• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Lenovo Introduces New Factory Services for Expanded Portfolio of Windows Secured-core PCs

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,283 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Lenovo today announced a significant expansion of Secured-core PCs within its ThinkShield portfolio. In addition to offering a wider selection of these devices, Lenovo also introduced its new Secured-core PC Enablement Service to support customers with custom imaging, BIOS protection, and configuration of operating system settings. Designed to simplify and further secure the deployment of these devices within an organization, this new factory service can be purchased as an add-on to the device.

Integrating hardware, firmware, software and identity protection, Windows 10 Secured-core PCs offer a deeper level of protection against highly advanced threats and increasing risks of cyberattacks and malware. Since their introduction in October 2019, Lenovo has offered two devices that are capable of being ordered as Secured-core PCs, the ThinkPad X1 Yoga Gen 4 and the ThinkPad X1 Carbon Gen 7. As part of the recent Secured-core PC portfolio expansion, Lenovo will now offer ten additional devices: the ThinkPad X1 Carbon Gen 8, ThinkPad X1 Yoga Gen 5, ThinkPad X13, ThinkPad X13 Yoga, ThinkPad T14s, ThinkPad T14, ThinkPad T15, ThinkPad P1 Gen 3, ThinkPad P14s and ThinkPad P15s premium laptops. These Modern Standby enabled laptops focus on providing a smarter and more secure working experience and feature several innovations to empower remote workers. Emerging technologies including PrivacyGuard, WiFi 6 and up to CAT 16 WWAN can be invaluable in meeting the needs and desires of remote workers.



Services Designed to Strengthen Security & Facilitate Deployment
While Secured-core PCs have the related security features enabled at the time of purchase, IT departments have traditionally had to complete additional time-intensive tasks in order to set-up the new Secured-core PC upon receipt. These steps can include installing custom images, operating system configuration and manual password setup in order to protect BIOS settings, actions that would have to be performed on each new device.

Through the new Secured-core PC Enablement Service provided by Lenovo Services, Secured-core PC BIOS settings can be loaded at the factory with BIOS passwords set, as defined by the customer. This not only prevents tampering during shipment, but also keeps end users from being able to change the BIOS settings. Additionally, Lenovo can configure all of the required Secured-core PC Windows operating system settings on behalf of the customer. By selecting this service, companies can have the confidence that their device's BIOS and operating system security features are set and shipped ready to deploy consistently across the entire fleet, requiring no additional configuration by an IT admin.

"Now more than ever, our customers are looking to us for ways to add additional layers of security while also supporting workforce productivity. With Lenovo's Secured-core PC Enablement Service, we are able to give customers greater confidence that their Secured-core PC has been configured correctly, the peace of mind that it will be better protected during shipment and the ability to get their employees up and running faster with their new device, wherever they may be," says Rebecca Achariyakosol, Executive Director, Global Services Product Development and Marketing of the Intelligent Devices Group at Lenovo.

Availability
Lenovo's new portfolio of secured-core PCs will be available worldwide from June 2020.

View at TechPowerUp Main Site
 
Joined
May 19, 2009
Messages
1,818 (0.33/day)
Location
Latvia
System Name Personal \\ Work - HP EliteBook 840 G6
Processor 7700X \\ i7-8565U
Motherboard Asrock X670E PG Lightning
Cooling Noctua DH-15
Memory G.SKILL Trident Z5 RGB Black 32GB 6000MHz CL36 \\ 16GB DDR4-2400
Video Card(s) ASUS RoG Strix 1070 Ti \\ Intel UHD Graphics 620
Storage 2x KC3000 2TB, Samsung 970 EVO 512GB \\ OEM 256GB NVMe SSD
Display(s) BenQ XL2411Z \\ FullHD + 2x HP Z24i external screens via docking station
Case Fractal Design Define Arc Midi R2 with window
Audio Device(s) Realtek ALC1150 with Logitech Z533
Power Supply Corsair AX860i
Mouse Logitech G502
Keyboard Corsair K55 RGB PRO
Software Windows 11 \\ Windows 10
Joined
Nov 1, 2017
Messages
521 (0.22/day)
It's just Lenovo portable systems with an AMD CPU :laugh:.

For real, I'm curious to see this product IRL from a sysadmin perspective.
I guess it's a UEFI packed with additional features. But for those features to be active in Windows, do we need to install a load of bloatware? Is it really more secure, or it's just like Intel Management Engine?

Is it like a server BIOS-IMM? Does it requires licensing over time?

I guess I have stuff to go read.
 
Joined
May 13, 2010
Messages
5,632 (1.11/day)
System Name RemixedBeast-NX
Processor Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard Dell Inc. 08HPGT (CPU 1)
Cooling Dell Standard
Memory 24GB ECC
Video Card(s) Gigabyte Nvidia RTX2060 6GB
Storage 2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s) Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case Dell Precision T3600 Chassis
Audio Device(s) Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply 630w Dell T3600 PSU
Mouse Logitech G700s/G502
Keyboard Logitech K740
Software Linux Mint 20
Benchmark Scores Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P
intelME on steroids or meth?
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
Not really unless you are into conspiracy theories.
Or have a great deal of real world experience. Seriously, one of my employees challenged me to setup Windows as secure as I could get it and right in front of us he hacked into that machine with an OG Motorola Droid, rendering it unbootable. Granted, that was Windows 8.1 a few years ago and he did not succeed with Windows 7. I have no doubt that someone with the right know-how could make short work of Windows 10.
 
Joined
Aug 20, 2007
Messages
20,714 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Or have a great deal of real world experience. Seriously, one of my employees challenged me to setup Windows as secure as I could get it and right in front of us he hacked into that machine with an OG Motorola Droid, rendering it unbootable. Granted, that was Windows 8.1 a few years ago and he did not succeed with Windows 7. I have no doubt that someone with the right know-how could make short work of Windows 10.

I have more doubts with 7 now than 10. So many unpatched open bugs left with 7.

Really, Windows is easy to hack if your on the same LAN. That's how it's almost designed, really.
 
Top