Behind Bars: Securing your mobile parts

Behind Bars: Securing your mobile parts

As the insatiable appetite for mobile computing grows, security concerns are mounting. Industry commentators claim, not surprisingly, that the main concern is not so much the hardware, but the data.

"The data is the most critical to protect," Lenovo product manager, David Nicol, said. "This poses a challenge for companies adding mobile computing into the mix."

Notebook theft, unauthorised insider access, system penetration by outsiders, and theft of proprietary information were the main security breaches, HP Australia's market development manager for nc-series commercial notebooks, Laurie White, said.

According to analysts, a stolen notebook can cost a business up to $89,000, with the majority held in the value of lost data.

And as more and more enterprises move towards mobile and wireless technologies, the question becomes how to manage the complex multiple-device environments, IDC PC analyst, Mike Sager, said.

So how can we protect our assets and handle security issues? Notebooks solutions range from physical safeguards like cable locks to advanced features that protect data and control access - and the list is as long as your arm.

Basic security features such as Windows XP Pro login password protection and WPA had become standardised, so vendors were now looking for advanced ways to protect products and differentiate themselves, Optima notebook product manager, Henry Lee, said. But Sager said vendors were not responding to any particular security need - rather the vendors were ahead of the eight ball in terms of offering this type of functionality.

"In the past, vendors added security functionality after worries and concerns arose, but now they are anticipating the needs," he said.

While many vendors are touting security across the board, the added functionality makes most sense in the high-end corporate space and key verticals including the financial and government space.

"Getting secure data on mobile PCs has been a concern for about a year for places like trading houses, banking, financial services and government," Sager said.

Meanwhile, the SMB space isn't requesting whiz bang functionality - and Sager doesn't expect demand for enhanced security in the SMB mobility space to arrive for another year.

"Today, selling the security benefits to an organisation with 50 people or less is not needed," he said. "Not all parts of the SMB market need security in notebooks."

Security nuts and bolts

Given the increased trend towards enhanced security, what can resellers add to their kit bag when peddling mobile computing technology?

Optima, for its part, is looking at incorporating built-in fingerprint readers, as well as BIOS passwords - to prevent the PC from booting without a password and to stop unauthorized users from changing the BIOS settings - into its notebooks.

The company is also beefing up the physical protection of the unit with Kensington lock slots, Lee said, because the education, retail and corporate segments appreciate the added security.

HP has launched its most extensive secure line-up of business notebooks. The security feature sets are added to four different series of thin, lightweight business notebooks and Tablet PCs including the HP Compaq 8200, 6200, 6100 and 4200 series

There were a host of parts to the security features including Credential Manager for HP ProtectTools, which provided users with single sign-on capability and storage of a host of different passwords used to access websites, network resources and secure applications, White said.

Other security features include Smart Card pre-boot authentication and DriveLock hard drive protection. For wireless security, the notebooks feature support for the latest security standards such as Wi-Fi Protected Access Version 2 (WPA), which included improved data protection with AES encryption, White said.

The pre-OS authentication supported smart cards, security chips and passwords. And that was just some of the functionality, White said. Overall, he said the ProtectTools focuses on pre-boot security, offered single sign-on functionality, multifactor authentication, and was standards-based.

"We no longer see security as a trade-off. We are now making it one of the top priorities and selling points," White said.

Notebook heavyweight Toshiba is offering the EasyGuard security feature across its business notebook range. The company also offers built-in biometrics across its Protege range.

Toshiba's general manager of information systems, Mark Whittard, said there were a myriad of options under the EasyGuard suite of technologies. "The technology prevents buffer overflow virus attacks by enabling the notebook's processor to distinguish between bits of code that should be executed and ones that cannot be as they pose a threat to the system," he said.

Other features of EasyGuard include the trusted platform module, an industry standard that protects sensitive data, encryption and digital signatures to ensure content integrity and privacy; device lock, a software utility that allows locking of specific devices in order to prevent unauthorised access; and password utilities, which let users define password protection for both the system boot and hard drive access.

Asus managing director, Ted Chen, said Asus would further reach into the biometric arena and add facial recognition functionality to a line of corporate notebooks by the end of the year.

"We led the market with the addition of fingerprint identification two years ago," he said. "And now that the demand for notebook security has matured, we are adding in another layer."

Big Blue is also rising to the occasion and pitching integrated fingerprint readers on its T42, T43 and X41 ThinkPad models. The latest biometric move integrates with the Embedded Security Subsystem, which offers a security chip and client security software. The subsystem was the nuts and bolts of the protection system, Nicol said.

"It's like having a security guard for your notebook," he said.

"The technology protects vital security inform­ation like passwords, encryption keys and electronic credentials, while guarding against unauthorised access."

The security subsystem supports the needs of organisations that relied on smart cards for security, Nicol said. It also offers advanced security as it enables user authentication information inside the integrated hardware rather than in the software or memory, both of which are more vulnerable to unauthorised users.

The company is also adding an extra layer of protection and adding a third-party offering, dubbed Computrace.

"The agent is defined as part of the BIOS so even if the thief deletes the hard drive by sitting on the BIOS, the agent will rebuild itself and can be tracked over the Web or the network."

Acer is also jumping into the ring and offering an integrated smart card reader on its TravelMate 8100, senior notebook product manager, Antonio Leone, said.

VARs and the big security sell

Resellers can help organisations protect business critical data and networks with the added hardware and software functionality. But Is the message getting out to partners about security?

HP's White said the traditional notebook sale used to dish out facts and figures about technical specifications, but now security was a top selling point. Resellers have a role to play in the overall security plan.

"Resellers can close the gap between building security and IT [servers, firewalls, antivirus and the like]," he said.

Toshiba's Whittard said partners needed to brush up on security overall and become aware of the use of digital signatures, the trusted mobile platform standard, and encryption and data protection.

"Security is topical at the moment given business customers need to secure their data and networks," he said.

Optima's Lee said resellers needed to get more savvy about security - and would start ringing the bell by the end of this year. "Resellers are still pushing the speeds and traditional features of a notebook," he said. "By the end of this year, this will change as resellers start to focus on security."

Resellers would need to start focusing on developing overall security policies for corporate customers, Lenovo's Nicol said. Taking into consideration the three-year life span of a notebook, partners can help organisations handle security issues, integrate infrastructure and manage mobile devices.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments