent shortfall. Given the 2.93 million

unfilled cybersecurity jobs worldwide22 – predicted to reach
85 million by 2030, a figure equal to the population of
Germany23 – could your IT team do with additional support?

Solution: HP Proactive Security24 for the world’s most

advanced isolation security service for real-time malware
protection on Windows 10 PCs.25 Plus, HP Service
Experts26 can enforce security policies and perform daily
management to monitor the health of your multi-OS
environment – lightening the load on IT teams.

5 DEVICE REFRESH
Today’s landscape means the security goalposts frequently
change. Organizations need to ensure their device refresh
cadence allows for new technology with up to date security
features to face the evolving cyberthreats.

Solution: HP Services for assistance at every stage of the

device lifecycle to optimize your IT assets and resources,
equip users with up to date technology, and ensure safe
decommissioning and retiring of devices to help keep
data secure.

PA G E 1 9
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

07 ASKING THE
RIGHT QUESTIONS TO
STRENGTHEN SECURITY

PA G E 2 0
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

To help precisely identify your security expectations, delve deeper into the important hardware and
services areas, and direct any questions you have to all potential providers. This will help you ensure it’s a
partner you want to work with and will be able to sufficiently protect your organization. Use the following
ten questions to explore your requirements, and inspire new queries and considerations.

Can your hardware self-protect and recover from today’s

1 malware threats?
Ask about hardware-enforced protection, including what can be
recovered and restored, and how long it will take, when a threat hits.

Will we be able to actively monitor malicious activity?

2 Find out if you have access to insights, reports and analytics to identify
and respond to threats.

What details will we get about attempted attacks?

3 Discover the type of information and analytics you’ll receive, and whether
it will help you better understand the attacks targeting your organization.

What are your capabilities in predictive analytics?

4 See if you’ll have access to analytics technology that can spot issues
early to help safeguard against attacks.

What technology do you have to recognize and stop never

5 before seen threats?
Find out whether you can harness deep learning AI that recognizes
malware instinctively and works in real time.

PA G E 2 1
H O W T O P L A N F O R E N D P O I N T S E C U R I T Y A G A I N S T E V E R - E V O LV I N G C Y B E R T H R E AT S

What additional privacy options can you offer?

6 Ask about features such as data erase, privacy screen or remote lock
to protect sensitive data.

How can you prevent the spread of viruses?

7 Isolation technology can contain and protect against malware that
enters through URLs, attachments or files – find out if this is
something you can benefit from.

Will you be able to help us enforce our policies, and will

8 there be experts available to support?
Make sure you can access specialized expertise to help you strengthen
your security position and support the workloads of your internal IT teams.

What are your terms for fleet refresh?

9 Find out how frequently you’ll be able to update devices to ensure the
strongest level of security.

How do you dispose of decommissioned devices?

10 Ensure that processes are in place to protect data for
end-of-use devices.

Although attacks are growing with frequency and sophistication, there are
opportunities for organizations to challenge the threats with strong security.
With HP, you can explore a whole range of hardware features and services to
meet your organization’s needs. By working with HP Elite PCs, you have the
world’s most secure PCs.27 And with HP Services, you get proactive protection,
for your organization and your IT hero reputation.
HP Security solutions can secure your devices, data, and identity, and
protect your business against ever-evolving cyberthreats.

Discover how

PA G E 2 2
HOW TO PLAN FOR ENDPOINT SECURIT Y AGAINST
E V E R - E V O LV I N G C Y B E R T H R E AT S

SOURCES AND DISCLAIMERS

1 IWG, March 2019, The IWG global workplace survey. http://assets.regus.com/pdfs/iwg-workplace-survey/iwg-workplace-
survey-2019.pdf
2 Buffer, 2019, State of remote work. https://buffer.com/state-of-remote-work-2019
3 HR Dive, May 2018, Employees use personal devices for work without much oversight. https://www.hrdive.com/news/
employees-use-personal-devices-for-work-without-much-oversight/523913/
4 Ponemon, developed with Accenture, March 2019, The cost of cybercrime. https://www.accenture.com/us-en/insights/
security/cost-cybercrime-study
5 Telegraph, April 2019, Millions of Facebook user records exposed in data breach. https://www.telegraph.co.uk/
technology/2019/04/03/millions-facebook-user-records-exposed-data-breach/
6 Fortune, Facebook loses around $13 billion in value after data breach affects 50 million of its users, September 2018,
7 Verizon, 2019, 2019 data breach investigations report. https://enterprise.verizon.com/resources/reports/2019-data-breach-
investigations-report.pdf
8 Ciso Mag, June 2019, Baltimore hackers leak data on Twitter after no ransom was paid. https://www.cisomag.com/baltimore-
hackers-leak-data-on-twitter-after-no-ransom-was-paid/
9 From an interview by Dave Davies on Fresh Air with Terry Gross, produced by WHYY, Inc. and distributed by NPR, June 2019,
Hackers demanding ransoms paralyze city computer systems in the U.S. https://www.npr.org/2019/06/13/732320853/
hackers-demanding-ransoms-paralyze-city-computer-systems-in-the-u-s?t=1566209375528
10 Guardian, June 2019, Australian National University hit by huge data breach. https://www.theguardian.com/australia-
news/2019/jun/04/australian-national-university-hit-by-huge-data-breach
11 McAfee, December 2018: McAfee Labs Threats Report. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-
quarterly-threats-dec-2018.pdf?zanpid=2566983967299851264
12 Ponemon, State of endpoint security https://cdn2.hubspot.net/hubfs/468115/whitepapers/state-of-endpoint-
security-2018.pdf
13 Symantec, 2019 Internet Security Threat Report. https://www.symantec.com/en/uk/security-center/threat-report
14 Proofpoint, 2019, Beyond the phish report. https://www.proofpoint.com/uk/resources/threat-reports/beyond-phish
15 Verizon, 2018, 2018 Data Breach Investigations Report.
16 PwC, 2018, Global economic crime and fraud survey. https://www.pwc.com/gx/en/forensics/global-economic-crime-and-
fraud-survey-2018.pdf
17 HP Sure Start Gen5 is available on select HP PCs with Intel processors. See product specifications for availability.
18 HP Sure Run Gen2: See product specifications for availability.
19 HP Sure Recover Gen2: See product specifications for availability. Requires an open, wired network connection. Not available
on platforms with multiple internal storage drives. You must back up important files, data, photos, videos, etc. before using HP
Sure Recover to avoid loss of data. HP Sure Recover (Gen1) does not support platforms with Intel® Optane™.
20 HP Sure Click is available on select HP platforms and supports Microsoft Internet Explorer, Google Chrome™, and
Chromium™. Supported attachments include Microsoft Office (Word, Excel, PowerPoint) and PDF files in read only mode, when
Microsoft Office or Adobe Acrobat are installed.
21 HP Sure Sense requires Windows 10. See product specifications for availability.
22 ISC2, 2018, Cybersecurity professionals focus on developing new skills as workforce gap widens.
https://www.isc2.org/-/media/ISC2/Research/2018-ISC2-Cybersecurity-Workforce-Study.ashx
23 Korn Ferry, May 2018, The $8.5 talent shortage. https://www.kornferry.com/institute/talent-crunch-future-of-work
24 HP Proactive Security available as a separate purchase for Windows 10 devices, regardless of manufacturer. See www.
hpdaas.com/requirements for additional system requirements. Requires HP TechPulse, which is included in any HP DaaS or HP
DaaS Proactive Management plan. Security Experts available in the Proactive Security Enhanced plan only.
25 Based on HP’s internal analysis of isolation security services that offer SaaS and managed services that include on-board
and configure, compliance enforcement ad malware threat analytics. Most advanced based on hardware VM isolation enforced
protection with individual browser tabs and apps in isolation as of March 2019.
26 HP Service Experts who conduct threat analysis and monitor isolation activity for HP Proactive Security are available for the
Enhanced plan only.
27 Based on HP’s unique and comprehensive security capabilities at no additional cost and HP Manageability Integration Kit’s
management of every aspect of a PC including hardware, BIOS and software management using Microsoft System Center
Configuration Manager among vendors with >1M unit annual sales as of November 2016 on HP Elite PCs with 7th Gen and
higher Intel® Core® Processors, Intel® integrated graphics, and Intel® WLAN.

© Copyright 2019 HP Development Company, L.P. The information contained herein is subject to change without notice.

4AA7-6415ENW, November 2019