The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    Thinkpad security gurus...fingerprint, cardslot, disk encryption and more!

    Discussion in 'Lenovo' started by mcbrided, Aug 19, 2007.

  1. mcbrided

    mcbrided Notebook Consultant

    Reputations:
    10
    Messages:
    224
    Likes Received:
    0
    Trophy Points:
    30
    Hello all! I know we MUST have some Thinkpad security-minded gurus here. I've waited a good many years to buy one and am now awaiting my first as some of you already know!

    Heres the deal - I bought T61p with fingerprint reader, 160GB w/encryption and a smart card slot.

    I am planning on booting Vista with the fingerprint reader/disk encryption for my school and personal needs.

    However, I will be using a small (imaged) XP partition at the office. I just hired an awesome CISSP certified security guru to deploy a new Smart Card setup and I am needing to know if it is possible to have the Thinkpads filesystem encryption tied in with the SmartCard rather than the fingerprint reader.

    To take this further, I will be redeploying this disk image on a weekly basis as I work with our group policies so that I can test settings on a fresh install. Will doing this adversely affect the disk encryption at all?

    Excuse the brevity of the questions, I am still learning all about the built in security stuff and quite possibly am at a very basic level of understanding.
     
    mcbrided, Aug 19, 2007
    #1
  2. mdarter

    mdarter Notebook Enthusiast

    Reputations:
    0
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    5
    I certainly don't want to rain on your parade, but do a little googling on fingerprint readers and gummy bears before you rely too much on it for security. This is not a secure method at all. In fact, use of them on internal Microsoft laptops is a violation of security policy. I'd talk to your CISSP about this.

    In terms of disk encryption, I'm not sure how Lenovo is providing this on their hard drives. Vista Ultimate and Enterprise provide a built-in option called BitLocker that uses the TPM security chip.

    As far as redeploying this image weekly, I'd consider using a virtual machine to test group policy.
     
    mdarter, Aug 19, 2007
    #2
  3. mcbrided

    mcbrided Notebook Consultant

    Reputations:
    10
    Messages:
    224
    Likes Received:
    0
    Trophy Points:
    30
    for the business, there will be smartcard/2 form authentication going...I am only using the fingerprint reader stuff for my personal/school for ease of use.

    I am also unsure how the encryption is being done. It was the option with the harddisk though. Hoping to thoroughly go through everything as soon as I get it.
     
    mcbrided, Aug 19, 2007
    #3