This article has dealt with built-in software and tools provided by today’s advanced laptops. It also delves deeper to understand the advanced security offerings from vendors and the benefits users can enjoy from these.

Mobility of computers has offered more freedom and advantage to employees to stay agile in today’s competitive world. The mobility of laptops allows users to have their important files at hand as well as the means to update those files and copy them for others to use. Mobility of computing enables people to work on commutes and trips. Students will have the advantage of being able to take notes in class as well as have their personal computer with them for weekend jaunts to the homestead. People who work at home doing telecommuting jobs will be able to leave the house for a cup of coffee and a change of scenery without losing any work time.

But along with this mobility advantage, laptops bring some serious security concerns, which if ignored, can cause irreparable damages for individual or organizations. Loss of sensitive data can create an unexpected loss in terms of money or company reputation and credibility. To avoid these unwanted incidents, your laptop has to be packed with proper security software. Security software has, for the most part, kept pace with the ne’er-do-wells of the computer world to become an industry with a variety of tools we can use to keep our computers safe. In this article we will discuss different customized security software and tools offered by laptop manufacturers that targets different aspects of protection for your laptop, from theft recovery to secure data disposal to authenticated access and password management. Our discussion will be confined here only within security software and tools, which basically offered by vendors themselves and comes bundled with laptops.

Understanding Security Trend

Managing the security risks associated with using and storing sensitive data on a laptop computer is a continuing challenge. Several researches reveal that hundreds of thousands of laptops are lost or left behind at airports, and 65-69 percent of them go unclaimed in U.S. alone. For many companies, the loss of valuable information contained on the systems may be of even greater concern as it is assessed by research firms. Various reports suggest that a major percent of mobile professionals carry confidential company information and maximum of them don’t take steps to protect it. This data can include customer and consumer information, confidential business information and intellectual property such as software code and product renderings. “It’s staggering to learn that up to 600,000 laptops are lost in U.S. airports annually, many containing sensitive information that companies must account for,” said Larry Ponemon, chairman and founder of the Ponemon Institute, a research and analyst firm in U.S.
To help companies keep mobile workers and assets protected and connected, laptop vendors are expanding offers and services by introducing new customized security software and tools, new asset and data protection services models. These include:

• Laptop Tracking and Recovery – helps companies more accurately track and recover lost or stolen laptops.

• Remote Data Delete – enables customers to remotely delete sensitive company data if a laptop is lost or stolen.

• Hard Drive Data Recovery –Retrieves information from a failed or damaged hard drive.

• Certified Data Destruction – Destroys notebook data in a secure manner, providing certification of destruction, and disposing of the customer’s hard drive in an environmentally responsible manner.

• Smart Card security 

• Initialization and configuration of the Smart Card

• Manage Smart Card accounts and security settings

• Integration with supporting notebook BIOS requiring Smart Card to continue pre-boot process

• Embedded Security - TPM Embedded Security Chip configuration and management

• Multifactor Windows Authentication and Single sign-on

• BIOS configuration - BIOS configuration and security settings from within the Security Manager console

Another drawback to using one laptop at work and home is that viruses or other malicious software that infect the home system may contaminate the corporate network, which can be mitigated by implementing well recognized antivirus software in laptops. Now-a-days, these antivirus software come preloaded (only with one year license period) with laptops as a value addition to buyer. In addition to this, wireless networks available at airports, hotels, and other businesses present high security risks because they require you to disable any wireless encryption or access control on your laptop in order to connect to them. Any information you exchange is now sent unencrypted and your laptop may be subject to probes and scanning from other computers connected to the wireless network.

Offerings from Vendors:

Laptops will soon become more prevalent than desktops in business. Needless to say that a high level of security is critical for laptops, since industry workforce will be relying more and more on this computing device in near future. To address the needs of such security, vendors are providing advanced level of services and system features to keep users and mobile professionals and the company information they carry ‘Protected and Connected’ at all times.
Added layer of protection for the busy and fast-moving mobile workforce of today’s economy can help to be more productive and strong enough to face the challenges of business today.
Regarding security features, in its advanced line of laptops, HP provides a Smart Card reader, HP ProtectTools, TPM 1.2 Embedded Security Chip, Enhanced Pre-Boot Security, HP Disk Sanitizer, Enhanced Drive Lock, HP Fingerprint Sensor, Drive Encryption for HP ProtectTools, Credential Manager for HP ProtectTools, and File Sanitizer for HP ProtectTools, as well as optional Kensington lock, HP Privacy Filter, and McAfee Security Solution. The new security innovation is HP Spare Key, which addresses the hassle of forgotten passwords by using a sequence of three predetermined personal identification questions to gain immediate entry into the system.

Dell introduced Dell ProSupport Mobility Services, a suite of modular asset and data protection services to help companies protect laptop computers and company information, especially when the computers are lost – a growing problem for a mobile workforce. In addition to Dell ProSupport Mobility Services, Dell commercial laptop systems are available with advanced security features such as full disk encryption hard drives, TPM security chips additional user and hardware authentication tools and antivirus software. Integrated smart cards and fingerprint readers are also available for companies that want an extra measure of external notebook security.

Let us discuss couple of these advanced tools and software in details to understand their module of function along with benefits. This can help you to design your security model for your personal laptop as per need.

HP ProtectTools Security Manager

Built on open standards and HP intellectual property, HP ProtectTools Security Manager can be configured to prevent unauthorized access using Smart Cards, TPM Embedded security chips, USB tokens and other security technologies. HP ProtectTools Security Manager is completely customizable, which gives business customers the flexibility to choose the level of security that best meets their needs. The optional integrated Smart Card Reader on select notebook families provides simple deployment and management of this solution.

Smart Card-based solution is based on open standards, meaning easy implementation, integration, and maintenance. Same Smart Card can be used for multiple devices, including notebooks and handhelds, and multiple applications, such as user authentication and building access. As an additional benefit, console design can grow to incorporate new functionality from within the same user interface.

Pre-boot Security

Manage your notebook's security, even when there are multiple users per system. Using enhanced pre-boot security, you can enhance pre-OS usability of your notebook with any combination of biometrics (fingerprints), Smart Cards or passwords for up to five users. An extra layer of security, power-on authentication requires users to identify themselves with passwords, Smart Cards or TPM before the operating system will even start.

Secure Data and File Disposal

During the retirement phase of the PC life cycle, many companies dispose of PCs without properly removing confidential data. This is a serious concern, since the information on these hard disks can then be retrieved by unauthorized people. Many companies think that formatting a hard disk removes and destroys its data, when in fact this data – which can be highly confidential – can still be retrieved from these systems. With most operating systems, files that are deleted are not necessarily erased. In many cases, the only thing erased is the logical link to the file.Anyone with basic knowledge of data recovery can "undelete" it. Help ensure your data is properly erased when you're ready to redeploy or dispose of your notebook. HP Disk Sanitizer (shredder) permanently destroys data on your hard drive using a published U.S. Department of Defense Algorithm (Based on DOD 5220.22-M Chapter 8) so that it cannot be accessed even with advanced data recovery tools. File Sanitizer (shredder) for HP ProtectTools uses the same technology to permanently delete individual folders or files on command or automatically. Both features are built-in. They also eliminate the need to purchase third-party software to erase hard drives prior to recycling, reassigning, returning or otherwise disposing of your notebook, helping you save time and money.

ThinVantage Secure Data Disposal tool from Lenovo is indifferent to the operating system on a hard disk. It can ensure that any critical data is permanently removed from a PC before it is disposed. Secure Data Disposal tool detects all drives and partitions (including hidden partitions). Data, programs and any possible viruses will be destroyed on the PC before a new image is loaded with this tool and sensitive and/or confidential information will be destroyed permanently. It also records erasure transactions and allows customer defined report fields for audits and tracking.

ThinkVantage Client Security Solution

This hardware-software combination helps protect your company information, including vital security information like passwords, encryption keys and electronic credentials, while helping to guard against unauthorized user access to data. The Client Security Software wizard helps simplify installation and setup and includes a set of predefined security settings, allowing you to select the best suited to your needs. For enterprise customers, script-driven silent installations can facilitate large deployments and are complemented by the ability to push policies to clients from a central server.

• Simplify passwords: The Client Security Password Manager replaces multiple passwords with one easy-to-remember password or fingerprint (requires an optional fingerprint reader device), thereby reducing password reset calls to the help desk.

• Reset forgotten passwords: Users can pre-configure personal questions for this purpose. If the user later forgets his Power On password, Hard Drive password or Windows password, he can click a button, answer his pre-configured personal questions and CSS will reset his forgotten password, require a new password, and enable the user to log on.

Client Security Solution supports the use of a password, a passphrase or a fingerprint as authentication credentials for access to protected data. Where central management is an important requirement, Client Security Solution can be integrated into a Windows Domain Services management model. If very sensitive data must be protected on a PC, the customer can create policies that force multi-factor authentication. and can integrate Client Security Solution with best-of-breed data encryption solutions.

Client Security Solution includes Utimaco Private Disk Personal Edition so users can automatically lock valuable data with file and folder encryption. The size of the "disk volume" to be encrypted can be set by IT staff or controlled by the user. Only verified users can unlock the encrypted data, so sensitive information is better protected should a computer be stolen. For users interested in protecting all the data on their computer, full hard drive encryption is also available from Lenovo with Utimaco SafeGuard Easy (Availability varies by country).

Client Security Solution provides enhanced security for both wired and wireless networks. In both cases, the Client Security Solution and TPM ensure data confidentiality and availability by providing a hardware- and software-based architecture to provide better protection for sensitive keys, identity information and confidential data. Further, for wireless networks, the TPM hardware provides enhanced authentication and session confidentiality by concealing authentication credentials for industry-standard 802.1x protocols and Cisco LEAP.
By requiring an advanced means of authentication for your system—what you know (a passcode), what you have (using optional solutions such as a token) or who you are (biometric scan, such as a fingerprint)—you can help keep your digital identity and data more secure. The Client Security Solution and TPM store and enable user authentication through integrated hardware rather than in the software or memory, both of which are more vulnerable to unauthorized users. It also provides additional protection for digital IDs used for e-business transactions and network access.

The ThinkVantage Client Security Solution is certified RSA SecurID-ready for remote access protection, and can function as an RSA SecurID authenticator. As a result, mobile users can employ cost-efficient SecurID software tokens and carry one less piece of equipment on the road—without sacrificing security or budget.

Full Disk Encryption

Powerful, easy-to-use laptop data security is increasingly important as the global adoption of mobile PCs continues to soar and more notebooks are used to store sensitive personal and business information. Lost or stolen laptops can cost companies millions of dollars in compromised trade secrets and intellectual property and threaten consumers with the high cost of identity theft, yet many of the computers remain unprotected.

Today’s full disk encryption laptop drives deliver powerful protection against unauthorized access to information on lost or stolen laptop computers. Some of these drives even feature government-grade encryption that delivers powerful security for confidential customer or corporate information on executive laptop computers, critical customer data on field sales and customer support laptop PCs, and sensitive information on personal laptops.  Individual computer users who are not subject to corporate policies and regulatory compliance, don’t need multi-user encryption management and want to protect personal and other sensitive information can easily deploy a laptop with a FDE hard drive, which installs as easily as a traditional drive. After installation, the user sets the BIOS password, logs on as usual, and the security is in place. The hardware-based encryption engine delivers security without the overhead – no bootup delays, no system slowdowns – and the BIOS automatically authenticates the user for transparent security.

For organizations requiring the strongest authentication and a simple way to comply with state and federal consumer-privacy laws, FDE hard drive with built-in encryption – can be deployed in laptop fleets to enable secure disposal and repurposing of drives and laptops; security audits; password escrow; pre-boot authentication in the form of biometrics, passwords and smart cards; and simple centralized management. These drives use a powerful security platform that combines strong, fully automated hardware-based security with a programming foundation that makes it easy to add security-based software applications for organization-wide encryption key management, multi-factor user authentication and other capabilities that help lock down digital information at rest.

Advanced Theft Recovery Software

Today’s advanced laptops comes with integrated anti-theft and data protection solutions. According to surveys and reports, most of reported data breaches in 2008 were the result of a lost or stolen mobile device. As consumers carry more mobile devices, the risk of device theft also increases. With these advanced tracking software, laptop users are now able to take advantage of highly effective theft-recovery solution.

When a tracking software enabled netbook or laptop is stolen, the device owner can remotely activate tracking. Advanced tracking software will then determine the location of the device with 10-20 meters of accuracy using WPS. The software will also use the system’s integrated web camera to capture images of the thief and send it with location and network information directly to the device owner’s Flickr and email accounts. The data will continue to be sent over time until tracking is disabled.

Conclusion

If we look little carefully and compare all these built-in security software and tools, it is easy to understand that almost all the vendors are offering same software or tools but with different names and with little changes in approach. But what is more important to us, to understand the applications of these software or tools precisely and to implement them properly where they should be to harness the maximum advantage. Alone security tools or software can’t protect a laptop, until and unless we know to use them where, when and how.

—By: