Product Security As a major client device, Personal Computers are exposed to many security threats as the end points within a company. During the development of client devices at Fujitsu, we strive to provide security functions that allow you to implement the best safety measures for threats envisioned in each usage scenario. PCs are client devices that work an important role as an endpoint for handling information resources within a company, including confidential and personal information. Since they are used by numerous people in a variety of environments, PCs are exposed to countless security threats, including the loss or theft of the computer, unauthorized access, data tampering, and computer viruses, all of which require appropriate preventative measures. Fujitsu thus strives to provide security functions that allow you to implement the best safety measures for the various threats that are envisioned in each usage scenario, including when turned off, when starting up and logging in, during use, and when being disposed. When Turned Off When not in use, there is a possibility of loss or theft of the computer or hard disk. Computers are equipped with a cable lock for preventing theft of the computer, a hard disk unit with an encryption function so that data cannot be viewed if the computer is stolen, and a remote erase function for locking or invalidating data on the hard disk remotely in the event of loss or theft. While Starting Up and Logging In There is always a threat of unauthorized use and impersonation when logging into a system. In addition to the password authentication provided by BIOS and the OS, authentication can also be strengthened using the ownership-based authentication of smartcards or by biometric authentication using fingerprints and palm vein patterns. While In Use The possibility of leaking encryption keys from unauthorized removal of data by the user or by viruses exists while the computer is in use. We provide functions for restricting the use of USB and printer ports, security chips that offer hardware protection of encryption keys, and anti-virus software for implementing measures to prevent viruses. When Being Disposed There exists a risk of data being leaked from hard disks that have not been properly disposed. We provide a hard disk erase function that overwrites original data on the disk with invalid data multiple times, so that no traces of the original data remain and the data cannot be recovered after it is disposed. Approach to Security Criteria in Client Devices Threats and measures envisioned for each PC usage scenario Operation Threat Measures Loss or theft of computer or hard disk Measures for loss and theft Encryption Encryption Operation restrictions Data erasure Anti-virus BIOS password Use by unauthorized users Leaking of passwords Volume encryption (BitLocker) Hard disk password ———— ———— Security Lock Slot Remote erase (CLEARSURE) Full-Disk encryption (Self-Encrypting HDD) Security panel (five buttons for Power ON password) Palm vein authentication Fingerprint authentication Security chip Anti-virus software HDD erase utility (Permanently delete data) PortShutter("lock-out" certain ports from unauthorized use) Palm vein authentication Fingerprint authentication Smartcard authentication Startup password BIOS setup password Windows password Application password Windows Update DEP(Data Execution Prevention) Folder encryption (Windows EFS) Unauthorized removal of data Theft/forgery Virus infection Data theft PC/Windows standard functions Functions provided by Fujitsu Strengthened authentication When off Starting up/ logging in While in use When being disposed Strengthened 16 Fujitsu Group Information Security Report 2012