Intel's vPro enterprise processors run on the Ivy Bridge architecture, and boast features aimed at improving IT security and device management for businesses.
Intel has built security into the processor, chipset and network adaptor. This hardware approach means that PCs can be managed regardless of their system state and without the need for software.
Remote management and identity protection are particular features Intel has improved on. We go through the top 10 features of vPro.
Intel Active Management Technology (AMT) 8.0
IT admins can now remotely manage Ultrabooks, tablets and all-in-one PCs in addition to laptops, desktops and workstations. This will widen the range of deployment options, without compromising on security, and could be a feature which boosts the uptake of Intel-based tablets.
One-Time Password (OTP)
Traditionally two-factor authentication has required employees to sign in using their username/password and then enter a six-digit PIN from a physical token or key fob, which is only valid for a short period of time.
Intel's OTP replaces the need for the physical tokens as vPro hardware is able to generate the six-digit PIN. This will save businesses from having to invest in tokens and also aims to make authentication faster, without compromising access, according to Intel.
Intel ITP with Public Key Infrastructure (PKI)
The embedded PKI uses a private key stored in the PC's firmware, which helps to securely authenticate business networks and websites, encrypt/decrypt confidential documents or emails and digitally sign them.
Protected Transaction display
To prevent employees from having their authentication details stolen through screen scrapping and key-logging, the vPro graphics processor creates an onscreen PIN pad. This keypad is "invisible" to the operating system and users are required to enter their credentials using untraceable mouse clicks.
Disable lost/stolen laptops
With mobile working on the rise, laptops with confidential information are increasingly likely to be stolen or lost by employees. To safeguard data, IT admins can send out a "poison pill" remotely. This doesn't just disable the hardware on the laptop, but also deletes all data and renders the device unusable.
When booted up, the laptop will stop at an authentication screen, which can only be bypassed by entering a unique recovery password generated by the IT admin. This means that the laptop will be re-usable if it is recovered.
