WinMagic has announced an agreement with Intel to support Intel Anti-Theft Technology (Intel AT). When combined with WinMagic's SecureDoc full-disk encryption, Intel AT will provide customers with fully-integrated, tamper-resistant data protection and laptop theft deterrence.
WinMagic's integrated security offering leverages the robust hardware-based capabilities of Intel AT chip to enable stronger data protection. WinMagic's SecureDoc integrates with the local and remote theft detection mechanisms provided by Intel AT during pre-boot and normal operation to ensure that data cannot be accessed by an unauthorized user. If an Intel AT enabled laptop is lost or stolen it can be disabled remotely through the action of an IT manager at a corporate console in a central location. If recovered, the laptop's functionality can be restored, reducing the economic impact of the temporary computer loss to the organization.
Gary McCracken, vice president of technology partnerships at WinMagic, says that the foundation for the latest version of SecureDoc has been laid over time. It has its roots, he says, in the client/server architecture of WinMagic's legacy products, where the server pushes a profile clients that can control a variety of factors such as password strength, biometric authentication, and how the company want ports on the client platforms to be controlled. The configuration information is wrapped with an executable package which is installed on the clients. McCracken says, "The first thing installer does when it runs is check for a self-encrypting drive (for more about full disk encryption, see Full Disk Encryption Evolves) and then the software decides whether to manage the drive or encrypt in software. After the installation, the credentials required to recover data are sent back to the central administration server." The information shared between client and server allows for the very precise management of the data from a central console.
Intel AT, according to McCracken, is a technology that has a number of capabilities apart from full-disk encryption. There's a hardware timer and memory for secure storage. McCracken says, "The Intel AT software can disable hardware from a central console. If it doesn't rendezvous with the central server within a time window, it triggers a poison pill that shuts down the CPU."
Anand Pashupathy, Director of initiatives and services, strategic planning, at Intel says that Intel was driven by several factors in developing the Intel AT functions. "We found there were two sets of technologies being provided to customers. One was encryption and the other was theft detection. We wanted to make the solution even more tamper resistant than what was originally available. In large enterprises we found we could harden the solution and make it more tamper-resistant by hiding the keys in the AT chipset. Now, if someone took the hard drive out and put it in another machine they couldn't get at the data because the key is in hardware in the original machine. Should the laptop be stolen or lost, the poison pill can be sent and the laptop shutdown. In the lag time the data is protected through the full-disk encryption."