The best work laptop is one that can keep your private data private. The software – including antivirus protection – is important, but what hardware features will make you more secure? Here is an overview of the security features to look for when buying a new business laptop.
Biometric security features allow you to keep your computer locked using your own body. These features are generally more secure than a simple password, as they can not be guessed. Biometrics comes in two main varieties: fingerprint scanners and facial recognition cameras.
The most common tool for biometric authentication is an integrated scanner, which allows you to connect to your workstation with your finger. Search for a model with a single-sensor sensor; Older models often require you to slide your finger on the fingerprint scanner, which does not work as reliably.
This category of biometric authentication is relatively new, and only a handful of laptops are able to do so in a secure manner. Specifically, you will want a system equipped with an integrated Intel RealSense 3D camera, which can connect only by recognizing your face. The tests show that the technology is even more precise and safe than a fingerprint sensor, because the 3D sensor can not be deceived by a flat reproduction.
Smart card reader
A smart card reader is a strong alternative to traditional passwords and biometric authentication. To connect to a protected system, users must insert a physical security card, and then enter a PIN number. From there, the smart card communicates wirelessly with the laptop to connect.
Smart card readers are generally only available on business class notebooks, and even then they are not necessarily standard. Many computers in the Lenovo ThinkPad line, as well as in the Dell Latitude line, can be upgraded at checkout to include a smart card reader for less than $ 20 more. You can also remove an external smart card reader, which couples with your PC via USB.
Smart cards are typically used in business scenarios, where a large company provides laptops to its employees. It is possible to order your own smart card by applying for one time online.
Encryption keeps your data secure by making it illegible for anyone who does not have the password to decode it. It is important to encrypt your data, even if your computer is protected when logged in by a password screen, because this password screen will be rendered useless if someone steals your computer; At this point, your hard drive can simply be plugged into another PC and your data is directly accessible.
Advanced users can encrypt their files using third-party software, but Microsoft’s BitLocker service is by far the best option for the average worker on a Windows laptop. It encrypts your files using a special chip called Trusted Platform Module, located inside your computer. Here is a quick breakdown.
Trusted Platform Module
A Trusted Platform Module, or TPM, is a special security chip that attaches to some motherboards on the laptop and allows hardware encryption for your files. In other words, it blocks thieves and attackers from reading your personal data unless you have access to a special password, which is partially stored on the internal drive of your computer and partially stored on the TPM itself, even. In this way, no attacker can display your files by simply stealing your disk or accessing it remotely. And since a TPM chip has built-in protection, a thief can not place the drive on another motherboard to bypass the encryption.
You do not have to be technically informed to use a TPM; If your computer comes with one on board, it will automatically work to encrypt your data. If you need to access the full password to retrieve your files, you can view it in your BitLocker Vault, available after you log on to your online Microsoft account.
BitLocker is available only on the most professional versions of the Microsoft Windows operating system. It specifically, works on Windows 7 Ultimate or Enterprise, Windows 8 Pro or Enterprise, or Windows 10 Pro or Enterprise. If you buy a new laptop that comes with Windows 10 Home installed, you can pay a flat fee of $99 to upgrade to Windows 10 Professional. Any new laptop that comes with a TPM probably also comes with Windows 10 Pro installed, though, so BitLocker should work out of the box
Securing your data is important, but how do you protect your physical laptop from thieves? Many business-class notebooks come with a special slot – called a Kensington lock slot — that lets you physically chain your system to your desk with a cable
Kensington cables are extremely durable and secure with a combined four-digit lock – the same type you might see on a briefcase. They typically cost between $ 30 and $ 50, but make sure your laptop has a compatible slot before choosing one.
Software and hardware management is not a priority for the self-employed. But if you need to deploy PCs to your employees, secure management technology is mandatory to keep company systems up to date and run the right software. It also allows you to track, locate, or delete these systems if they are lost or stolen. There are countless third-party computer management suites that can meet the needs of your business, but by choosing one, you go beyond the scope of this guide.
An additional hardware feature to look for is Intel VPro, which is a generic term for a variety of security features, including one that lets you access laptops at the hardware level. This allows you to run software and group policy updates even when a system has been disabled. The ability to manage a power down system also helps when you need to locate the system, restrict access to it, or wipe it clean if it has been lost or stolen.