Chapter 1. overview, Client security solution – Lenovo ThinkVantage (Client Security Solution 8.21) User Manual

Page 7

Chapter 1. Overview

This chapter provides an overview of Client Security Solution and Fingerprint Software. The technologies
presented in this deployment guide can directly and indirectly help IT professionals because they help make
personal computers easier to use, more self-sufficient, and provide powerful tools that facilitate and simplify
rollouts. With the help of ThinkVantage Technologies, IT professionals spend less time solving individual
computer problems and more time on their core tasks.

Client Security Solution

The primary purpose of Client Security Solution software is to help you protect your computer as an asset,
protect confidential data on your computer, and protect network connections accessed by your computer.
(For Lenovo-branded systems that contain a Trusted Computing Group (TCG) compliant Trusted Platform
Module (TPM), Client Security Solution software will leverage the hardware as the root of trust for the
system. If the system does not contain an embedded security chip, Client Security Solution will leverage
software based cryptographic keys as the root of trust for the system.)

Features of Client Security Solution Version 8.2 include:

• Secure user authentication with Windows® password or Client Security Solution passphrase

Client Security Solution can be configured to accept a user's Windows password or a Client Security
Solution passphrase for authentication. The Windows password provides convenience and manageability
through Windows while the Client Security Solution passphrase provides additional security. The
administrator can choose which authentication method is used, and this setting can be changed even
after users are enrolled with Client Security Solution.

• Fingerprint user authentication

Leverages the integrated and USB-attached fingerprint technology to authenticate users to password
protected applications.

• Multi-factor user authentication for Windows logon and various Client Security Solution operations

Defines multiple authentication devices (Windows password/Client Security passphrase and fingerprint)
for various security related operations.

• Password management

Securely manages and stores sensitive logon information, such as user IDs and passwords.

• Password and passphrase recovery

Password and passphrase recovery allows users to log into Windows and access their Client Security
Solution credentials even if they forget their Windows password or Client Security Solution passphrase,
by answering preconfigured security questions.

• Audit security settings

Allows users to view a detailed list of workstation security settings and make changes to comply to
defined standards.

• Digital certificates transfer

Client Security Solution protects the private key of user and machine certificates. Use Client Security
Solution to protect the private key of your existing certificates.

• Policy Management for authentication

An administrator can choose which devices (Windows password, Client Security Solution passphrase, or
fingerprint) are required to authenticate for the following actions: Windows logon, Password Manager, and
certificate operations.