Gateway Boosts Security

TPM chips help protect data; service will track lost PCs.

Gateway Inc. is locking down its business PC line.

The Irvine, Calif., PC maker has fitted TPMs (Trusted Platform Modules), chips that help secure data, to its corporate notebook and desktop product lines. It sells the business machines directly to customers.

The TPMs will be offered in all Gateways corporate notebooks and in all but one of its E-Series desktops. The company will also offer a service that can track and help recover lost or stolen laptops.

Collectively, the new features are meant to answer the needs of business customers, reassure students who are purchasing laptops for school and help set the companys products apart from its competitors, a Gateway executive said.

Gateway officials declined to offer more details on the companys overall security plan, but they hinted that the vendor wants to facilitate the use of TPMs for such practices as managing passwords and encrypting sensitive data on a computers hard drive. TPMs can also be used to help secure e-mail and Web access, among other applications.

Gateway began laying the groundwork for its plans last week, when it announced it is adopting a special network card, made by Broadcom Corp., also of Irvine, that incorporates a TPM that complies with the Trusted Computing Groups TPM Specification Version 1.2.

Gateway has added the TPM-equipped card to such machines as the Gateway 460 notebook and the E-Series 4500, a desktop based on Intel Corp.s Pentium 4 processor. Only the E-Series 2500, a low-cost desktop, will not have the chip.

The companys Mobile Theft Protection Solution, available on all Gateway corporate notebooks, uses Absolute Software Corp.s Computrace, which can locate laptops that are reported lost or stolen once they connect to the Internet. Information about the online account that the machine is using can be provided to police. The package can also be used to quietly delete sensitive data remotely.

The feature is built into each notebooks hardware, making it more difficult to defeat. But customers must pay extra for the service that supports it. The price of a three-year subscription starts at $99, Gateway officials said.

Enterprise customers say the addition of TPMs is a good start but is by no means a cure-all for security ills.

"I like TPM. I think its a sound idea, but its all in the implementation," said Jeff Nigriny, chief security officer at Exostar LLC, the business-to-business portal for the manufacturing, aerospace and defense industries, in Herndon, Va.

Trusted computing chips like the TPM provide a big security advantage over software-based endpoint security schemes such as Cisco Systems Inc.s NAC (Network Admission Control) architecture. However, few PC makers offer the chips in affordable laptop or desktop models, and companies such as Cisco have yet to use the chip as a preferred method for authenticating user systems, Nigriny said.

"The idea of the TPM, for me, is that this is the last piece of the puzzle. Its not a wholesale replacement for endpoint security systems, but Id put more trust in [a TPM] than something that just scans my virus definitions," Nigriny said.

John G. Spooner is a senior writer for Additional reporting by Paul F. Roberts.