Artificial Intelligence, Technology, Robot, Futuristic, Data Science, Data AnalyticsArtificial Intelligence, Technology, Robot, Futuristic, Data Science, Data Analytics

Endpoint Security

Securing AI at the Endpoint

Secure your organization's AI PCs with multiple layers of defense. Dell Trusted Workspace can help.
By   |  

On-device AI has huge benefits. But it also comes with cyber risk. Let’s talk about how to position your organization securely to take advantage of AI innovation at the endpoint. 

The attack surface of on-device AI 

Emerging technologies often come with cybersecurity challenges due to their novelty. On-device AI is no exception. The key to mitigating risk, as always, is to shed light on the unknown. Before we can talk about what security we need to minimize the attack surface, it helps to talk about what we are securing and why. Think about this like a system of pipes in a commercial building. These pipes carry water, gas, etc. for a variety of use cases. If the matter flowing through the pipes is contaminated or interrupted, it can’t do its job. If the pipes carrying the matter are damaged or corrupted, they can’t do their job. Bringing it back to AI at the endpoint:  

  • The pipes are your infrastructure – your PCs, your corporate networks. The how and where you work.  
  • The contents flowing through the “pipes” are the data, apps and models that fuel various AI use cases. The assets and resources you need to do your work. 

Cyber adversaries target both. They may steal IP to hold for ransom or poison data or models to impact operations. In any case, the consequences can be severe, leading to financial and reputational damage and/or triggering regulatory reviews.  

Security risks of AI at the endpoint 

Now, we’ll talk about methods attackers might use to access both targets: 

  • Device compromise. Endpoint devices are frequent targets in cyberattacks. Supply chain attacks—like tampering with circuitry or firmware—can introduce risk before devices even reach organizations. Imagine the pending disaster of an investment firm receiving a brand-new shipment of PCs with counterfeit components.   
  • Identity compromise. Stolen or compromised credentials are a growing threat vector. Attackers using valid credentials can infiltrate networks and stay undetected for months, putting sensitive models and data at risk. With Generative AI (GenAI) now enhancing phishing techniques, these breaches remain costly and difficult to contain.   
  • Insider threat. Recent research shows, compared to other vectors, malicious insider attacks resulted in the highest costs, averaging USD 4.99 million per attack. Keep in mind, insider attacks can happen across the hardware supply chain, software supply chain and model supply chain.  

What mitigates the risk of on-device AI and how Dell helps 

None of these attack targets or methods are fundamentally new. As always, focus on keeping your fleet secure and resilient. Layering on countermeasures can help reduce the attack surface and shed light on any suspicious behavior immediately.  

A zero trust mindset will mitigate risk across your fleet. These principles—never trust, always verify and monitor continuously— help keep you ahead of attackers.  

Adopt a zero trust mindset and implement multiple layers of defense to mitigate the risk of a breach.

With that framework in mind, reassess your infrastructure… especially systems and processes that interact with AI. What countermeasures minimize the risk of device compromise, identity compromise and insider threat?  

Foundational security for on-device AI workloads 

“Below-the-OS” security protects the AI devices you work on. We can break this into two parts: 

  • Defend your fleet with devices that are secure by design – i.e., they were developed with secure design principles and in a secure supply chain. 
  • Defend your fleet with devices that have built-in security. Secure AI PCs include layers of embedded protection that provide visibility – down to the BIOS – right out of the box.   

That’s how our technologists devise and design the security of our commercial AI PCs. Secure design, robust supply chain controls and optional supply chain assurance help ensure PCs are secure from first boot. Built-in hardware and firmware security keeps the PC protected from tampering and unauthorized access while in-use.  

“Above-the-OS” security protects access to AI models. Defend the data and models that you work with and corporate networks you work in with software security. It is essential to protect machine learning security operations and monitor network traffic of deployed AI workloads. Dell’s partner solutions, e.g., CrowdStrike Falcon XDR and Absolute Secure Access, apply zero trust principles to safeguard AI model supply chains. With granular access controls like role-based permissions, organizations can prevent unauthorized access and protect sensitive assets. 

All of this together – above and below the OS – is Security for AI. 

Security for AI single image Security AI at the endpoint Dell

Secure AI at the Endpoint with Dell Trusted Workspace 

AI holds immense promise, though many businesses lack the readiness to fully leverage it.  

absolute-resilience-risk-index-image
An analysis of millions of devices revealed a PC population unable to absorb new AI capabilities broadly. Source: 2025 Absolute Resilience Risk Index.

Dell can help bring it all together. Develop and deploy AI models on a secure foundation with Dell Trusted Workspace. Upgrade to Dell Pro or Dell Pro Max to unlock security benefits and defend AI workloads with the world’s most secure commercial AI PCs.* Reach out to Dell’s security specialists. 

*Based on Dell internal analysis, October 2024 (Intel) and March 2025 (AMD). Applicable to PCs on Intel and AMD processors. Not all features available with all PCs. Additional purchase required for some features. Intel-based PCs validated by Principled Technologies. A comparison of security features, April 2024. 

Rick Martinez

About the Author: Rick Martinez

Rick Martinez serves as Dell Fellow and Vice President for Security within the Client Solutions Group at Dell Technologies. Rick’s responsibilities include developing security strategy for Dell PCs focused on trusted and resilient platforms. In addition to his role as a strategist and people manager, he is a trusted advisor in the areas of secure development, governance and execution for Dell PCs and pan-Dell secure supply chain efforts. Rick joined Dell in 1997 and spent nearly two decades contributing to the security strategy and architecture for Dell BIOS and firmware, implementing many built-in platform security features including Signed Firmware Update (NIST 800-147), TPM and Secure Boot and SafeBIOS off-host verification. Since then, he’s continued to build comprehensive long-term strategies to help keep Dell PCs and customers secure. Currently, Rick is active in the evolution of the Dell Technical Leadership Community and serves as Vice President of the Trusted Computing Group Board of Directors representing Dell. He holds an Electrical Engineering degree from the University of Texas at Austin. He is a proud father of three daughters, a semi-retired autocrosser and a lifelong skateboarder.