SA-19 — Component Authenticity

Verify that system components are authentic and not counterfeit. Counterfeit components may contain backdoors, malware, or simply fail when you need them most.

Example 1: Purchase IT equipment only from authorized resellers or directly from manufacturers. Verify component authenticity by checking serial numbers against manufacturer databases before deployment. Report any suspected counterfeits to the manufacturer and appropriate authorities.

Example 2: Implement anti-counterfeit procedures in your procurement process: require certificates of authenticity from vendors, verify firmware versions against manufacturer specifications, and use hardware authentication features (like TPM attestation) to verify component integrity during system boot.