The 1 Year Anti-Theft Service License Pack from Intel helps protect your personal information by locking down your lost or stolen Ultrabook or device-either automatically or by sending a lock command over the Internet.
Once it's locked down, your device will not boot up and the locked screen will display your custom recovery message. Intel AT works even without Internet access and, unlike many other solutions, is hardware-based, so it's tamper-resistant. A personalized, "Good Samaritan" recovery message on your screen facilitates device recovery. Moreover, if your stolen computer is recovered, it can be easily reactivated without harm to your data and digital content.
Local and Remote Detection Mechanisms
Intel AT includes several hardware-based detection mechanisms that can trigger a lock down. Detection mechanisms can be local, based on IT policy, or remote, over a wired or wireless LAN connection. Hardware-based detection and trigger mechanisms, all configurable by flexible IT policies, include:
•Excessive login attempts or time spent in the pre-boot authentication (PBA) screen. The laptop can automatically trigger a lock down and prevent access to data if someone tries to log in too many times unsuccessfully or takes too long to log in. The PBA timer provides an additional level of security to prevent automated attacks.
•Missed check-ins with the central server. If check-in with the central server is missed, a local hardware-based timer expires, and the laptop immediately goes into theft mode, even if the system is not connected to the Internet.
•Notification through a message sent over an IP-based wired or wireless LAN. The next time the laptop connects to the central server, it can receive an encrypted message, the poison pill, to go into theft mode. The central server can be hosted on the Internet to allow communication with laptops outside the corporate firewall.
•Resume from standby IT administrators can now tighten the security of a laptop upon resumption from standby (S3 sleep) state: If the Windows login is not completed in a short period of time, as defined by IT, the user must re-enter the encryption login credentials before being allowed access to the laptop. This feature eliminates a traditional vulnerability in data protection of laptops and is available on laptops with the 2nd generation and 3rd generation Intel Core i5 vPro and Core i7 vPro processors.
Flexible IT-Specified Responses
Intel AT provides flexible options for automated loss and theft responses. Depending on the mechanism, the response can be activated locally and automatically, or remotely by IT.
•Disable the laptop Block the boot process through the laptop's hardware. This response works even if the boot order is changed, the hard drive is replaced or reformatted, or other boot devices, such as a secondary hard drive, removable drive, CD, DVD, or USB key, are tried.
•Disable access to encrypted data Delete essential elements of cryptographic materials that are required to access encrypted data on the hard drive.
•Customizable lost-and-found message This message is displayed after the laptop enters theft mode. For example, a lost-and-found message could say, "This laptop has been reported missing. Please call 1-555-666-7777 to return the system." IT can combine responses to provide different levels of lockdown for different users.
Easy and Rapid Reactivation, and Full System Recovery
Intel AT includes several mechanisms for easy, rapid reactivation of a recovered laptop, including integration with existing software vendors' pre-boot login modules.
•Local passphrase Entered by the user or by IT in a special pre-OS reactivation screen, through BIOS or a PBA module.
•One-time reactivation code Generated by IT or by the user's service provider, and entered in a special pre-OS reactivation screen or PBA. Whichever method is chosen, reactivation returns the laptop to full functionality in a simple and quick manner, without compromising sensitive data or the system's security features.
Intel Anti-Theft Technology
Intel AT delivers built-in client-side intelligence to help businesses secure sensitive data regardless of the state of the OS, hard drive, boot order, or network connectivity. This hardware-based technology provides compelling tamper-resistance and increased protection to extend your security capabilities anywhere, anytime, on or off the network, and to minimize your business risk.