Lenovo ThinkPad Notebooks Will Use Text Messages for Additional Security

By Scott Ferguson  |  Posted 2008-11-24

Lenovo ThinkPad Notebooks Will Use Text Messages for Additional Security

Lenovo is adding a new layer of security to its ThinkPad notebooks that will allow users to disable their laptop by simply sending a text message through a cell phone.

On Nov. 25, Lenovo plans to announce the new security offering for its line of ThinkPad notebooks called Constant Secure Remote Disable. Lenovo, along with Phoenix Technologies, developed this security feature and embedded the technology within the notebook's BIOS.

This new security feature allows a user to send an SMS (short message service) text message from a cell phone to a Lenovo ThinkPad that has been lost or stolen. Once the kill command is sent, the lost or stolen ThinkPad is either disabled immediately or the notebook is disabled after the PC has been turned back on, said Stacy Cannady, Lenovo's product manager of security.

Since hard disk drive encryption will not work properly if the PC is running or in hibernation mode, this disable feature ensures that the data is secure by shutting the machine down and allowing the hard disk drive encryption to work. If and when the ThinkPad laptop is recovered, the user can restore the notebook, its settings and the data contained on the PC by entering a password.

While Lenovo has developed other technologies that can disable or secure a ThinkPad laptop that is either plugged into a network or is using Wi-Fi, the Constant Secure Remote Disable technology covers those notebooks that are using a cellular WWAN (wireless wide-area network) network for Internet access.

"What we did was find a way to have the PC shut down in response to a command that is sent over the cellular network," said Cannady.

"The limitation here is that you have to have a WAN card in the PC and you must be paying a data plan for it," Cannady added. "If that is true, when someone steals the PC, you can whip out your cell phone and send a message to your PC, wherever it is, and when the PC gets that message, it will shut off at that moment. The only way to get it back is to type in the resurrection code."

Reacting to a Lost PC in Real Time


An individual user or an IT department can pair up to 10 different cell phones with any particular ThinkPad to send the kill command. By using WAN technology, it allows a user or IT department to react to a lost or stolen PC in real time before any data is compromised.

"By forcing the power-down, it puts a lot more teeth into the hard disk drive encryption," said Cannady.

To work, however, the stolen or lost ThinkPad must be in range of the user's GSM network.

Since security remains a top concern for IT departments, vendors such as Lenovo are trying to offer more and more tools to help protect data, especially for companies that have large fleets of notebooks and mobile work forces. In the case of the Constant Secure Remote Disable technology, Lenovo is trying to sell the concept as a way for IT departments to prove they are in compliance with federal regulations for the protection of personal and sensitive data.

Earlier this year, Dell began offering a new set of services specifically aimed at protecting laptops that were lost or stolen. One Dell service, which is very similar to what Lenovo is offering, is called Dell Remote Data Delete Service. This service provides for a "poison pill" that is delivered to a laptop and can wipe a hard disk drive clean.

Just before Dell launched these laptop security and recovery services, the company sponsored a study by the Ponemon Institute, which showed that about 12,000 laptops are lost in U.S. airports each week.

The Lenovo Constant Secure Remote Disable will be a free download and BIOS upgrade that will be available in either late December or the first quarter of 2009. The technology will work with the Lenovo ThinkPad laptops that were updated with the Intel Centrino 2 platform that the chip maker released in July.


Rocket Fuel