Categories
IT Security Outsourced IT

BIOS Security

What is BIOS Security?

Basic Input Output System (BIOS) is software stored on a small memory chip on a computer’s motherboard. It has a number of different roles, but its most essential function is to load the operating system. When the computer is turned on, the microprocessor tries to execute its first instruction, which the BIOS provides. Other tasks that BIOS performs include:

POST. Power On Self Test (POST) is the initial set of diagnostic tests performed by the computer right after it is powered on. A POST for all of the different hardware components in the system is performed in order to check for any hardware related issues.

Chips. BIOS activates other BIOS chips on different cards installed in the computer, such as SCSI and graphics cards.

Routines. BIOS performs a set of low-level routines that the operating system uses to interface with hardware devices such as the keyboard, screen, serial ports, and parallel ports, while the computer is booting.

Settings. BIOS manages a collections of settings for the hard disks, clock, date, and computer passwords.

When the computer is turned on, BIOS does the following1:

  • Checks the CMOS Setup for custom settings
  • Loads the interrupt handlers and device drivers
  • Initializes registers and power management
  • Performs the power-on self-test (POST)
  • Displays system settings
  • Determines which devices are bootable
  • Initiates the bootstrap sequence

BIOS security is integral to the protection of a computer. If BIOS is not secured, cyberattackers can access and manipulate a computer’s information, possibly gaining control over an entire network. There are three primary methods used to protect BIOS2:

BIOS passwords. Since the BIOS starts before the operating system, the user must enter the password before the operating system and most hardware is permitted to start. After the BIOS password, a second password is required to access a computer’s features. Using two sets of passwords adds an extra layer of security to protect against password-cracking.

Trusted Platform Module (TPM). TPM technology provides hardware-based security functions. A TPM chip is a secure crypto-processor designed to carry out cryptographic operations, and it has several security features that make it resistant to tampering and hacking. The most common TPM functions are used for system integrity measurements and for key creation and use. During the boot process, the boot code is loaded along with firmware and operating system components that can be measured and recorded in the TPM to provide evidence that the system was booted properly.

Full-disk encryption (FDE). FDE transcribes all of the information on the system’s hard drive from plaintext to ciphertext, protecting the entire disk volume and files by making it only understandable to those with authorized access.

1 Tyson, 2022, “How BIOS Works”

2 Trick, 2022, “How to Secure Your BIOS”