User Rating: / 0
PoorBest 

Using anti-theft technology to stymie criminals

With the increase in mobile users across all sectors, the need for better security is a critical element. In the past, organisations were restricted to ensuring that their systems were protected by passwords, and in extreme cases, by either smartcards or biometric security. However, the number of organisations using this as a precaution against the loss of company hardware was limited, because of the level of inconvenience that it involved.

Hannes Steyn, Intel South Africa public sector business development manager, explains that the increasing amount of public sector employees using notebook computers has dramatically increased the level of risk in the sector of sensitive information being compromised.

“While corporate information leaking may have repercussions in the commercial performance of the company, the level of information that government employees have access to can have national significance, and as such, it needs to be protected with more vigour,” he says. In addition, with government having to replace any notebooks that get lost or stolen, having any number of these devices go missing can result in a significant financial loss for the state.

Play safe

Part of Intel’s strategy to ensure the protection of sensitive data on notebook computers has been the incorporation of Intel’s Anti-Theft technology into its business notebook offerings.

The Intel® Anti-Theft technology offers security managers the option of a hardware-based embedded system that ensures that the notebooks and its data remain secure, should the computer be lost or stolen. Because the system is embedded into the chipset on the computer, it is very difficult to tamper with it. It remains active even if the operating system is re-installed, the hard drive replaced, or even if the notebook is disconnected from the network.

Steyn says the Intel® Anti-Theft technology technology offers users a number of options when it comes to detecting potential loss or theft situations. When a suspicious situation is identified by the system, the computer switches into theft mode and can take a number of actions, depending on the policies that the security team has put in place. He adds that these policies are not defined by Intel, but are flexible enough to cater for a wide range of security policies.

“Some of the examples of ways in which the systems could be triggered include excessive login attempts, timeframe rendezvous requirements or a notification from a central server,” Steyn explains.

In the first situation, should a user fail to enter the correct password in the pre-OS login screen, the system would be disabled. This is especially efficient as it happens before the operating system is active, and ensures that any vulnerability in the operating system cannot be exploited in order to compromise the anti-theft system.

In the event of a time-based rendezvous system being used, the system can be disabled should the computer fail to make contact with a central server within a certain timeframe. The system includes three separate timers, one to track the frequency with which the system should make contact with the central server, one to specify the interval after which the system should be locked down, and one which controls how long after the system has been locked down the user can unlock the system.

In the final scenario, the computer would remain enabled until it made contact with a server and the user had reported it missing or stolen. Once a computer that has been reported stolen made contact with the server, it would be given the instruction to lock itself down and this would render it useless to any criminals.

“It would be possible for the server in this system to be hosted by the State IT Agency (SITA). As a key service provider to government, SITA has the capability to host and maintain such a system quite easily,” comments Steyn. All of the various options that the Intel® Anti-Theft technology offers are independent of the user and the users’ commitment to adhere to proper security procedures, he notes.

The system also offers different ways of unlocking the notebook once it has been locked down because of an infringement of the predetermined policy. These would include either a local pass phrase – a strong password entered by the user – or a recovery token generated by the server and usable on a one-time basis. They both restore the notebook to full functionality without compromising the inherent security of the system.

The system also allows the security team to track the IP address of a machine, should it connect to the network, and even allow the system to remain active while they track it to allow the machine to be recovered and the criminals brought to justice.

In future, Steyn says, it is likely that Intel will add hard drive encryption capabilities to the anti-theft technology. This would enable security staff to decide to encrypt an entire hard drive, with this encryption being driven by systems embedded in software rather than at the operating system level. This would make it more efficient and ensure that the hard drive would remain secure, irrespective of what machine it was inserted into.

The poison pill

The concept of a poison pill is something that is a key to developing a comprehensive anti-theft policy for the public sector. Steyn points out that while the comprehensive roll-out of Intel’s Anti-Theft technology would not stop theft of government notebooks overnight, once criminals realised that they were effectively worthless once they had been disabled, the amount of theft would drop dramatically.

With literally tens of thousands of computers on the books of public sector organisations, the need for better security is crucial, and once it is widely deployed it is expected that the level of theft and loss in this sector would fall off, saving both time and money for the state. 

C O N T A C T

Hannes Steyn

Public sector business development manager: Intel South Africa Corporation (Pty) Ltd
Tel: 011 806 4530
E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
Website: www.intel.com