The ThinkShield Story Part 1: The Challenge

The cybersecurity challenge seems to be growing daily. Threats are becoming more sophisticated, and attacks are becoming more destructive while the corporate world’s response seems to resemble a deer in headlights. Recent examples of this dangerous state of affairs include[1]:

• A data breach of a US Customs and Border Protection surveillance contractor that led to the theft of traveler photos and license plates related to about 100,000 people;
• Ransomware attacks on local government that forced payments from the Jackson County, GA ($400,000), Lake City, FL (almost $500,000 in bitcoin) and Riviera Beach, FL (almost $600,000 in bitcoin);
• Severe disruption to operations of email and baggage systems at Cleveland Hopkins International Airport, Baltimore City and the Philadelphia Courts First Judicial District;
• A supply chain attack against computer maker Asus that compromised the company’s Live Update tool and pushed malware to almost 1 million customers;
• Data exposure of the sensitive financial records of 885 million customers of the First American real estate and title insurance firm that included Social Security numbers, driver’s license images, bank account numbers and statements, mortgage and tax documents, and wire transaction receipts.

In addition to this criminal threat, governments around the world are passing and enforcing new privacy and data protection laws that impose severe violation penalties. Examples of this are:

• British Airways fine of £183 million (just under $228 million) for a Sept 2018 data breach that compromised the data of 500,000 customers.[2]
• A fine given to Marriott Corporation for $123 million for the loss of 339 million guest records, reported in November 2018.
• A $57 million penalty from France’s GDPR regulator levied on Google for “lack of transparency” and valid consent controls for users.

The top agenda item for just about every Board of Directors now is how to protect corporate data, flowing across the threat infested Internet, to multiple endpoint devices, that have a virtually unknown pedigree.

One company, Lenovo, has taken up the challenge with ThinkShield, a revolutionary approach to securing devices through their entire lifecycle. As a global manufacturer of smartphones (Motorola), tablets, PCs (ThinkPad, Yoga, Lenovo Legion), workstations, AR/VR devices, and data center solutions (ThinkSystem, ThinkAgile) this international technology leader is creating capabilities and computing power that changes both business and society.

Anchored by secure device design process, Lenovo builds protection into its products. Through a strategic partnership with Intel®, Lenovo has aligned with the Intel Transparent Supply Chain to provide visibility into the source components of every new system. Lenovo oversees the security of suppliers who build intelligent components, making sure they conform to rigorous, Trusted Supplier Program guidelines and best practices. The ThinkShield ecosystem’s lifecycle approach also includes:

• The industry’s first and only FIDO®-certified authenticators that use match-on-chip fingerprint technology that gives companies safer, easier ways to protect employees’ identities;
• An industry-leading level of integration with Intel Authenticate that offers higher security and flexibility through the use of up to 8 authentication factors;
• BIOS-based Smart USB protection that keeps employee PCs safer by restricting USB port response to keyboards and pointing devices only;
• WiFi Security, in partnership with Coronet, that detects threats and notifies users when they are about to connect to unsafe wireless networks;
• BUFFERZONE® technology that isolates online threats before they infect the whole organization;
• MobileIron® Endpoint Management that provides a secure, simple way to unify cloud and endpoint security across multiple devices;
• Absolute® Persistence™ technology that provides an unbreakable connection from IT admins to all corporate devices so that they can leverage enriched asset intelligence, automate endpoint hygiene, and continuous compliance monitoring;
• End of life data disposal process that keeps potentially sensitive data secure by wiping the drives and securely recycling the parts.

Over the next few months, I will be sharing the details of this exciting cybersecurity protection breakthrough by exploring how it can help organizations operate globally within a drastically enhance security environment. Subsequent posts will address:

• Part 2: The Threat – The current and evolving security threat to hardware, software, and data protection processes
• Part 3: Protecting Hardware – Organizational, IT Administrator and IT User roles and activities needed to protect IT hardware
• Part 4: Protecting Software – Organizational, IT Administrator and IT User roles and activities needed to protect IT software
• Part 5: Security Processes – Organizational, IT Administrator and IT User roles and activities needed to establish effective security processes
• Part 6: Enhancing Your Security – Effectively defending against online threats through a people-centric approach

Looking forward to engaging with you through this journey.

This post is sponsored by Lenovo.

---

[1] https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/

[2] https://www.cpomagazine.com/data-protection/gdprs-big-moment-has-just-arrived-with-a-228-million-data-breach-fine/