New Lenovo Hardware Password Manager Unlocks Key to Stronger Data Security
Thur 16 April, 2009

RESEARCH TRIANGLE PARK, NC, April 16, 2009 – Lenovo today announced the Lenovo Hardware Password Manager, the latest advancement for businesses to manage data security and the only universal tool to work with all brands of hard drives with full disk encryption (FDE). This new tool allows IT administrators to remotely manage employee hard drive passwords, including drives that are self-encrypting, on many Lenovo Think-branded laptops and desktops. Remote management helps make adoption of FDE hard drives a more viable option for many companies now that IT administrators can easily centrally control and reset hard drive passwords. Hardware Password Manager not only helps companies increase their overall level of data security but also helps them reduce the time and expense associated with resetting employee passwords.

"Encrypting drives offer state of the art protection for PC data, but companies everywhere previously had difficulty managing them," said Peter Schrady, vice president and general manager, Enterprise, Software and Peripherals, Lenovo. "Lenovo's new Hardware Password Manager product provides an easy tool to reset passwords by remote control, including full-encryption drives. This is the world's only solution to centrally manage all available brands of fully encrypting drives. The fact that it can also utilize our fingerprint reader to access encrypted drives makes it even better."

The High Price of Compromised Data

Theft of sensitive information from personal and enterprise computer systems is one of the fastest growing crimes in America. More than 250 million records containing sensitive personal information have been involved in security breaches in the U.S. since January 2005.¹ When this happens, companies often incur costs for incident response handling, legal fees, corrective actions, loss of reputation and loss of customers. In fact, the average total cost per incident in 2008 was $6.65 million, more than $200 per compromised record.² More than 40 states require businesses to notify customers if sensitive data is compromised, however, some allow exemptions for encrypted data.

Providing Manageability and Strong Security

While FDE technology offers companies higher levels of security over traditional hard drives since every piece of data on the hard drive is encrypted, managing these drives has proved challenging until now. Lenovo designed the Hardware Password Manager to give businesses the ability to easily set up, deploy and remotely manage and reset employee hard drive passwords. It also allows employees flexibility to set their own passwords to protect their privacy. Lenovo’s ThinkPad X301, X200, X200s, X200 Tablet, T500, T400, R500, R400, W700, W700ds and ThinkCentre M58/M58p desktop support the technology.

Because most companies do not manage employees’ hard drive passwords, previously the drive would have to be sent to a third party for costly recovery if an employee forgot or lost a password for their PC’s hard drive. If the drive happened to be encrypted, the data would be unrecoverable. For the small number of companies that do manage employees’ passwords, password resets would most likely require on-site support, adding time and expense for the organization.

Gartner found that help-desk related calls, including password resets, can cost companies up to $18 per call, which can add up quickly across a large organization. It also found that 30 percent of the total call load for multipurpose help desk calls are password related and that password management can help reduce that volume by 70 percent.³

Simple Password Set Up and Retrieval

With Hardware Password Manager, IT administrators can create an administrative user ID and hardware password within a “vault” in the PC’s BIOS. The administrator can then deploy the PC or remotely send the installation package to an employee’s PC in the field. When the employee turns the PC on, he or she will choose a unique user ID and password to access the PC’s hard drive. Similarly, when the employee enters his or her user ID and password, it will also unlock the fully encrypted hard drive. This ID and password could be the employee’s Windows Domain user ID and password.

In the event the employee forgets his or her password, there are several options for retrieving it. The employee can simply:

• Log onto the company’s Intranet through a wired connection with his or her Intranet credentials and re-enroll a new password
• Be given access by the IT administrator to an emergency account already created in a BIOS “vault” in the PC (just for this purpose)
• Bypass the prompt for the Hardware Password Manager and enter the real hardware passwords (provided by the IT administrator). Then the Help Desk can deregister the old “vault” remotely to allow the user to re-enroll a new ID and password

Additionally, Hardware Password Manager allows for central management of the BIOS Supervisor password, helping control the configuration of BIOS settings on a deployment of PCs. In some industries, regulation and contract requirements mandate certain BIOS configurations, and without central management of the Supervisor password, meeting that requirement can be costly and labor intensive.

Click here to watch a demonstration of Hardware Password Manager.

"The costs of data security breaches are real and continue to rise each year," said Brendan Collins, vice president, Product Marketing, Hitachi Global Storage Technologies. "Hitachi has been a strong supporter of industry efforts to enhance data security standards and has now been shipping encrypted hard disk drives for four product generations. The Hitachi Travelstar 5K500.B has the potential to extend the reach of data encryption technology and provide additional safeguards for notebook users who travel the world with confidential information. When used together with Lenovo's Hardware Password Manager, IT managers have the building blocks they need to help meet higher levels of security compliance."

“LANDesk has worked with Lenovo to offer a variety of management capabilities for Lenovo’s ThinkVantage Technologies and is now extending them to include Hardware Password Manager,” said Steve Daly, general manager, Avocent LANDesk Division. “This allows IT administrators to remotely deploy and reset lost or forgotten passwords, adding a new level of control for companies who need the latest hardware security and control over their PCs.”

Availability⁴

Lenovo Hardware Password Manager will be available worldwide starting in early May through Lenovo sales.

About Lenovo

Lenovo (HKSE: 992) (ADR: LNVGY) is dedicated to building exceptionally engineered personal computers. Lenovo’s business model is built on innovation, operational efficiency and customer satisfaction as well as a focus on investment in emerging markets. Formed by Lenovo Group’s acquisition of the former IBM Personal Computing Division, the company develops, manufactures and markets reliable, high-quality, secure and easy-to-use technology products and services worldwide. Lenovo has major research centers in Yamato, Japan; Beijing, Shanghai and Shenzhen, China; and Raleigh, North Carolina. For more information see www.lenovo.com.

¹http://www.privacyrights.org/ar/ChronDataBreaches.htm
²PGP Corporation/Ponemon Institute. U.S. Cost of a Data Breach Study, February, 2009
³Gartner: Market Overview for Password Management. Kreizman, Greg and Carpenter, Perry. June 2, 2008.
⁴All offers subject to availability. Lenovo reserves the right to alter product offerings and specifications at any time without notice