Securing The Supply Chain

Cybersecurity remains a perennial hot topic. We hear many stories of hacking, data breaches and ransomware. To combat the ever-present threat of cybercrime, the IT industry is working continuously to improve end-user identity validation and data protection through software and multifactor authentication methods such as fingerprint and facial recognition. But what about cybercrime that impacts your physical PC?

Have you ever considered whether the PC’s delivered to your business contain the same components installed by the manufacturer?

Cybersecurity in the business landscape extends beyond end-user protection. In 2017, more than 250 million PC’s were shipped worldwide with a market value near $200 billion making it a potentially lucrative market for counterfeiters

So, how can hardware be compromised?
Compromised hardware could happen when one or more system components are swapped out for inferior quality or counterfeit parts at some point between leaving the manufacturing line and reaching an end-user’s desk.  At the least, this could affect system performance, cause software compatibility issues and increase the chances of the dreaded blue screen of death, resulting in reduced productivity and efficiency in the workplace.  At worst, platform integrity could be compromised, seriously impacting security within an organization and potentially opening the door for cybercriminals. Apart from causing customer satisfaction issues and increased lifecycle management costs, these effects could damage trust in your company.

To mitigate the risks of counterfeit parts, system and component traceability are required to provide platform-level assurance of authenticity and accountability. Working closely with Intel, we now have the capability to leverage Intel® Transparent Supply Chain to validate the authenticity of PC hardware running 8th Gen Intel® Core™ vPro™ processors.

Lenovo Transparent Supply Chain Overview:

  • System-level traceability based on the hardware root of each system provided by the Trusted Platform Module. Creates a unique X.509 Platform Certificate, generated and signed using Intel’s Certificate Authority. This attests that the purchased system is built according to the Intel Transparent Supply Chain.
  • Component-level traceability offers a two-factor file traceability of components. “As-Built” data reports contain information on each key system component. Authenticity can be checked with an Auto Verify Tool that can identify certain system changes from the time of manufacturing to the time of first boot.
  • Conforms to US Government Defense Federal Acquisitions Regulations Supplement (DFARS).

Leveraging the power of Transparent Supply Chain will help identify dubious components and combat counterfeiting, and maintain customer trust in top tier vendors. Customers will be able to verify quality at system and component levels and reduce any risks associated with non-compliant hardware.

Today, Lenovo Transparent Supply Chain offers key component tracking with Intel firmware checksums and manufacturing accountability on PCs enabled with 8th Gen Intel® Core™ vPro™ processors. Our future vision is to deliver comprehensive component tracking, regardless of firmware and offer post-manufacturing tamper resistance to eliminate any risk of counterfeit parts.

To find Intel® Authenticate and Transparent Supply Chain enabled ThinkPad laptops featuring 8th Gen Intel® Core™ vPro™ processors, go here.