Security Solutions Advanced Theft Protection Notebooks

Transcription

1 Issue July 2009 Security Solutions Advanced Theft Protection Notebooks Pages 9 Index Introduction 2 Advanced Theft Protection: The story behind 2 Approaching the challenge 3 The Layered Approach 3 Fujitsu s Offering Advanced Theft Protection (ATP) 4 Offering #I Absolute Track 4 Offering #2 Computrace Data Protection 4 Offering #3 Computrace One 4 Offering #4 Fujitsu Advanced Theft Protection (ATP) 4 Advanced Theft Protection 5 steps 5 Safe computing: What do you need 5 Fujitsu is taking the lead to deliver secure IT 6 What does the Computrace Agent do, exactly? 6 Persistence Ensures Effectiveness 6 FTS Advanced Theft Protection 7 Local and remote responses 7 Local timer expiry can trigger PC disable 8 Easy reactivation and full system recovery 8

2 White Paper Issue: 9 ATP Advanced Theft Protection Page 2 / 8 Introduction Advanced Theft Protection: The story behind Laptops Make Easy Targets Increased portability means increased convenience - and increased risk of loss or theft. Laptops are easy targets: they are designed to be portable, and thus disappear at an alarming rate. This problem will likely worsen over time as laptop use increases and thieves become more sophisticated in their methods. A stolen laptop can quickly be fenced, or sold, for cash. The proliferation of portable devices in the last decade has made it far easier for criminals to acquire sensitive information such as banking or medical information. Criminals have been known to destroy a company s or individual s reputation for profit, spite or sport. Countless high profile organisations have faced the humiliation of informing tens of thousands of clients that a device, such as an employee s laptop, has been lost or stolen and that their personal information may have been compromised. While encryption helps to protect data, organisations that do not have a technique for swift recovery can never truly ensure their clients confidentiality. When a computer has been lost or stolen, there is a very real possibility that the data stored on it will be compromised whether the data has been encrypted or not. The victim must live with the anxiety of never knowing how or when the data will be exploited or for what unscrupulous purposes. Organisational Drift To ensure regulatory compliance, IT professionals must be able to protect data, track hardware and software, provide auditing capabilities and maintain historical records. Yet mobile assets can be the most difficult to track: a Gartner study suggests that most organisations are only able to locate about 60% of their mobile assets, which raises the following questions: Where are the other 40%? Who is using them? What information resides on them? Not all missing assets are a result of theft. As much as 10 to 15% of missing computers can be attributed to drift within an organisation. Assets are taken out of service (broken or obsolete or are handed down internally to junior employees). Regardless of why devices go missing, most are very likely to contain sensitive or confidential data information for which the organisation is responsible and liable. In cases like these, a remote data delete software product (see next section) can be efficient and effective; it should also provide proof that the data has been deleted. Lifecycle Management Even the simple retirement of old hardware (through obsolescence or end-of-lease), requires sensitive data to be removed from a device before it is repurposed internally, sent for recycling or returned to the leasing agency. Numerous examples exist in the media of sensitive information being found on refurbished computers. Deleting and overwriting data remotely for lifecycle management serves as a blunt but effective reminder to the user that the computer is overdue to be returned to the IT department. Using built-in messaging capabilities, like those available through Computrace by Absolute Software, IT can also send pre-defined alerts to target machines, reminding users to return their overdue computers. Data Encryption = A First Step Of Securing Data But A False Sense of Security Data encryption solutions are powerful tools but they are a lot like prison walls: they prevent most common breaches, but are powerless to stop a criminal in possession of keys to the gates. Given that Gartner estimates that 70% of security breaches occur as a result of internal sources, encryption may only be effective in as little as 30% of all incidents. Encrypting data is therefore a necessary first step toward data security but hardly a guarantee that data is secure or that data will not be compromised. Data Protection with Remote Data Delete Tools Government legislation exists in numerous jurisdictions mandating that any security breach that is reasonably believed to have compromised personal information must be publicly reported. By remotely deleting sensitive data on missing computers, an organisation can avoid potentially damaging publicity or litigation. Remote data delete software like Computrace provides this capability and can remove data at the file, directory and/or operating system (OS) level. Computrace utilises an algorithm to delete data that deletes and overwrites the data seven times to ensure that it is permanently erased.

3 White Paper Issue: 9 ATP Advanced Theft Protection Page 3 / 8 Laptop Theft Affects Everyone Since early 2005, more than 150 million personal records have been exposed % of organisations surveyed reported they have had a data breach event. 3 47% of computer security professionals surveyed reported a laptop theft over the past 12 months. More than 50% of malicious corporate network penetrations are now conducted through lost or stolen mobile devices 4. Today s computing assets contain more sensitive and valuable information than ever before making each computer a potential liability without proper protection. Governments, businesses and educational institutions risk costly legal battles and public relations nightmares even if only one laptop goes missing. Encrypting data on laptop computers helps promote laptop security, but: Encrypted data is not necessarily secure data. Approaching the challenge The Layered Approach Single point solutions such as encryption alone are no longer sufficient to adequately protect an enterprise from all points of attack. IT departments getting by with minimal compliance protection expose themselves to unnecessary risks and potential liability. Multi-layered security strategies, which provide the below capabilities, are therefore necessary. Asset Tracking The ability to track physical location and asset information for every mobile device connected to an internal network or the Internet, and provide dynamic reporting to help achieve regulatory compliance. Data Encryption The ability to protect mobile data from unauthorised parties. Remote Data Delete The ability to remotely delete sensitive information from a compromised device through centrally issued commands. Remote Lock Down The ability to remotely (via client notification) or automatically (via client-side intelligence) lock down a system quickly in case of loss, theft, or suspicious circumstances. Audit Logs The ability to produce defensible records that can verify what confidential information was lost or stolen, what data was removed through a remote data delete, and the last known location of the mobile asset. Theft Recovery After the system has been reported stolen to the local law enforcement institutions, the services of a Theft Recovery Team to locate a stolen laptop and assist law enforcement in retrieving the stolen hardware. 1 Bates & Pell 2 Privacy Rights Clearinghouse, A Chronology of Data Breaches, April 9th Scott and Scott LLP and Ponemon Institute LLC, May 15th FBI & CSI s annual Computer Crime and Security Survey, 2006

4 White Paper Issue: 9 ATP Advanced Theft Protection Page 4 / 8 Fujitsu s Offering Advanced Theft Protection (ATP) Fujitsu recognized the necessity for layered security and offers an ultimate solution to cover security needs of all kinds. Using a modular approach, Advanced Theft Protection responds precisely to the different requirements of large enterprises as well as small and medium-sized business. Fujitsu s ATP, together with Computrace by Absolute Software and Intel Anti-Theft Technology, is fulfilling the need for real security. Offering #I Absolute Track Lost or drifting assets challenge productivity; and are particularly challenging in small companies with a lower number of notebooks which are relatively expensive to replace. Helping to limit organizational drift and locate missing computers faster, Absolute Track tracks hardware and detects its location as soon as the device is connected to the Internet or Intranet. Embedded in the BIOS firmware of Fujitsu computers, the Computrace Agent provides tamper-resistant defense that works even if the Operating System is reimaged or a new hard-drive is installed. In addition, Absolute Track provides you the functionalities to monitor and manage your IT assets. Offering #2 Computrace Data Protection Computrace Data Protection extends the features of Absolute Track with data deletion functionality. Data on systems that are missing, stolen, or at the end of lease or life can be deleted remotely. After deletion a log file is created to meet compliance with corporate or governmental regulations Offering #3 Computrace One Computrace One extends the features of Computrace Data Protection with Theft Protection and Recovery. If a system is reported stolen to the police and to the Absolute Customer Center, the Absolute Theft Recovery Team will work with local law enforcement authorities to detect and recover the system. Offering #4 Fujitsu Advanced Theft Protection (ATP) Fujitsu s ATP offers hardware-based client-side intelligence to secure the PC and/or data if a notebook is lost or stolen. Because the technology is built into PC hardware, it provides an additional layer of tamper-resistant defense that works even if the notebook is disconnected from the Internet. ATP provides system lock and disabling either timer scheduled or remote. After the lock down, the system cannot be booted anymore. Note: Only available for Intel vpro capable systems from Fujitsu

5 White Paper Issue: 9 ATP Advanced Theft Protection Page 5 / 8 Advanced Theft Protection 5 steps 1. Add Fujitsu Advanced Theft Protection to your order 2. Subscribe the registration page by Absolute Software 3. Download agent from the Absolute Customer Centre, install and activate the agent on your notebook If system gets lost or stolen 4. Call service or report the incident online at the Absolute Customer Center 5. Theft trigger will be activated and defined recovery tasks are executed Safe computing: What do you need For the Remote Lock down feature an Intel AMT capable notebook (AMT can be deactivated) with Computrace enabled BIOS. Buy the full security solution service brought to you by Fujitsu Install Computrace Agent Model Tracking Asset Monitoring Remote Data Delete Recovery Remote Lock Down By when LIFEBOOK Series All LIFEBOOK All Lifebook All Lifebook All Lifebook E8420 T5010 Q2/2009

6 White Paper Issue: 9 ATP Advanced Theft Protection Page 6 / 8 Fujitsu is taking the lead to deliver secure IT What is Computrace by Absolute Software? Offers managed computer theft recovery, data protection and IT asset tracking and management Allows customers to centrally track and manage mobile devices via a web-based interface The Absolute Customer Center Provides 100% accurate inventories for remote and mobile devices, on or off the network Easily tracks device s physical location and monitors changes in asset information Enables customers to remotely delete sensitive data on target computers and produce a log of deleted files to prove regulatory compliance Facilitates the industry leading computer theft recovery capabilities of the Absolute Theft Recovery Team Tracks computer using a small software agent that is rapidly deployable, and, embedded in the firmware of many Fujitsu computers, highly tamper resistant What does the Computrace Agent do, exactly? The Computrace Agent that powers Absolute Software solutions is embedded in the firmware of Fujitsu clients or it can be installed by the customer. Embedded in the firmware of a computer, the stealthy Computrace Agent is capable of surviving operating system re-installations, as well as hard-drive reformats, replacements and reimaging. The Agent can be activated by customers when they purchase a subscription with terms ranging from one to four years. Persistence Ensures Effectiveness Employing a self-healing technology called persistence, the Computrace Agent essentially rebuilds the agent software installation, even if the agent service is deleted. The software is designed to be removed only by an authorized user with the correct password. This self-healing feature will repair a Computrace installation in newly formatted or installed operating systems as well as freshly imaged systems. The agent is also very difficult to detect, as it runs as a non-descript service, and is not listed as an application. As well, the product does not show up on the programs menu listing or as a system tray icon.

7 White Paper Issue: 9 ATP Advanced Theft Protection Page 7 / 8 FTS Advanced Theft Protection Detection of potential loss or theft situations can take place locally or remotely. For example, detection can occur via a remote connection to the theft management server over the Internet. Hardware-based detection and trigger mechanisms include: Timeframe rendezvous requirement The system can be disabled if the notebook does not periodically rendezvous with the Absolute Customer Center within the IT-specified time interval. Notification from the central server After being notified of the notebook s loss or theft, IT flags the notebook in the Absolute Customer Center. The next time the system connects to the Internet, the notebook contacts and synchronizes with the central server. When ATP receives notification from the server that the notebook has been flagged as stolen, ATP disables the PC so that it cannot boot up and blocks access to the data on it. A key benefit of the ATP hardware-based detection mechanisms is that the timer can work even if a network connection is not available. ATP with Computrace can also integrate with existing encryption solutions PBA. Local and remote responses IT can respond to potential theft locally and automatically (based on predefined criteria), or remotely. Disable the PC, by blocking the boot process, even if the hard drive is replaced or reformatted.

8 White Paper Issue: 9 ATP Advanced Theft Protection Page 8 / 8 Local timer expiry can trigger PC disable Let s have a look at an example: A research scientist s notebook might contain highly sensitive data about a new invention. In this case, IT has defined the triggers on the scientist s notebook to require that the scientist log in daily. During a family event, the scientist takes time off and does not log in for two days. Based on locally stored policy for the rendezvous with the server, the timer expiry threshold is reached, the notebook enters theft mode, and disables itself. Even if the notebook is removed from the lab while the user is away, the notebook has secured itself until the scientist returns and reactivates the system. Easy reactivation and full system recovery To speed up recovery when a notebook is being returned to service, ATP with Computrace makes it easy to reactivate a notebook. The user or IT administrator simply enters a strong one-time token in the reactivation screen the only screen available after a lockdown. This resets the timer and allows the system to boot to its normal working state. With ATP with Computrace, IT has a simple, inexpensive way to restore a notebook without compromising sensitive data or the system s other security features. All rights reserved, including intellectual property rights. Technical data subject to modifications and delivery subject to availability. Any liability that the data and illustrations are complete, actual or correct is excluded. Designations may be trademarks and/or copyrights of the respective manufacturer, the use of which by third parties for their own purposes may infringe the rights of such owner. For further information see ts.fujitsu.com/terms_of_use.html Copyright Fujitsu Technology Solutions GmbH 2009 Published by department: Clients Product Marketing Manuel Deuse Phone: Fax: manuel.deuse@ts.fujitsu.com ts.fujitsu.com Extranet partners.ts.fujitsu.com