Hewlett Packard Enterprise (HPE) announced a secure supply chain initiative to boost customer trust in the lifecycle security of its products with U.S.-made servers as the COVID-19 pandemic has disrupted global supply chains.

The new HPE Trusted Supply Chain process targets U.S. customers across federal, public sector, banking and financial services, and health care.

“HPE is the only major server manufacturer to ship the world’s most secure, industry-standard servers that are securely sourced from the U.S.,” wrote Bob Moore, director of server software and product security for HPE Hybrid IT, in a blog post. “While our current supply chain processes and procedures surpass all regulatory standards for cybersecurity, such as with the National Defense Authorization Act, HPE is elevating the ability to deliver products to our customers securely.”

HPE started shipping its new ProLiant DL380T server to U.S. customers — this is the first industry-standard server to be produced through the secure supply chain initiative — and it plans to expand to the rest of its portfolio in 2021.

The Trusted Supply Chain process covers server components, manufacturing, distribution, and shipping, and HPE says only employees with verified background and security checks will build these products.

It builds off of HPE’s silicon root of trust security technology, which creates a digital fingerprint in the silicon and prevents the servers from booting with any compromised firmware. Marsh Insurance recently recognized HPE’s silicon root of trust for its ability to reduce risk in its new Cyber Catalyst program.

The new supply chain security process also enables customers to use the UEFI Secure Boot, which connects the HPE silicon root of trust to the operating system. Additionally, it reduces the attack surface by placing servers in high security mode to verify user authenticity and ensure that more than 4 million lines of firmware code is valid and uncompromised. It uses a server configuration lock to verify unauthorized addition of NICs and drives as well as malicious activity by capturing the inventory or a “picture” of the server, its hardware, and firmware at the factory, which enables traceability and improves security throughout the supply chain process.

And finally, an embedded alarm alerts customers with a physical lock if the server has been opened during the supply chain process when an intrusion detection latch, inserted on the server chassis, registers unauthorized opening even if the power is off.

The vendor plans to expand production through the HPE Trusted Supply Chain to include its other servers and systems in 2021. Also next year, customers from select countries outside of the U.S. can purchase products delivered through HPE Trusted Supply Chain.

All new HPE servers produced through the HPE Trusted Supply Chain will be offered as-a-service through its GreenLake cloud-delivered portfolio.