Setting the security chip – Lenovo ThinkPad Yoga User Manual
Page 78
• Set a power-on password as well as a hard disk password for your internal solid-state drive, hard disk
drive or hybrid drive. Refer to the procedures in “Power-on password” on page 57 and “Hard disk
passwords” on page 60. For security, a longer password is recommended.
• To provide reliable security for UEFI BIOS, use the security chip and a security application with a Trusted
Platform Module (TPM) management feature. Refer to “Setting the security chip” on page 62.
Note: The Microsoft Windows 7 and Windows 8.1 operating system support the TPM management
feature.
• If a Disk Encryption hard disk drive, an Encryption solid-state drive, or a Disk Encryption hybrid drive is
installed in your computer, be sure to protect the contents of your computer memory from unauthorized
access by use of drive encryption software, such as Microsoft Windows BitLocker
®
Drive Encryption,
which is supported in the Ultimate and Enterprise editions of the Windows 7 operating system and
Professional and Enterprise editions of the Windows 8.1 operating system. Refer to “Using Windows
BitLocker Drive Encryption” on page 62.
• Before you dispose of, sell, or hand over your computer, be sure to delete data stored on it. For more
information, refer to “Notice on deleting data from your hard disk drive, solid-state drive, or hybrid drive”
on page 63.
Note: The hard disk drive or hybrid drive built into your computer can be protected by UEFI BIOS.
Using Windows BitLocker Drive Encryption
To help protect your computer against unauthorized access, be sure to use drive encryption software, such
as Windows BitLocker Drive Encryption.
Windows BitLocker Drive Encryption is an integral security feature of the Windows 7 and Windows 8.1
operating systems. It is supported in the Ultimate and Enterprise editions of the Windows 7, Professional
and Enterprise editions of the Windows 8.1 operating system. It can help you protect the operating system
and data stored on your computer, even if your computer is lost or stolen. BitLocker works by encrypting all
user and system files, including the swap and hibernation files.
BitLocker uses a Trusted Platform Module to provide enhanced protection for your data and to ensure early
boot component integrity. A compatible TPM is defined as a V1.2 TPM.
To check the BitLocker status, go to Control Panel, and click System and Security ➙ BitLocker Drive
Encryption.
For more information about Windows BitLocker Drive Encryption, see the help information system of the
Windows operating system, or search for “Microsoft Windows BitLocker Drive Encryption Step-by-Step
Guide” on the Microsoft Web site.
Disk Encryption hard disk drive, Encryption solid-state drive, and Disk Encryption hybrid drive
Some models contain the Disk Encryption hard disk drive, the Encryption solid-state drive, or the Disk
Encryption hybrid drive. This feature helps to protect your computer against security attacks on media,
NAND flash or device controllers by use of a hardware encryption chip. For the efficient use of the encryption
feature, be sure to set a hard disk password for the internal storage device.
Setting the security chip
Strict security requirements are imposed on network client computers that transfer confidential information
electronically. Depending on the options you ordered, your computer might have an embedded security chip,
a cryptographic microprocessor. With the security chip and Client Security Solution, you can do the following:
• Protect your data and system
62
User Guide