You’ve implemented data security, but is your supply chain secure?

Hardware Security

The multiple recent reports from Bloomberg claiming instances where server mainboard hardware produced for leading IT firms including Apple and Amazon (among others) had been compromised by manufacturing subcontractors in China has shocked players from a variety of industries that depend on an Asian-based supply chain for electronics hardware. Whether the reports turn out to be true or not, what cannot be doubted is that players in the electronics hardware supply chain needs to assure their customers that they have taken the proper measures to make sure their entire production processes are secure.

For Lanner Electronics, the recent news only re-enforces the importance and confidence that we have in the policies adopted by the company over the past decade to ensure that we deliver secure and reliable ruggedized systems to our customers based on a made-in-Taiwan manufacturing strategy that features component traceability and an onboard firmware BIOS security feature set on our network appliances.

Over the past three decades, Lanner has been dedicated to being a leader in the rapidly-growing network security industry by supplying reliable hardware platforms for tier-one companies. As a long-term, trustworthy partner to our customers, Lanner has come to understand that leadership does not only mean possessing technological advantages when offering customized solutions for mission-critical applications, but we also need to take security into consideration when building network appliances based on our in-house manufacturing policies, component transparency and firmware hardware security.

All Lanner PCB motherboards used in network appliances are engineered by the Lanner R&D Team and manufactured in Lanner’s in-house manufacturing plant located in new Taipei City, Taiwan, where all of our PCB automation systems and production lines, including lines featuring auto insertion SMT machines and dual in-line package (DIP) are installed. To ensure the highest possible standard of performance and security, each PCB we manufacture are verified by a fully equipped PCBA testing team, including automated optical inspection (AOI) and in-circuit testing, for precise component placement and full-function testing.

Lanner supports a manufacturing area of 30,000 square meters at its facilities in Taiwan, with enough production capacity to manufacture 40,000-50,000 systems a month.

In addition, Lanner is committed to enabling visibility in the supply chain, allowing our customers to keep track of components to reduce the hardware security risk. Lanner has implemented a real-time MES traceability system, adopting RFID to record the ID of each components on PCBs used in the system in real time, allowing us to indicate when the component is being inserted and keeping all vendor information in check.

To further strengthen manageability and security in Lanner network appliances, Lanner has established teams of software experts to offer value-added packages for firmware/BIOS security. The packages include security features like Secure Boot, Boot Guard and TPM, as well as remote management such as IPMI, aiming to build high performance network appliances without compromising overall hardware security.

One of the most glaring aspects of the recent reports of compromised hardware in the server mainboard supply chain is that manufacturing was sub-contracted out to players in China. For any vendor looking to use the Asian supply chain to supply IT hardware, it is imperative that you work closely with your supply chain partners and understand how they are manufacturing their products and to not be afraid to conduct an audit of the manufacturing process.

After all, it is not just the security of the products that you need to guarantee but the entire process of production, which ends with your name being placed on the product.

You’ve implemented data security, but is your supply chain secure? was last modified: December 12th, 2018 by Michael McManus
Hand-picked posts from our blog, delivered to your email.

SUBSCRIBE