Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:00 PM
Arun Subbarao
Arun Subbarao
Connect Directly
E-Mail vvv

Secure Laptops & the Enterprise of the Future

The enterprise of the future will depend upon organizations' ability to extend the company firewall to everywhere people are working.

COVID-related activity restrictions have made working from home the norm. Both employers and employees have adjusted how they work to ensure business continuity during this time. Even after the pandemic subsides, it is widely expected that employers will continue to offer more flexibility to employees to work from home at least part of the workweek. These developments are shining a spotlight on endpoint security and the need to ensure that the laptops employees are using are secure and offer the same level of protection as desktops inside the corporate perimeter.

Everyone says security is important. Yet, there are reports every single week about breaches. In just one seven-day period in early February, I saw reports about:

Related Content:

Mobile Endpoint Security: Still the Crack in the Enterprise's Cyber Armor

Special Report: Understanding Your Cyber Attackers

New From The Edge: Breach Etiquette: How to Mind Your Manners When It Matters

The current state of the art makes it clear that security continues to be a weak link. Specifically, we are lulled into a false sense of security by antivirus products' claims. Yes, they do an important job. But the traditional methods of securing a laptop with antivirus solutions or a virtual private network (VPN) client running inside Windows are no longer sufficient to ensure the devices' security, especially in the wake of emerging threats. This issue becomes even more serious with laptops used for corporate-sensitive or nation-sensitive use cases.

We need a new paradigm for the secure laptop, inspired by the US government's Commercial Solutions for Classified (CSfC) program.

Secure Laptops: A Layered Approach to Security
The Multiple Independent Levels of Security (MILS) architecture advocates security through isolation. The crux of this is to allow security-sensitive functions to be isolated from the user domain, thereby creating an environment that is free from bypass or tamper.

Two key fundamental properties are essential for foundational security: separation and information-flow control. By separating security functions into different domains and controlling the flow of information between those domains, this approach offers a different paradigm for ensuring confidentiality and integrity for security-sensitive use cases.

In addition to setting security policies for separation and information-flow control, care must be taken to virtualize different operating environments. These foundational properties create a secure laptop configuration that provides:

  • Isolation of the Windows environment for the user
  • A separate domain for protecting data in transit with two VPNs
  • A separate domain for protecting data at rest
  • An isolated management domain to allow for secure updates

Isolating the key elements that protect data at rest or during transit significantly increases a laptop configuration's security posture. This is because neither of those domains that are fundamental to ensuring data security are accessible to the user or directly on the network. This creates a "corporate perimeter on the go."

Secure Laptops for High-Threat Environments

The diagram above shows how this could be configured in practice for high-threat environments. The key components are:

  • Protected OS: Typically, laptops use the Windows operating system to handle day-to-day activities. Instead, a protected OS runs inside a virtual machine in an isolated, virtualized manner and cannot connect to the Internet directly. Windows connects to the outside only through VPN domains.

  • VPN domains: Two separate domains, the inner and outer VPN, host two VPN clients for double protection for data in transit. Each VPN domain connects independently to a separate VPN server with potentially separate credentials to ensure utmost protection. The VPN domains are inaccessible to the user and not subject to bypass or tamper.

  • Management domain: One or more separate domains control access to the self-encrypting drive to protect data at rest. This management domain typically also hosts a management agent that provides features such as over-the-air upgrades and fallback to a known-good configuration if an upgrade fails.

  • Boot authenticator: This unlocks the laptop through a PIN entry that allows the laptop to be instantiated only with successful authentication.

  • Public network domain: This is the only entity that is connected to the Internet; it cannot interact with other security-sensitive domains.

Effectively, this extends the company firewall to the place where you are working, be that a house, a coffee shop, or (yes) an airplane. Corporate IT policies are delivered and managed on a per-laptop basis wherever those assets are located.

This approach shouldn't reinvent the wheel. Organizations often have preferred VPN functionalities that need to work inside the solution's framework. The approach should also enable IT to reside in corporate headquarters, monitor all assets, and perform expected functions, including remote wipes and backups of users' laptops.

Envisioning Secure and Seamless Productivity
The enterprise of the future will depend greatly on commercial and government organizations' ability to seamlessly combine typical laptop user experiences with stringent security measures required for remote work.

The first step is to ensure that all commercially available laptops can support these configurations to give corporate IT users broad choices. As they evolve, touchscreens, hybrid laptops, tablets, and other productivity devices can also take advantage of these enhanced security configurations.

Government users will require laptop capabilities aligned with CSfC and other regulations to provide the security levels needed for handling highly classified information. Using standard commercial technologies to design regulatory-approved cybersecurity solutions will bring these increased levels of security to fruition in a timely manner.

Arun Subbarao is Vice President of Engineering at Lynx Software Technologies, responsible for the development of products for the Internet of Things and cybersecurity markets. He has 20+ years of experience in the software industry working on security, safety, virtualization, ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function.
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel�s tz_handle_trusted_app_smc function where a lack of integer overflow checks on the req_off and param_ofs variables leads to memory corruption of critical kernel structures.
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with multiple occurrences of the same parameter. The deserialization of untrusted data might allow an attacker to exploit the deserializer to impact code execution.