How to shut down a laptop – the wrong way

When you want to quickly shut down a laptop, how do you do it? Shut the lid down and let it go into hibernation mode? Shutting a laptop down in this manner has many benefits; one of the greatest is the ability to resume work quickly. If you merely open the lid, the laptop resumes right where you were, with applications and files open and ready to use. The downside is that this method also  inserts a big problem when it comes to your laptop protection – especially if you use disk encryption tools.

 

 

If you use hard disk encryption, closing the lid of the laptop leaves your laptop in a state that has greater potential for unauthorized access. It moves to stand-by state, with applications ready to run and the hard drive un-encrypted. When you normally boot up your laptop, the encryption software requires a Pre-OS boot authentication (PBA) – its own login process. This allows the encryption software to decrypt the drive for authenticated access. When you shut your laptop, though, and later open it back up, this authentication through the PBA is bypassed, leaving the laptop user at the Windows login screen, the hard drive unencrypted and not protected.

 

 

Intel® Anti-Theft Technology – helping wrong become right

     Intel® Anti-Theft Technology version3.0 (available on 2nd generation Intel® Core™ and Intel® Core™ vPro™ laptops) uses hardware based timers to return the laptop to a state that requires PBA authentication.  This provides enhanced security and further strengthens software based encryption solutions. Here’s a breakdown of the secure solution:

 

  • The laptop is powered on but in a standby state (lid closed).  When work is resumed (laptop lid is lifted) the laptop will reroute to a safe state in which the operating system and applications are removed from memory and encryption is enabled.
  • At this point the disk encryption application will extend the windows login for proper authentication.  If this is not entered properly the system will again shut down with all security in place and active.
  • If the authentication is entered correctly then the encryption software allows user access to the laptop.

 

This solution fixes a few issues -

  • End user noncompliance - If the user removes the password protection of having the Windows logon window, then the system will also be shut down.
  • The time a malicious user has to force a password is very limited. Intel AT minimizes the opportunity for entering multiple passwords to unlock the Windows logon.
  • The time that someone can copy memory is limited. In Standby mode, the operating system and applications are in memory; applying this type of security limits that opportunity.

 

Intel AT provides advancements in laptop encryption and theft deterrence solutions. We continue to research the impacts to individuals and business, and help you understand the cost of laptop loss and theft and the value of security solutions. I’ll be here for the next few months, talking about Intel Anti-Theft Technology and end point security – stay tuned for updates on more technical capabilities and research in the cost and impact of lost laptops.