Mobile computers with poor reparability and flexibility due to surface-mounted components are becoming widespread. Perhaps a good contrarian alternative is needed.
The Scenario
Stepping out of a confidential meeting where you took down sensitive information with government officials for a secret project, you are wary of losing your office laptop or getting it stolen if you were not careful.
Your Brand X laptop may have the latest antivirus and security software installed, and your office IT people have strict rules about using unauthorized thumb drives or doing personal stuff on your machine. But still, the latest “inadvertent” data leak by the Singapore Accountancy Commission shows you can never be too careful about sensitive data. And the Disney Plus user account hacks have got you panicky about reusing passwords for too many website logins!
As you hug your Brand X laptop tightly without being too paranoid and thus attracting attention, you notice another vendor who had attended the same meeting. As he packs up his laptop to leave the meeting room, he does something unusual: He turns the laptop on its side and with a flick of his thumb and index finger, he plucks out some longish attachment from the back of the industrial-looking laptop. With a smug look, he puts that attachment into a pocket case, packs up the rest of the laptop gear into a laptop bag, and proceeds to leave the meeting room.
Removable encrypted M.2 SSD
If you have not already guessed, that vendor had just removed his laptop’s sole hard drive from the main chassis. That just about renders the laptop worthless to anyone who manages to steal it for its data, because the entire operating system has been removed.
Wait a minute: your interest is really piqued now! After a friendly chat with him, you find out from the person that, even if a hacker had stolen the hard drive, it would have also been worthless. The M.2 drive’s data is locked down with 256-bit encryption. The proud owner further elaborates that, should his laptop ever get stolen, any really sensitive data would have been stored in the Cloud, and one call to his office IT people, the onboard Unified Endpoint Management (UEM) system would have remotely locked down machine and wiped it clean upon powering up.
Foiling even the tightest laptop security
Your own Brand X laptop is managed by IT with the Microsoft System Center Configuration Manager (SCCM) and BitLocker, and you do sleep better at night. But you also know that even SCCM and BitLocker are not immune to one of the most potent laptop hacks available. We are referring to hackers who manage to modify the Basic Input/Output system (BIOs) or firmware interface (Unified Extensible Firmware Interface) of a typical laptop.
As the Bios/UEFI constitute the deepest level of functionality that all other hardware and software require in order to function at all, hacking it would effectively render its activities invisible to Windows 10 Pro’s security, as well as that of SCCM, Trusted Platform Module, antiviral and even UEM software. Ironically, the functionality of these security layers can be compromised by surrepticiously-hacked Bios/UEFI code.
Time for a tougher look at laptop security and utility
Now imagine your jaw drop when this vendor tells you his military-spec laptop is one of the first in the world to be immune to Bios/UEFI hacks.
Furthermore, as this laptop is leased under a special arrangement with the manufacturer, his laptop will be regularly updated with security patches, modular add-ons for specific use-cases, and even hardware upgrades for the life of the subscription.
With cyber criminals constantly exploiting weaknesses in everything from Bios/UEFI to weak passwords and social-media habits, businesses really need to review their laptop selection and management protocols and put security as a priority over cost reduction. Recent research already indicates that many companies are not fully ready to handle the threat of malicious hackings, “inadvertent data leaks” and related crises—sometimes originating from within their organization.
One last look before parting ways
The chat with such an informative and proud owner of a secure laptop would not be complete without a closer look at the thing. So, you now discover that the laptop is rather light for its rugged industrial looks: 2.1+ kg for a machine with a 14” screen. It is splash proof rated to IP53 standards, and has the highest number of configurable options you have ever seen!
How so? Three compartments, a rear expansion slot, and several mounts on the reinforced chassis allow corporations to fit this Windows 10 Pro laptop with the following enterprise-level functionality:
- Four professional microphones for industrial-strength voice-recognition use cases
- 2megapixel front mounted camera with IR and privacy shutter for facial recognition (Windows Hello)
- Color-programmable backlighting for use in dark operating environments
- Fingerprint reader for biometric security
- Smart card reader, contactless smart card reader, RFID reader
- Connection interfaces such as HDMI, VGA, True Serial, Gigabit LAN and ‘rugged-USB’ port
- Radeon Pro WX slot-in graphics processing unit (GPU) to supplement the CPU graphics processor
- DVD/Blu ray disc reader or a second removable M.2 SSD drive
- Secondary Li-Ion battery to extend operation time to 40 hours (from the standard 19-20hrs depending on exact hardware configuration options)
- Stylus pointer with 2mm fine nib for precision screen work (for models fitted with a multitouch screen that works well even with gloved hands)
At the time of configuration, the base unit can be fitted with either an Intel Core i5 or i7 processor with vPro security, plus 8 to 64GB of RAM and up to 1TB of main SSD storage. The 14-inch active matrix screen can be either HD or Full HD resolution, with or without multi-touch capability.
If you are not already gasping for air at the sheer scalability of functions, you probably thought the laptop’s features end there. The rest, such as Bluetooth 5.0, 4G LTE, HDMI 2.0 connectivity, u-blox NEO-MBN GPS/GLONASS, Trusted Platform Module with additional layers of security; multiple USC C ports with (one with power delivery charging function); SDXC memory card reader, Gb LAN port, port replicator and dual-band Wifi are all standard.
The semi-rugged portable laptop built with magnesium and tough plastic survives drops to 91cm, extreme ambient temperatures between –20 and 60 degrees Celsius, and is dust and splash resistant for the kind of environments and user handling befitting secret agents and cave-miners. Even the briefcase-style handle looks like something weightlifters use for gripping iron. Furthermore, as befits a machine that many workers need to refer to at the same time, the LCD screen can be pressed down flat to the table top.
As it comes from a long line of earlier industrial-grade laptops, this amazing workstation can fit into a huge array of in-vehicle mounts and other fixtures for resistance to constant vibration and other forms of field battering.
Redefining high mobile security and configurability
By now you know the laptop is the Panasonic Toughbook 55, launched recently around the world since September. It hails from a 22-year heritage of other rugged, handheld industrial-grade devices with independently-verified failure rates of only 2.4% annually. With the innovative Toughbook-as-a-Service subscription scheme, even this minute failure rate is mitigated by the fast replacement/repair or servicing time. The service even provides secure data wiping for decommissioned equipment at the end of the subscription period.
Up until recently, organizations that have made do with consumer-grade or even rugged business-grade computing devices without hardened security features would have probably encountered costly caveats and pitfalls after saving on the initial investments. That is why, as the pressure to survive in the digital economy rages on, companies need to be open to the long-term benefits of commissioning ultra-secure, ultra-flexible computing equipment on a subscription model.
When coupled with good planning, the initial capital expenditure of using such equipment should be lower and customizable, yet resulting in increased field productivity and good returns on investment. The work of support such sophisticated customized assets would also be simplified and secure due to the outsourced expertise.
Conversely, gunning for short-term savings and medium-term productivity compromises comes with a high probability of security risks and equipment failure rates/downtime, all of which can obliterate the reputation and image of entire organizations in one major data breach or hacking incident.
As the great Benjamin Franklin once alluded to, the bitterness of compromise remains long after the sweetness of low price is forgotten.