One of the more interesting features of mobile devices such as Blackberrys is the ability to have the device remotely wiped in the case of theft or loss. Interestingly, many laptops are filled with much greater amounts of corporate data but it is not always so easy to remotely wipe data on such portable computers. There are certainly technologies which can make this happen but they are far from widespread and are limited in scope.
In a recent meeting with executives from Alcatel-Lucent and Sprint ( News - Alert), I was shown a technology developed by the former and sold by the latter that makes laptops more secure in a number of ways. The solution the companies demonstrated is something many corporations need as it allows them to take control of their mobile assets in ways not previously possible.
In brief, the companies have developed a broadband wireless data card named the SprintSecure Laptop Guardian which contains a battery, computer, GPS transceiver, VPN , firewall, and more. This card connects with a management console which is housed in the enterprise.
Once the card and accompanying software are installed on the laptop, all IP traffic is hijacked and all traffic is subsequently routed to the enterprise VPN. This by the way means all IP traffic whether it is wireless LAN or Ethernet traffic. As you might have guessed, remove the card and the laptop fails to function.
So now let’s say the laptop is stolen or lost. All you do is call your network admin and tell them. At this point the admin goes to the console and puts in the password and selects the laptop in question. The location of the laptop is then shown on a map using GPS or AFLT (Advanced Forward Link Trilateration which is triangulation based on cell phone towers).
In case you are wondering, the admin console is logged to keep frivolous use to a minimum.
Your next question is whether the card works when it is not in the laptop. The answer is absolutely. The battery in the card is about the same size as what you might find in smart phone and subsequently powers the card for about 100 hours.
So as you probably guessed, once you are in the management console you can wipe the laptop clean – or at least delete encryption keys making the data on the mobile computer unusable. You can even wipe the special encrypted virtual drive held on the laptop.
Ok, now that we have the basics out of the way, here are some of the more interesting things this solution can do. Patch management. If your company took weeks or months to roll out patches to your employees, imagine you can now have the patches download overnight and be installed when the laptop turns on. How you may ask? Well simple – the card has a great deal of memory on it and is expandable meaning it helps make the job up upgrading laptops much easier.
The card can even do backups through a relationship with EMC ( News - Alert). As you might imagine if the card can backup it can also restore making it that much more useful.
This also means the card can facilitate a backup just before it wipes the data clean so nothing is lost.
In addition, the wireless “smart” card can determine if there is a virus or other malicious software and if found it can shut down the computer’s IP address and alert the enterprise. At this point the enterprise can begin a remote repair process.
The card also acts as a second authentication factor and has open APIs allowing applications to harness the capabilities of the card as well.
My feeling on the solution? It is fantastic. It is a tremendous differentiator for Sprint and Alcatel-Lucent ( News - Alert) has done a marvelous job of making a wireless solution that is much more useful than the competition. One day soon other service providers will have this sort of capability as well but until then you will need to purchase Sprint’s wireless data service to get access to what I consider to be perhaps the world’s best integrated wireless/security solution for laptops
Local Area Network (LAN) | X | There is much more to LANs to explain on a few words. Pleases refer to TECHtionary.com for a vast set of tutorials on this subject. LAN connections use 48-bit MAC addresses permanently fixed into th...more |
Internet Protocol (IP) | X | IP stands for Internet Protocol, a data-networking protocol developed throughout the 1980s. It is the established standard protocol for transmitting and receiving data
in packets over the Internet. I...more |
Voice over IP (VoIP) | X | A real-time communications system that converts voice into digital packets containing media and signaling data that travel over networks using Internet Protocol....more |
Virtual Private Network (VPN) | X | Virtual Private Network is through the use of tunnels (encryption) creating secure IP networks. In this TECHtionary tutorial, we will review:
- Four Compelling Market Conditions Drive VPNs
- Three ...more |
|