Cyberthreats cause physical damage, facility downtime, breaches of customer data and intellectual property. According to a 2017 BDO Manufacturing RiskFactor Report, 96% of manufacturers cited cybersecurity as a risk factor. In addition to deploying secure endpoint devices in the defense against cyberthreats, manufacturers must harden security practices, manage infrastructure, control user access, and invest in data protection.
Enabling Security at an Endpoint Device Level
Endpoint devices are a gateway into your network. So enabling security on your devices is a necessary step to protect your entire IT infrastructure.
User Access Control
Business-grade PCs include hardware-based identity verification features that bypass passwords in favor of multi-factor authentication (MFA). Critical to MFA are biometric credentials, which can be verified by:
- Lenovo Match-on-Chip Fingerprint Reader: credentials are stored on a separate chip so that they’re tougher to hack.
- Windows Hello: this Windows 10 Pro feature allows users to log in with their face, fingerprint, phone or other Windows Hello companion device.
- Infrared Cameras: lock and unlock devices automatically through facial recognition via Windows Hello and ThinkPad Glance eye-, face- and gaze-tracking.
- Intel® Authenticate: process credential keys, tokens and policies on the chip for greater protection from hackers.
Prevent data theft from USBs or other access ports on company PCs with these features:
- Smart USB Protection: blocks the data transfer capability of the USB port. But keeps the ports functional for input devices like mouse and keyboard.
- Camera Shutter: built-in camera shutter ensures privacy.
- Chassis Lock: a lock and key mechanism prevents theft of components like hard drives and graphics cards.
- ThinkPad Glance: automatic locking using an infra-red camera. It detects when a user is away from their PC and will lock at a specified interval, automatically unlocking when they return.
Manufacturers need to protect their data because it's critical to their reputation and customer confidence.
- Devices with an onboard TPM chip can enable Full Drive Encryption (FDE) to encrypt data and prevent sophisticated attacks
- On Intel® vPro™ platform-based devices, IT can wipe SSDs using Intel® Remote Secure Erase
- Windows 10 Pro features, BitLocker and BitLocker to Go, protect against data loss even when a device is lost or stolen