X
Tech
Home Tech Security

Securing your Business PC

Securing your PCs is more than just installing anti-virus software and firewalls. How would you protect your data if your hard drive is being physically removed from your PC?
Written by ZDNet Staff, Contributor
Hi I’m Rosanna Elias, product marketing manager from Hewlett Packard.

Today I’ll be speaking to you on “Securing your Business PC”. Data is the crown jewel of any business today; protecting that data on individual hard disk drives of corporate desktops is top priority. Most users make use of passwords like the Windows log-on password to prevent unauthorized access to the data but there are many ways to get around them. Using brute force to crack the password is one way. Hackers could also go to the BIOS to switch the primary boot up device from the protected hard drives to CDs or floppies instead, bypassing the password sequence altogether or they could physically remove the hard drives from the PC and use another PC to read the data as a external data device, again, bypassing the many password schemes.

The weakness of many PCs today is that it authenticates the user but not the machine where the hard drive is located. The solution is to embed a tiny security chip onto the motherboard of the PC, called the trusted platform module or TPM chip. Root keys, passwords and other critical information can be encrypted into the TPM Chip. Combined with the right software, this chip makes new cutting edge security solutions possible.

One of those features is multi-factor authentication; it can be enabled in pre-boot and post-boot environments. By using a combination of smartcards, biometrics and passwords, brute force attacks and overly simplistic passwords are now less of a security risk. The use of pre-boot authentication is an active measure that takes place before the BIOS is loaded. This can now be implemented to defend PCs against boot device swapping intrusions.

The TPM chip also allows single sign-on which manages users’ credentials for websites, applications and protected network resources so users do not need to remember multiple passwords. An added benefit of the TPM is the easy enabling and disabling of the USB ports and the optical drives. This helps prevent data theft and the introduction of malicious viruses.

Finally it is now possible to tie the individual hard drives to a specific system with a specific TPM chip preventing other systems from accessing the hard drives even when it is physically removed from the original PC. The hard drives can be encrypted with the decrypt key stored on the TPM chip.

Question, how do we then implement all these security measures effectively and seamlessly? Selected HP PCs come with HP Protect Tools Security Manager in one single console allowing users to implement all the security measures. Being modular, new security features can be added on to counter future security threats

I’m Rosanna, product manager from Hewlett Packard.

Editorial standards
Show Comments

Related

Placeholder product image alt text

The best AI image generators to try right now

end-card-vid-2

An 'unprecedented time': Inside the three-dimensional approach corporate executives are taking to generative AI

prioritize-hands-on-images

Buy a Costco membership for just $20 right now