New cybersecurity threats: much bigger than you thought
The world and society are changing rapidly, becoming more computerized, technology-dependent. In some ways this creates the illusion of freedom. If earlier employees were tied to the office, now they have the opportunity to work anywhere: open a laptop, start mail, connect to the company’s server, and go. Mobility and remote work are a global trend. Millennials and the so-called “Generation Z” categorically refuse to sit in the office. And by 2025 they will make up 75% of the workforce .
Moreover, modern technology allows you to work from home, and this is not only a higher level of flexibility, but also greater employee efficiency. This approach offers an increasing number of enterprises, which gives employees the opportunity to carry out their work in more comfortable conditions. According to Eurostat , 35% of businesses in Europe currently offer their employees the opportunity to work from home. But there is a flip side to the coin.
The growing number of employees working outside the office poses complex security challenges for IT departments. Total costs for this area are growing year by year, and gaps in the IT security system are becoming more expensive.
The IT security market is one of the fastest growing, but still immature. As an example, you can tell an interesting story that happened with one of the casinos in Las Vegas. It is unnecessary to explain that the casino carefully monitors the security of their data, but the trouble came from where they did not wait. There was an aquarium with exotic marine fish in the lobby of the casino, and the casino installed a “smart” thermostat to make it easier to control the state of the water. The attackers managed to crack the thermostat, through it they got access to the casino’s internal network and downloaded everything they needed from there. The casino learned about what happened only a few months later.
In fact, the existing risks are quite varied and vast, and the future seems even more frightening. Data loss can occur in various forms, for example, password theft or even the computer itself. According to statistics, about 70% of all security incidents in the world are associated with “ identity theft ”. Such a cybercrime takes place every two seconds. And more than 80% of cases the cause is - weak passwords .
All this can lead to the fact that criminals can get their hands on confidential personal or corporate information. For this reason, many enterprises do not fully utilize the opportunities of office work of employees. And in general today, sometimes a paradoxical situation develops: innovative solutions that should protect users sometimes carry risks for themselves. And new technologies mean new risks and threats.
According to the researchers , in the coming years the world will see an unprecedented “heyday of cybercrime." The development of technologies and blurring of the boundaries between personal and working devices, mainly smartphones, laptops and tablet computers (most of them will have a permanent connection to the Internet) will result in attackers gaining access to personal data, corporate confidential and sensitive information, much easier.
The role of the PC is changing, new form factors appear, for example, folding devices. Molecular, optical, and quantum devices are being developed, and new types of interfaces are being developed.
Gadgets and smart devices collect a wide variety of information about their owners. It seems that “smart homes” will know everything about their residents. Dangers are all that connect to the Internet. Even in Tesla electric vehicles , a vulnerability was found , and remote exposure can lead to death. All this increases the number of vectors of digital attacks.
Threats to information security are taking on a whole new look. This applies to all three types of tasks that remedies must address, including threats to accessibility, integrity, and confidentiality:
Almost everyone faces information security threats. Significant risks are malware (viruses, worms, trojans, ransomware), phishing (gaining access to user logins and passwords) and identity theft (using other people's personal data). The subject of hunting for cybercriminals can be accounts in social networks and applications, passport data and bank card data.
Thus, according to the US Bureau of Labor Statistics (BJS), the annual losses from identity theft (Identity Theft) in the country are approaching $ 25 billion. Moreover, the damage from all other thefts (household thefts, car thefts, robberies) does not exceed 14 million dollars
Neglect of security principles has led to a number of large-scale data theft: Equifax, Yahoo (twice), MySpace, Heartland Payment Systems, Sony PlayStation Network, CardSystems Solutions and TJ Maxx have compromised a total of about a billion accounts.
One of the most notorious data breaches in recent years has been the case of Equifax , one of the top three credit reporting agencies. The victims were about 147.9 million people. Or an incident with Uber in 2016, when hackers stole data on 57 million Uber customers, and the company paid $ 100,000 to hide the theft.
Meanwhile, criminals are already actively exploring areas such as robotics, artificial intelligence. It is not good that a hacker gains access to confidential financial information, intellectual property, information about customers and / or employees of the company. But in the Internet of Things (IoT) situation, the stakes are even higher. Imagine the potentially terrible consequences for people of using vulnerabilities of a system by a hacker in autonomous cars, electric networks, or medical devices with remote monitoring functions.
For this, new means of protection are needed. For example, no matter how much we rely on antiviruses installed on our PCs today, any personal computer is 95% defenseless. Computer security specialist and author of The Threats and Crimes of the Future, Mark Goodman, compares this situation to human immunity: if a person were not as protected from infection as today's computers, he would die in a few hours. The era of antiviruses, according to the author, is over.
Today it is difficult to single out any separate breakthrough information security technology. Currently developing the “newest” areas were mainly introduced for the first time more than ten years ago. These include, for example, machine learning, and cloud detection technologies.
Meanwhile, companies that do not provide protective equipment for their products will leave the market in three to four years. Cyber attacks are moving from the financial sector to industry, the transport industry, retail and other sectors of the economy, new attack objects, for example, networks of IoT devices, have appeared, and the complexity and complexity of threats are growing. Businesses recognize the importance of protecting their IT infrastructure and information, and are increasingly investing in “secure” IT solutions.
The rapid pace of product development and the presence of a constant threat from hackers lead to the fact that no manufacturer can guarantee a complete absence of vulnerabilities in their products. At the same time, most vendors understand that it is necessary to protect customers from constantly changing security threats, and the delivered products and solutions must contain means of protecting confidentiality, integrity and availability of data. A team of security professionals with experience in various fields are working on this. Of course, all vendors have different approaches. Here's what Lenovo is doing in this area:
All these measures help to monitor potential risks on an ongoing basis and enable ways to mitigate them.
Active work on the inaccessibility of devices leads to the emergence of increasingly reliable and convenient means of protection. At the same time, we have to act in a number of directions ahead of schedule so as not to become, according to the well-known dictum of Winston Churchill, “generals who are always preparing for the past war”.
Of course, you need to understand that no security strategy is absolutely perfect. However, security tools, measures and policies are intrusive and adversely affect user productivity. According to researchDimensional Research: The Value of a Great Desktop Experience, 62% of users said that “unobtrusive security” was a very important factor in increasing their productivity.
Lenovo is making a lot of efforts to ensure that its products are at least as competitive as the quality of security solutions. For example, it offers multicomponent and multifactor authentication systems that can work both individually and in combination. Among them there are standard ones, such as fingerprint scanners, and there are more interesting ones, such as protection based on IP-address and GPS-tracker. As one of the safest options, the company offers the use of smart cards that are inserted into a laptop.
Lenovo also works in partnership with Intel, Microsoft, Absolute, and other vendors to provide security during the process. For example, there is a proprietary utility from Coronet for protection when connected to public Wi-Fi networks.
In addition, Lenovo is one of the founders of the FIDO Alliance. FIDO, which includes the giants of the global IT industry (Google, Microsoft, Amazon, Intel, Infenion, NXP, Lenovo, RSA), financial companies (PayPal, MasterCard, VISA, Goldman Cachs, ING) and many smaller companies, offers A secure way to register in the cloud and provides transaction protection with fingerprint verification. In this case, passwords are no longer routed to database servers. Encryption is performed using public keys, while the keys remain on the devices. With this protection scheme, in addition, it is impossible to track the relationship between services. The FIDO paradigm is safety and usability.
The universality and standardization of U2F (Universal Second Factor) technology, promoted by the FIDO Alliance in recent years, promise it a great future, but so far it has not become widespread.
The essence of technology is as follows. For authentication, the Google Chrome web browser that supports the U2F specification is used. During the registration process, the user presents a U2F device on which the cryptographic keys are generated, which will be used for authentication. Public keys are sent to web resources and stored in user accounts. For authentication, a protocol based on asymmetric cryptography is used. For authentication, the user enters a username and password, and then connects a device that performs operations without entering a PIN code.
How to ensure the confidentiality, accessibility and integrity of information? By continuing to use traditional password authentication to access their information resources, companies are effectively putting them at risk. This applies primarily to companies in the financial sector. Indeed, according to statistics, about 80% of incidents in the field of information security occur due to the use of weak passwords. Weak user passwords are the most vulnerable place used by cybercriminals.
The advantages of multifactor authentication include its ability to protect information from both internal threats and external intrusions. It is based on the sharing of several authentication factors, which greatly improves security.
A well-known example is SMS authentication, based on the use of a one-time password. The advantage of this approach, compared with a permanent password, is that this password cannot be reused. An example of the use of biometric devices and authentication methods is the use of a fingerprint scanner with confirmation of password credentials. Other biometric authenticators can be used in a similar way: the shape and size of the face; voice characteristics; pattern of the iris and retina; voice authentication.
There are also software and hardware solutions, such as autonomous keys for generating one-time passwords, RFID tag readers, software and hardware tokens, and electronic keys of various types.
Biometrics can also be used as the second authentication factor (the first is the password). For example, “Match-On-Card”, “Match-On-Chip” and similar technologies allow you to replace the input of a PIN code with fingerprint analysis, which adds ease of use, since you do not need to remember and enter a PIN code.
Lenovo ThinkPad laptops use advanced biometric authentication, a camera that supports face recognition to log on to Windows Hello. The computer may be equipped with a built-in fingerprint recognition device. Intel Software Guard Extensions (SGX) protects user data, and the fingerprint scanner provides a high level of security thanks to TLS 1.2 encryption.
Match-on-chip fingerprint reader adds another layer of security. Lenovo Biometric Fingerprint Recognition with Intel Active Management Technology (AMT) simplifies access control and security policies.
The fingerprint scanner only forms a bitmap image of the fingerprint pattern. Further image processing, forming a template based on it, loading the template into a smart chip. Pattern comparisons are performed inside a chip that supports Match-on-chip technology. This biometric control technology allows you to build reliable solutions with two- or three-factor authentication. The biometric identification method can be used both in place of the PIN code, and in combination with it. Since the comparison is made exclusively within a special chip, the authentication process is highly protected.
By registering your fingerprint and associating it with a password when you turn on the PC, a password for accessing the hard drive, or with both passwords, the user can log into the ThinkPad Setup without entering a password: fingerprint authentication will be used instead of passwords, which provides a simple and secure user access.
For additional protection, you can install Client Security Solution. ClientSecurity Solution is compatible with several authentication mechanisms (for example, with mechanisms that include fingerprint and smart card authentication).
The fingerprint scanner is very reliable. As already noted, it uses Match-on-chip technology. In this version of the fingerprint scanner, authentication data is stored immediately in the chip - this option is more difficult to circumvent.
The entered data is processed by the scanner, and the fingerprint processing module is responsible for all the fingerprint images, preventing unauthorized entry into the system.
Fingerprint scanners are used today in many places. And these are not only state and commercial structures. In consumer electronics, compact fingerprint scanners are also used - these are desktop computers, laptops, and smartphones. You may get the illusion that you are very well protected. But is it? There are a number of known methods of "deception" of such systems. Lenovo’s Match-on-Chip fingerprint scanner places fingerprint scans in a secure storage on the FPR chip, which provides additional data protection from intruders.
The laptop also has a built-in Trusted Platform Module (dTPM), which encrypts user data. Fast Identity Online or FIDO Authentication provides stronger authentication and three-level information security. FIDO authentication is used to control credentials when visiting sites such as Facebook or Google, or making payments through PayPal, Visa, etc. ThinkPad was the first corporate laptop with authentication support for PayPal authorized by FIDO. The built-in fingerprint scanner allows you to log in to your PayPal personal page.
You can also access sites using a fingerprint scanner through the Universal Authentication Framework (UAF) or a button on the screen through the Universal 2nd Factor (U2F). Thanks to these built-in FIDO authentication methods, websites receive fully protected security keys, which greatly enhances the protection of personal information and prevents fraud.
The scanner can also serve as an additional security factor in addition to using the standard ID and password. Unlike individual security keys or SMS codes, an additional authentication factor is built into the PC, providing more reliable protection of personal data and simplifying the process of logging into Google, Facebook, Dropbox and other services.
These developments were included in the set of protective equipment introduced at the end of last year, called ThinkShield. This platform comprehensively protects Lenovo devices and combats common vulnerabilities. ThinkShield was designed to protect devices, protect against identity theft on the Internet, and protect sensitive data.
A complex of protective measures is needed to protect against such incidents. That is why Lenovo ThinkShield provides basic privacy, authentication, data protection, and network vulnerability detection.
The ThinkShield Security Toolkit for ThinkPad Computers Lenovo plays a key role. It includes a whole range of protective equipment, from the simplest to the most advanced:
For example, the Lenovo ThinkShutter camera shutter allows the user to decide for himself whether someone will see him. There are thousands of videos online where the hero (or heroine) is not even aware that the laptop’s camera is recording. Now, to prevent this from happening, you do not need to tape the cameras on laptops with tape. There is a more elegant solution to protecting your privacy. You need to call on Skype - open the curtain. I want to be "invisible" - close, so as not to become a "YouTube hero". The solution is not new, but effective and convenient.
All ThinkShield systems support FIDO, the secure authentication standard offered by Microsoft Hello Windows, as well as Intel Authenticate with multi-factor authentication. A high level of integration with Intel Authenticate (up to seven factors) guarantees a higher degree of security and flexibility than solutions that provide fewer authentication methods.
As one of the founders of FIDO , Lenovo offers FIDO-certified authentication tools. Such certification means that they use a secure way to register in the cloud and protect transactions using fingerprint verification. At the same time, encryption is applied using the public keys remaining on the device: passwords are no longer routed to database servers.
Another important point: sometimes there is a need to disconnect USB ports on a computer or laptop in order to limit the connection of flash drives, hard drives and other USB devices. Disconnecting the USB ports will help prevent the connection of drives that could potentially be used to steal important information or cause a virus to infect your computer and spread malware on your local network.
BIOS-based Smart USB protection allows IT professionals to configure USB ports so that PCs respond only to keyboards and pointing devices, ensuring the security of employee computers. Thus, the USB ports on the PC can be blocked so that users can not pick up malware or download data from the device.
Another source of threats is wireless networks. Sometimes connecting to a wireless network with free access can lead to negative consequences. You risk sharing personal information, location, and files. When connecting to a free Wi-Fi network, you often expose your personal data “on display”. The data that you send to various sites and applications can easily turn out to be prey for hackers.
Attackers can track your actions, copy and view your files and data, read SMS, track call logs and view Internet traffic. Not to mention the possibility of “catching an infection” in the form of a computer virus or other malicious programs.
Lenovo WiFi Security detects threats and notifies users when they are about to connect to insecure wireless networks. This mechanism recognizes suspicious activity in the wireless network and protects against hacking.
But how to minimize the consequences if malware nevertheless penetrates the system? Buffer Zone technology isolates threats before they infect an entire organization. ThinkShield Buffer Zone is a threat detection tool that isolates malicious content on a device from its working memory, registry and files, as well as from distribution on the network.
It also includes endpoint enrollment and device management in partnership with MobileIron. Lenovo Endpoint Management Software Based on MobileIron Technologiesintegrates cloud security and client device protection features.
MobileIron works at the junction of mobile and security technologies. The company specializes in developing solutions for managing mobile devices. The vendor’s products provide protection for corporate data that is used on smartphones and tablets, help control the cost of wireless communications, track user activity and their work with mobile applications.
So Lenovo’s platform now includes technology that gives IT administrators reliable communications with all of their devices so that they can protect endpoints, assess risks, remotely apply security measures to employee devices, and respond to security incidents.
And Absolute Persistence technology allows them not only to maintain a constant connection to user devices, but also to automate endpoint protection, and maintain regulatory compliance.
Characteristically, ThinkShield has a modular organization and allows the installation of the necessary subset of security system elements.
Security at the device level begins with product development, with reliable design solutions that protect users from modern threats. Each component and its source of supply must be well-known proven, only this serves as a guarantee of the absence of "built-in" threats. Criminals are increasingly targeting supply chains to introduce vulnerabilities into devices during production and before product delivery.
Therefore, Lenovo's ThinkShield not only adds new authentication, network security, and privacy features to the ThinkPad business-class PC line. It is also an approach to the life cycle of commercial PCs, based on the principles of safe design and a reliable supply chain.
It is worth noting that, unlike most vendors working with contractors, Lenovo is the owner of its production facilities and regularly conducts their detailed audit - from the screw to the processor.
The company considers security issues in a comprehensive manner, realizing that there can be no single solution. Therefore, all aspects were considered where security breaches are possible. Lenovo ThinkPad PCs with ThinkShield result in an integrated security system that spans their entire life cycle.
It begins with the processes of safely developing the BIOS and firmware in the supply chain and ends with the commissioning and decommissioning of the PC. For the first time in the industry, Lenovo BIOS is a controlled environment in which customers can visually check more than two million lines of source code.
It is not surprising that Lenovo's ThinkShield, aimed at comprehensive protection of the PC, turned out to be one of the most comprehensive and comprehensive security packages for business, because there can be no single means of protection. Obviously, it will still be supplemented and expanded, because ensuring information security is not a ready-made solution, but a process. And remedies must keep pace with evolving threats and be an adequate response to them.
With all this, do not forget that PC security depends, first of all, on the user himself. After all, it is the user who makes the decision to install this or that software, click on the link or download the file. And most of us work quite comfortably with a PC, without encountering any problems.
Moreover, modern technology allows you to work from home, and this is not only a higher level of flexibility, but also greater employee efficiency. This approach offers an increasing number of enterprises, which gives employees the opportunity to carry out their work in more comfortable conditions. According to Eurostat , 35% of businesses in Europe currently offer their employees the opportunity to work from home. But there is a flip side to the coin.
The growing number of employees working outside the office poses complex security challenges for IT departments. Total costs for this area are growing year by year, and gaps in the IT security system are becoming more expensive.
The IT security market is one of the fastest growing, but still immature. As an example, you can tell an interesting story that happened with one of the casinos in Las Vegas. It is unnecessary to explain that the casino carefully monitors the security of their data, but the trouble came from where they did not wait. There was an aquarium with exotic marine fish in the lobby of the casino, and the casino installed a “smart” thermostat to make it easier to control the state of the water. The attackers managed to crack the thermostat, through it they got access to the casino’s internal network and downloaded everything they needed from there. The casino learned about what happened only a few months later.
In fact, the existing risks are quite varied and vast, and the future seems even more frightening. Data loss can occur in various forms, for example, password theft or even the computer itself. According to statistics, about 70% of all security incidents in the world are associated with “ identity theft ”. Such a cybercrime takes place every two seconds. And more than 80% of cases the cause is - weak passwords .
All this can lead to the fact that criminals can get their hands on confidential personal or corporate information. For this reason, many enterprises do not fully utilize the opportunities of office work of employees. And in general today, sometimes a paradoxical situation develops: innovative solutions that should protect users sometimes carry risks for themselves. And new technologies mean new risks and threats.
PC of the future and new threats
According to the researchers , in the coming years the world will see an unprecedented “heyday of cybercrime." The development of technologies and blurring of the boundaries between personal and working devices, mainly smartphones, laptops and tablet computers (most of them will have a permanent connection to the Internet) will result in attackers gaining access to personal data, corporate confidential and sensitive information, much easier.
The role of the PC is changing, new form factors appear, for example, folding devices. Molecular, optical, and quantum devices are being developed, and new types of interfaces are being developed.
Gadgets and smart devices collect a wide variety of information about their owners. It seems that “smart homes” will know everything about their residents. Dangers are all that connect to the Internet. Even in Tesla electric vehicles , a vulnerability was found , and remote exposure can lead to death. All this increases the number of vectors of digital attacks.
Threats to information security are taking on a whole new look. This applies to all three types of tasks that remedies must address, including threats to accessibility, integrity, and confidentiality:
- Violations of the system and their supporting infrastructure.
- Forgeries and information theft.
- The dangers posed by insecure protection of confidential information, be it corporate data or information about individuals.
Almost everyone faces information security threats. Significant risks are malware (viruses, worms, trojans, ransomware), phishing (gaining access to user logins and passwords) and identity theft (using other people's personal data). The subject of hunting for cybercriminals can be accounts in social networks and applications, passport data and bank card data.
Thus, according to the US Bureau of Labor Statistics (BJS), the annual losses from identity theft (Identity Theft) in the country are approaching $ 25 billion. Moreover, the damage from all other thefts (household thefts, car thefts, robberies) does not exceed 14 million dollars
Neglect of security principles has led to a number of large-scale data theft: Equifax, Yahoo (twice), MySpace, Heartland Payment Systems, Sony PlayStation Network, CardSystems Solutions and TJ Maxx have compromised a total of about a billion accounts.
One of the most notorious data breaches in recent years has been the case of Equifax , one of the top three credit reporting agencies. The victims were about 147.9 million people. Or an incident with Uber in 2016, when hackers stole data on 57 million Uber customers, and the company paid $ 100,000 to hide the theft.
Meanwhile, criminals are already actively exploring areas such as robotics, artificial intelligence. It is not good that a hacker gains access to confidential financial information, intellectual property, information about customers and / or employees of the company. But in the Internet of Things (IoT) situation, the stakes are even higher. Imagine the potentially terrible consequences for people of using vulnerabilities of a system by a hacker in autonomous cars, electric networks, or medical devices with remote monitoring functions.
How to protect yourself from new threats?
For this, new means of protection are needed. For example, no matter how much we rely on antiviruses installed on our PCs today, any personal computer is 95% defenseless. Computer security specialist and author of The Threats and Crimes of the Future, Mark Goodman, compares this situation to human immunity: if a person were not as protected from infection as today's computers, he would die in a few hours. The era of antiviruses, according to the author, is over.
Today it is difficult to single out any separate breakthrough information security technology. Currently developing the “newest” areas were mainly introduced for the first time more than ten years ago. These include, for example, machine learning, and cloud detection technologies.
Meanwhile, companies that do not provide protective equipment for their products will leave the market in three to four years. Cyber attacks are moving from the financial sector to industry, the transport industry, retail and other sectors of the economy, new attack objects, for example, networks of IoT devices, have appeared, and the complexity and complexity of threats are growing. Businesses recognize the importance of protecting their IT infrastructure and information, and are increasingly investing in “secure” IT solutions.
The rapid pace of product development and the presence of a constant threat from hackers lead to the fact that no manufacturer can guarantee a complete absence of vulnerabilities in their products. At the same time, most vendors understand that it is necessary to protect customers from constantly changing security threats, and the delivered products and solutions must contain means of protecting confidentiality, integrity and availability of data. A team of security professionals with experience in various fields are working on this. Of course, all vendors have different approaches. Here's what Lenovo is doing in this area:
| Security architecture | Compliance with technical requirements when designing a product and developing a development strategy |
| BIOS / firmware / application security | Code Verification and Authentication |
| Ethical hacking | White Hacker Vulnerability Testing |
| Supply chain | A thorough safety assessment of each vendor providing components, assemblies, firmware, software, and user configurations |
| Support service | Solving problems and resolving customer issues |
| Incident response | Measures to reduce risks and eliminate identified problems |
| Project management | Contractor monitoring and program management |
| Customer awareness | Security Incident Messages and Company Strategy Notifications |
All these measures help to monitor potential risks on an ongoing basis and enable ways to mitigate them.
Active work on the inaccessibility of devices leads to the emergence of increasingly reliable and convenient means of protection. At the same time, we have to act in a number of directions ahead of schedule so as not to become, according to the well-known dictum of Winston Churchill, “generals who are always preparing for the past war”.
Of course, you need to understand that no security strategy is absolutely perfect. However, security tools, measures and policies are intrusive and adversely affect user productivity. According to researchDimensional Research: The Value of a Great Desktop Experience, 62% of users said that “unobtrusive security” was a very important factor in increasing their productivity.
My device is my castle
Lenovo is making a lot of efforts to ensure that its products are at least as competitive as the quality of security solutions. For example, it offers multicomponent and multifactor authentication systems that can work both individually and in combination. Among them there are standard ones, such as fingerprint scanners, and there are more interesting ones, such as protection based on IP-address and GPS-tracker. As one of the safest options, the company offers the use of smart cards that are inserted into a laptop.
Lenovo also works in partnership with Intel, Microsoft, Absolute, and other vendors to provide security during the process. For example, there is a proprietary utility from Coronet for protection when connected to public Wi-Fi networks.
In addition, Lenovo is one of the founders of the FIDO Alliance. FIDO, which includes the giants of the global IT industry (Google, Microsoft, Amazon, Intel, Infenion, NXP, Lenovo, RSA), financial companies (PayPal, MasterCard, VISA, Goldman Cachs, ING) and many smaller companies, offers A secure way to register in the cloud and provides transaction protection with fingerprint verification. In this case, passwords are no longer routed to database servers. Encryption is performed using public keys, while the keys remain on the devices. With this protection scheme, in addition, it is impossible to track the relationship between services. The FIDO paradigm is safety and usability.
The universality and standardization of U2F (Universal Second Factor) technology, promoted by the FIDO Alliance in recent years, promise it a great future, but so far it has not become widespread.
The essence of technology is as follows. For authentication, the Google Chrome web browser that supports the U2F specification is used. During the registration process, the user presents a U2F device on which the cryptographic keys are generated, which will be used for authentication. Public keys are sent to web resources and stored in user accounts. For authentication, a protocol based on asymmetric cryptography is used. For authentication, the user enters a username and password, and then connects a device that performs operations without entering a PIN code.
Multi-factor authentication
How to ensure the confidentiality, accessibility and integrity of information? By continuing to use traditional password authentication to access their information resources, companies are effectively putting them at risk. This applies primarily to companies in the financial sector. Indeed, according to statistics, about 80% of incidents in the field of information security occur due to the use of weak passwords. Weak user passwords are the most vulnerable place used by cybercriminals.
The advantages of multifactor authentication include its ability to protect information from both internal threats and external intrusions. It is based on the sharing of several authentication factors, which greatly improves security.
A well-known example is SMS authentication, based on the use of a one-time password. The advantage of this approach, compared with a permanent password, is that this password cannot be reused. An example of the use of biometric devices and authentication methods is the use of a fingerprint scanner with confirmation of password credentials. Other biometric authenticators can be used in a similar way: the shape and size of the face; voice characteristics; pattern of the iris and retina; voice authentication.
There are also software and hardware solutions, such as autonomous keys for generating one-time passwords, RFID tag readers, software and hardware tokens, and electronic keys of various types.
Biometrics can also be used as the second authentication factor (the first is the password). For example, “Match-On-Card”, “Match-On-Chip” and similar technologies allow you to replace the input of a PIN code with fingerprint analysis, which adds ease of use, since you do not need to remember and enter a PIN code.
Lenovo ThinkPad laptops use advanced biometric authentication, a camera that supports face recognition to log on to Windows Hello. The computer may be equipped with a built-in fingerprint recognition device. Intel Software Guard Extensions (SGX) protects user data, and the fingerprint scanner provides a high level of security thanks to TLS 1.2 encryption.
Match-on-chip fingerprint reader adds another layer of security. Lenovo Biometric Fingerprint Recognition with Intel Active Management Technology (AMT) simplifies access control and security policies.
The fingerprint scanner only forms a bitmap image of the fingerprint pattern. Further image processing, forming a template based on it, loading the template into a smart chip. Pattern comparisons are performed inside a chip that supports Match-on-chip technology. This biometric control technology allows you to build reliable solutions with two- or three-factor authentication. The biometric identification method can be used both in place of the PIN code, and in combination with it. Since the comparison is made exclusively within a special chip, the authentication process is highly protected.
By registering your fingerprint and associating it with a password when you turn on the PC, a password for accessing the hard drive, or with both passwords, the user can log into the ThinkPad Setup without entering a password: fingerprint authentication will be used instead of passwords, which provides a simple and secure user access.
For additional protection, you can install Client Security Solution. ClientSecurity Solution is compatible with several authentication mechanisms (for example, with mechanisms that include fingerprint and smart card authentication).
The fingerprint scanner is very reliable. As already noted, it uses Match-on-chip technology. In this version of the fingerprint scanner, authentication data is stored immediately in the chip - this option is more difficult to circumvent.
The entered data is processed by the scanner, and the fingerprint processing module is responsible for all the fingerprint images, preventing unauthorized entry into the system.
Fingerprint scanners are used today in many places. And these are not only state and commercial structures. In consumer electronics, compact fingerprint scanners are also used - these are desktop computers, laptops, and smartphones. You may get the illusion that you are very well protected. But is it? There are a number of known methods of "deception" of such systems. Lenovo’s Match-on-Chip fingerprint scanner places fingerprint scans in a secure storage on the FPR chip, which provides additional data protection from intruders.
The laptop also has a built-in Trusted Platform Module (dTPM), which encrypts user data. Fast Identity Online or FIDO Authentication provides stronger authentication and three-level information security. FIDO authentication is used to control credentials when visiting sites such as Facebook or Google, or making payments through PayPal, Visa, etc. ThinkPad was the first corporate laptop with authentication support for PayPal authorized by FIDO. The built-in fingerprint scanner allows you to log in to your PayPal personal page.
You can also access sites using a fingerprint scanner through the Universal Authentication Framework (UAF) or a button on the screen through the Universal 2nd Factor (U2F). Thanks to these built-in FIDO authentication methods, websites receive fully protected security keys, which greatly enhances the protection of personal information and prevents fraud.
The scanner can also serve as an additional security factor in addition to using the standard ID and password. Unlike individual security keys or SMS codes, an additional authentication factor is built into the PC, providing more reliable protection of personal data and simplifying the process of logging into Google, Facebook, Dropbox and other services.
What is a security platform for?
These developments were included in the set of protective equipment introduced at the end of last year, called ThinkShield. This platform comprehensively protects Lenovo devices and combats common vulnerabilities. ThinkShield was designed to protect devices, protect against identity theft on the Internet, and protect sensitive data.
A complex of protective measures is needed to protect against such incidents. That is why Lenovo ThinkShield provides basic privacy, authentication, data protection, and network vulnerability detection.
| Protective function | What is it for? |
| Identity Protection | Prevent unauthorized access through the use of biometric data, face recognition technology and other authentication procedures. |
| Internet security | Secure connection and prevention of identity theft, protection against malware and phishing. |
| Data security | Prevent data theft or loss on the device, ensuring compliance with data disclosure requirements. |
| Safe packaging | Physical protection thanks to first tamper-evident packaging, reliable and safe transportation and tracking. |
The ThinkShield Security Toolkit for ThinkPad Computers Lenovo plays a key role. It includes a whole range of protective equipment, from the simplest to the most advanced:
| Safety technology | What is she doing |
| ThinkShutter | A mechanical shutter on the camera protects privacy from prying eyes. |
| FIDO Certification | Provides simplified and highly secure authentication for login and secure payments. |
| Intel Multi-Factor Authentication | PIN codes, biometric data, keys and security tokens, as well as associated certificates are encrypted and stored in a place that is reliably protected from standard hacking methods. |
| Smart USB Protection Technology | Blocks data transfer via USB ports. |
| Secure dock | Physical locking of the laptop installed on the dock helps prevent theft. |
| Match-on-chip Fingerprint Scanner | Saving fingerprint scans in a secure storage on the chip provides additional protection for biometric data from intruders. |
| Absolute | Provides IT administrators with two-way communication tools with devices to remotely assess risks, prevent and respond to security incidents. |
| Buffer zone | Using virtualization technologies to isolate cyber attacks at the endpoint or on the network (placed in a sandbox). |
| Service “Leave the hard drive at home” | Allows customers to save their hard drive / files after replacement under warranty. |
| Winmagic | Data protection, ensuring compliance with legal requirements, optimization of work, support for unified encryption throughout the enterprise. |
| Lenovo Unified Workspace | It gives IT professionals the ability to deliver the right applications and documents to the right user on any device. |
| Mobileiron | Gives IT administrators the ability to manage devices of any form factor with any installed OS. |
| Online Backup (OLDB) | Allows enterprises to quickly and safely automatically store sensitive information in the cloud. |
| USB protected hard drive | A fully encrypted external data storage device that requires a digital password to access. |
| Lenovo WiFi Security | Block the display of user data in untrusted networks. |
| ThinkPad PrivacyGuard | Activation of screen protection protection at the touch of a button, notification when an intruder is detected who is trying to access information on the screen. |
For example, the Lenovo ThinkShutter camera shutter allows the user to decide for himself whether someone will see him. There are thousands of videos online where the hero (or heroine) is not even aware that the laptop’s camera is recording. Now, to prevent this from happening, you do not need to tape the cameras on laptops with tape. There is a more elegant solution to protecting your privacy. You need to call on Skype - open the curtain. I want to be "invisible" - close, so as not to become a "YouTube hero". The solution is not new, but effective and convenient.
All ThinkShield systems support FIDO, the secure authentication standard offered by Microsoft Hello Windows, as well as Intel Authenticate with multi-factor authentication. A high level of integration with Intel Authenticate (up to seven factors) guarantees a higher degree of security and flexibility than solutions that provide fewer authentication methods.
As one of the founders of FIDO , Lenovo offers FIDO-certified authentication tools. Such certification means that they use a secure way to register in the cloud and protect transactions using fingerprint verification. At the same time, encryption is applied using the public keys remaining on the device: passwords are no longer routed to database servers.
Another important point: sometimes there is a need to disconnect USB ports on a computer or laptop in order to limit the connection of flash drives, hard drives and other USB devices. Disconnecting the USB ports will help prevent the connection of drives that could potentially be used to steal important information or cause a virus to infect your computer and spread malware on your local network.
BIOS-based Smart USB protection allows IT professionals to configure USB ports so that PCs respond only to keyboards and pointing devices, ensuring the security of employee computers. Thus, the USB ports on the PC can be blocked so that users can not pick up malware or download data from the device.
Another source of threats is wireless networks. Sometimes connecting to a wireless network with free access can lead to negative consequences. You risk sharing personal information, location, and files. When connecting to a free Wi-Fi network, you often expose your personal data “on display”. The data that you send to various sites and applications can easily turn out to be prey for hackers.
Attackers can track your actions, copy and view your files and data, read SMS, track call logs and view Internet traffic. Not to mention the possibility of “catching an infection” in the form of a computer virus or other malicious programs.
Lenovo WiFi Security detects threats and notifies users when they are about to connect to insecure wireless networks. This mechanism recognizes suspicious activity in the wireless network and protects against hacking.
But how to minimize the consequences if malware nevertheless penetrates the system? Buffer Zone technology isolates threats before they infect an entire organization. ThinkShield Buffer Zone is a threat detection tool that isolates malicious content on a device from its working memory, registry and files, as well as from distribution on the network.
It also includes endpoint enrollment and device management in partnership with MobileIron. Lenovo Endpoint Management Software Based on MobileIron Technologiesintegrates cloud security and client device protection features.
MobileIron works at the junction of mobile and security technologies. The company specializes in developing solutions for managing mobile devices. The vendor’s products provide protection for corporate data that is used on smartphones and tablets, help control the cost of wireless communications, track user activity and their work with mobile applications.
So Lenovo’s platform now includes technology that gives IT administrators reliable communications with all of their devices so that they can protect endpoints, assess risks, remotely apply security measures to employee devices, and respond to security incidents.
And Absolute Persistence technology allows them not only to maintain a constant connection to user devices, but also to automate endpoint protection, and maintain regulatory compliance.
Characteristically, ThinkShield has a modular organization and allows the installation of the necessary subset of security system elements.
Security throughout the PC life cycle
Security at the device level begins with product development, with reliable design solutions that protect users from modern threats. Each component and its source of supply must be well-known proven, only this serves as a guarantee of the absence of "built-in" threats. Criminals are increasingly targeting supply chains to introduce vulnerabilities into devices during production and before product delivery.
Therefore, Lenovo's ThinkShield not only adds new authentication, network security, and privacy features to the ThinkPad business-class PC line. It is also an approach to the life cycle of commercial PCs, based on the principles of safe design and a reliable supply chain.
It is worth noting that, unlike most vendors working with contractors, Lenovo is the owner of its production facilities and regularly conducts their detailed audit - from the screw to the processor.
The company considers security issues in a comprehensive manner, realizing that there can be no single solution. Therefore, all aspects were considered where security breaches are possible. Lenovo ThinkPad PCs with ThinkShield result in an integrated security system that spans their entire life cycle.
It begins with the processes of safely developing the BIOS and firmware in the supply chain and ends with the commissioning and decommissioning of the PC. For the first time in the industry, Lenovo BIOS is a controlled environment in which customers can visually check more than two million lines of source code.
It is not surprising that Lenovo's ThinkShield, aimed at comprehensive protection of the PC, turned out to be one of the most comprehensive and comprehensive security packages for business, because there can be no single means of protection. Obviously, it will still be supplemented and expanded, because ensuring information security is not a ready-made solution, but a process. And remedies must keep pace with evolving threats and be an adequate response to them.
With all this, do not forget that PC security depends, first of all, on the user himself. After all, it is the user who makes the decision to install this or that software, click on the link or download the file. And most of us work quite comfortably with a PC, without encountering any problems.