Lenovo ThinkPad R40 IDC white paper titled "The Coming of Age of Client S
Lenovo ThinkPad R40 Manual
View all Lenovo ThinkPad R40 manuals
Add to My Manuals
Save this manual to your list of manuals |
Lenovo ThinkPad R40 manual content summary:
- Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 1
Down the Point of Entry Sponsored by: IBM Corporation Roger L. Kay January 2003 SUMMARY and restore procedures and those that didn't. Data recovery is, of course, only one piece of network and absconded with a large number of important files, including, purportedly, an unknown quantity of Windows - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 2
desktop and notebook PCs still often have only a Windows password protecting them, and, in older Windows control, firewalls, network security user's private key. To address this weakness, IBM card. There is no way a Trojan horse can sniff the chip on the card malicious hackers, multiple secure keys - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 3
privileges that user enjoys, including access to files, programs, and services. Without can be forgotten or stolen. If the network had been able to interrogate the remote client growing consciousness of security issues ! How the PC client can be the weak point in advantages of IBM's hardware security - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 4
to become more mainstream for enterprise networks. Security has moved from the global realm of total systems, such as the public key infrastructure (PKI), which require cooperation and trust among multiple entities, and focused on the more immediate task of authenticating users at the point of entry - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 5
updates. Once inside the network via a vulnerable client node, a hacker with malevolent intent has all the privileges accorded the legitimate user such as physical access control, firewalls, network security, software security, , the stakes range from credit card number loss to identity theft. - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 6
BY TYPE, 2000 had access to about 100 unclassified military networks during most of 2002. The case, which hacker was monitored for years as he downloaded millions of pages of sensitive data from and one that allows anonymous contact at the user's discretion. The packets flow to everywhere from - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 7
to the network at all, a PC client can provide its user with control, proximity badge, and password), only the legitimate owner of the locked-away files can open them as readable data. This same type of authentication can be pressed into service to authorize the client node's user to the network - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 8
the part of the decipherer but would still yield to trial and error. These types of techniques were supplanted by the use of "key texts," a method a One of the first big improvements in security came in 1970, when IBM scientists developed the Data Encryption Standard (DES). DES starts with something - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 9
128 bits. With these specifications, AES would be far too a few finalists. IBM championed an algorithm called transmission. However, the problem of the shared secret two illustrations of how this type of encryption can be useful underscores the need to secure the network at the client end. Going the - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 10
Public key encryption is based on the idea that some mathematical operations are easy to do - but hard to undo. A simple example is a square versus a square root. If you already have the square root of three (which, although approximately 1.73205080756888, has no finite - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 11
trust the Net and all the clients and services that they run into, there would be no card. However, smart cards have certain drawbacks. For one thing, the number of keys a smart card can hold is limited, which is a problem from the perspective of likely developments in ebusiness, for which users - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 12
commandeer a PC, will let the intruder scan the contents of main memory and find the user's private problem of leaving highly entropic private keys around in main memory. Bottom line: Private keys, symmetric keys, credit card information technology industry. The IBM security chip is extremely secure - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 13
security chip has been paired with external hardware, such as a PC Card-slot or USB-attached fingerprint reader from Targus, a USB-connected proximity badge from Ensure Technologies, or even a smart card. IBM's focus has shifted from providing fully authenticated PKI communications and guaranteed - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 14
for that type of defense. The chip just keeps data private and confidential and provides for PKI operations. IBM and other vendors offer suites of interrelated security products to create a fully secure environment. For example, IPSec protects communications links by securing the Ethernet controller - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 15
IBM's interest that this solution become as widespread as possible. The platform specification card implementation of embedded security. Other manufacturers include STMicroelectronics in Europe and California-based National Semiconductor. The 1.1 specification than the user's private pair Multiple - Lenovo ThinkPad R40 | IDC white paper titled "The Coming of Age of Client S - Page 16
support for of a specific gauge for if the BIOS has been have a hard token, chip Windows XP, works flawlessly with the chip. The embedded chip is tied to the Microsoft code so that if the user user. ! The chip can be used along with the IBM Client Password Manager software to replace most of the user
WHITE PAPER
The Coming of Age of Client Security: Top Managers Realize They
Have to Lock Down the Point of Entry
Sponsored by: IBM Corporation
Roger L. Kay
January 2003
SUMMARY
Although security technology has progressed tremendously over time, awareness of
the need for security on the part of people who use computers ° both consumers
and businesspeople ° has not in general kept pace. Essentially, there is plenty of
technology on hand, but the understanding of what it does and how to use it has
lagged. However, much has changed since the attacks of September 11. CEOs and
IT managers everywhere drew lessons from the differing fates of companies that had
backup and restore procedures and those that didn’t. Data recovery is, of course, only
one piece of the security pie, but as political tensions have increased on the macro
level, this and other security concerns have risen in visibility with top managers. "To
what degree is our data ° and therefore our business ° safe?" CEOs are now
asking in ever greater numbers and with increasing vehemence. "Just where are we
with security?" they want to know of their CIOs.
This shift in attitude represents an evolution from the pre±September 11 state, which
was characterized by a vague awareness of some subset of security issues but a
misunderstanding of the complete security picture and a widespread lack of adoption
and deployment.
Now managers are beginning to assess their vulnerability and to ask what their
alternatives are.
In most corporations, the security infrastructure is still inadequate and full of holes.
Even the most sophisticated organizations are vulnerable. In one incident, widely
reported in the press, that had an impact of major but unknown proportions ° the
degree of penetration was difficult to assess ° a hacker from St. Petersburg, the
intellectual seat of the old Soviet Union, broke into Microsoft’s network and
absconded with a large number of important files, including, purportedly, an unknown
quantity of Windows source code files. Naturally, Microsoft never advertised the
extent of the damage ° if, indeed, it is actually known. And if a company at the
epicenter of the information technology business is vulnerable (and by inference
should know better), truly, no company is safe from attack.
The security threat is growing in several dimensions at once. The amount of value
flowing across the network ° in the form of actual money, but also business plans,
intellectual property, and strategic documents ° is rising by leaps and bounds. And
value is at risk in less obvious ways. A reputation can be damaged irreparably by an
attack, business can be lost as a result of downtime, and the trust on which ebusiness
is based can be destroyed permanently. To the growing list of imaginative crimes
must be added identity theft, which has become a veritable cottage industry. In
addition, malicious hackers are getting more sophisticated. Malevolent programmers
are not only figuring out more effective ways to harm businesses and individuals but
are also publishing their tricks on Web sites for other less creative, but perhaps more
vindictive, people to find and use.
Global Headquarters: 5 Speen Street
Framingham, MA 01701 USA
P.508.872.8200
F.508.935.4015
www.idc.com
²To what degree
is our data
and therefore our
business
safe?"
CEOs are now
asking.
The security threat
is growing in several
dimensions at once.