According to a study by Accenture and Ponemon Institute, cyber attacks cost financial services firms more than in any other industry. One of the most direct routes to improving your risk posture is to give employees business-grade PCs built to protect against cyber attacks. Such devices are built on 3 pillars of IT security:
#1: User Access Control
Business-grade PCs such as Lenovo's ThinkPad and ThinkCentre range of devices include hardware-based multi-factor authentication (MFA) features that are almost impossible to hack. This ensures that only the users with the right access levels can operate the PC. MFA requires two or more layers of authentication, which can include any combination of PIN number, password, phone proximity, location or a biometric factor such as fingerprint or facial recognition.
- Lenovo Match on Chip Fingerprint Reader: credentials are stored on a separate chip so that they’re tougher to hack.
- Windows Hello: allows users to log in with their face, fingerprint, phone or other Windows Hello companion device (hardware-based protection of the Windows Hello credentials/keys requires a TPM chip on the device, which many business-grade PCs have).
- Intel® Authenticate Technology: built into the latest Intel Core vPro processor-based systems, Intel Authenticate grounds MFA in the hardware, isolated from the operating system.
#2: Port and Physical Protection
In the event that a device is lost or stolen, they also need physical protection. Smart USB protection blocks the data transfer capability of the USB port. A chassis lock can deter theft of components such as hard drives and graphic cards.
#3: Data Protection
Protecting data is critical to your reputation and customer confidence. Lenovo systems with Intel® Remote Secure Erase offer a secure, cost-effective way to sanitize devices in just seconds. Seamlessly integrated with Intel® Active Management Technology, Intel Remote Secure Erase allows IT administrators to work inside a familiar IT management console. Also, with Windows 10 Pro you can have full control on how your employees use your business data. For example, Windows Information Protection blocks the copying of customer and financial data into social media apps.