A Commitmentto ComprehensiveseCurity

Big security Challenges: mobility and ComplexityA more mobile workforce means new opportunities for innovation – but this flexibility also brings new risks from mobile devices, cloud computing, and nearly everything as a service. As users and data move from device to device, connection to connection, network-centric security is no longer enough.

Simultaneously, new priorities around healthcare, human services, and critical infrastructure protection dramatically increase the amount of sensitive information agencies generate and share. Big data is coming, and it needs to stay secure wherever it goes.

Common Challenges to Government itAs quickly evolving cybersecurity threats put shared critical investments and priorities at risk, government agencies at all levels are working together to develop best practices and protocols that keep important systems and sensitive data secure.

Budget and security needs: Diverging trendsAlong with shared dollars and resources and integration of state, local, and federal technology, agency leadership at all levels still sees security as a top challenge. New broader guidance on Critical Infrastructure Protection (CIP) and increased scrutiny on the exchange of protected health information have drawn these challenges into even sharper focus.

Ultimately, even budget concerns impact security – agencies need to invest in protection, and these needs compete with other priorities. Agencies have no choice but to build a human and technology infrastructure ready to adapt and evolve, so cost-effective solutions are key.

Top prioriTies for 2014

1. security2. Consolidation3. Cloud servicesNASCIO, State CIO Priorities for 20141

GreaTesT ThreaTs To iT infrasTruCTure

1. Budget2. security3. BYoDCisco Connect Government Study3

Top ChallenGes for 2014

1. Budget2. human Capital3. securityTech America Fed CIO, Survey 2013 2

As the number of devices per user rises (Gartner predicts 3.5 per average user in 2015), security gets more complicated. Agencies must manage diverse devices, operating systems, and application needs.

• non-Windows® and pC plus devices are proliferating, and their users are expecting access and support.

• BYoD is taking the challenge a step further, with non-managed devices also hitting agency networks and resources.

As the everywhere workplace becomes the new government normal, more EHR transactions, more payment information, more PII, and other protected data are shared between agencies and private-sector partners.

• The Affordable Care Act, new efforts for critical infrastructure protection, and other government initiatives make robust mobile security absolutely essential.

• The unprecedented rise in data-sharing and security needs creates new governance and cooperation challenges and conflicts.

The rise of mobility and telework initiatives across the government has stretched network security to the limit: hardening endpoints and rigorous continuous monitoring endpoints is just the start.

• Cloud services are ideal for solving mobility and BYOD challenges, but concerns around security and governance continue.

• Better training for users is important, as the most robust security measures can be undermined by careless mistakes.

shared standards and prioritiesThe federal government continues to lead the way in meeting the challenges of cybersecurity in the 21st century. Federal guidance, beginning with the NIST-administered Federal Information Security Management Act (FISMA) framework, has resulted in strict security controls around information storage, processing, and transport. Most recently, NIST’s new Cybersecurity Framework establishes new best practices for defending against and responding to cyber attacks.

Designed for federal government, these standards have been adopted by government at all levels. healthcare, financial services, and other industries have also adopted the nisT and fips guidance as the gold standard for security, especially around mobility.

A universal need: security that FitsRegardless of agency, government computing needs all depend on careful planning and consistent execution to be successful. Stronger cybersecurity requires the right technology, backed by the right processes, managed by the right people. And it all starts with the right partnership.

were unable to complete a work assignment on time because of a security measure.

of end-users believe agency security measures are burdensome.

66% 69% 20% 31%

of end-users say security measures slow them down.

Can security Be user-friendly?4 as a result:

admit to security workarounds to speed up their work.

Lenovo mAkes seCurity JoB one

“ Lenovo understands how important a comprehensive cybersecurity strategy is to our government partners. We are proud to build products and solutions agencies can rely on to drive smarter, more secure digital government.”

– Gerald Fralick, Chief Security Officer, Lenovo Think Business

performing More Critical Workin More placesMore Devices

products and ideas you Can trustAs your trusted partner in technology-driven transformation, Lenovo understands the critical importance of security. As your workforce and infrastructure go mobile, Lenovo is dedicated to building products and solutions that meet your needs, challenge for challenge.

total real-World Device and Data protectionLenovo is committed to a comprehensive security ecosystem that includes certified-compliant components, future-ready features, and software and services that keep your investments and information secure in and out of the office, wherever important work needs to happen.

Find out moreLearn more about Lenovo trusted products and services for government.

Contact a sales repwww.lenovo.com/findarep

a Critical partnership. When surveyed on how to best address new threats, agency leadership favored a comprehensive approach: better products, stronger processes, and deeper training.5

secure product DesignLenovo is committed to building the most secure, reliable products on the market. This starts in product development, where federal guidance on information security impacts decisions on hardware, software, and solutions, including internally adopting the new NIST Cybersecurity framework across the organization.

• Secure Lenovo UEFI BIOS framework meets NIST SP 800-155 guidance for BIOS integrity

• TPM architecture certified and registered by TCG

• Rigorous quality control system vets employees, suppliers, and components

• Moving beyond component security with pursuit of first ever FIPS 140-2 endpoint certification

secure supply ChainLenovo maintains a dual node TAA-compliant North American supply chain. This includes manufacturing facilities in Whitsett, NC, and Monterrey, Mexico, both currently delivering product to the U.S. market.

• ISO 9001:2013 certified• ISO 28000 Supply Chain Security

Management Systems Package validation in progress

• Rigorous quality management system (QMS)

• Received industry-first Tier 3 CBP TPAT award (Monterrey, Mexico) for robust human, physical, and cybersecurity

We design products to meet industry-standard requirements set forth by nist, tCG, and others.

We distribute products through a tAA-certified supply chain and two north American production nodes.

We build products with certified, industry-standard components.

All of the above 42%

Better technology 21%

Better policies 18%

Better training 15%

Visit our sitewww.lenovo.com/government

wwwinvesting in Compliance The 2013 opening of our Whitsett, NC facility created more than American jobs and marked the return of PC assembly to the US for the first time in over a decade. Along with our TAA-compliant plant in Monterrey, Mexico, this investment improves our ability to deliver secure, compliant products to our government customers and allows us to offer:

sales and Customer service | technical phone support

us-BaseD

seCure LiFeCyCLe serviCes

From deployment to disposal, Lenovo services improve the security and manageability of agency IT. Agencies can rely on our expert disk imaging and asset tagging services, as well as repair and retirement options that keep you in charge of your data throughout the device lifecycle.

CertiFieD Components

Lenovo uses industry-standard NIST and TCG-certified components from leading manufacturers. The TPM and BIOS framework work together to create a root of trust, forming the basis for all secure computing functions.

Future-reADy FeAtures

We build upon our secure computing framework with features and functions that extend the reach of your secure systems. Fingerprint, Smart Card, or CAC readers as well as OPAL drives keep your devices and information protected.

trusteD soFtWAre AnD soLutions

In addition to our government-grade hardware security, Lenovo works with leading industry partners like Intel®, Absolute®, Symantec®, and Stoneware®. From full disk encryption and remote recover, disable and destroy capabilities to government-ready secure cloud solutions, Lenovo is your partner in complete security.

Cybersecurity partnerLenovo recognizes the importance of the NIST Framework for Improving Critical Infrastructure Cybersecurity. We are doing our part to help agencies identify, prevent, respond, and recover from potential threats.

• Risk assessment and asset management services

• Keep Your Drive and asset recovery for secure end-of-life recovery

• Innovative ThinkVantageTM technologies such as Client Security Solution, Rescue and Recovery and Secure Data Disposal

Government-Grade secure ComputingThe Lenovo product portfolio provides secure computing power for each and every agency task. From lightning-fast ThinkServer® connectivity to legendary ThinkPad® mobility, Lenovo products help you build future-ready government today.

• Fully FIPS-compliant OS, TPM, secure BIOS, full drive encryption• Two-factor authentication with fingerprint, smart card, and CAC readers• Advanced continuous monitoring, remote disable and destroy, and antitheft solutions• Secure lifecycle services for deployment, warranty, and disposal

secure Government mobility: thinkpad

Innovative ThinkPad® laptop, tablet, convertible, and Ultrabook™ PCs the reach of secure government computing with purpose-built innovation and legendary Lenovo durability that helps your agency do more.

secure Desktop Computing: thinkCentre

From daily duties to mission-critical applications, ThinkCentre® desktop innovation keeps your agency busy building 21st-century government.

secure high-power performance: thinkstation

ThinkStation® delivers ISV-certified processor power and rigorous security and manageability for your highest value computing functions.

secure network Connectivity: thinkserver

Built for maximum performance and efficiency, ThinkServer® can power local, virtualized, or cloud workloads with secure network connectivity and manageability.

Lenovo supports continuous endpoint monitoring to protect against malware and other threats with the FIPS-201 compliant Wave EMBASSY® suite of trusted computing products.

Continuous Monitoring (endpoint)

Lenovo uses TCG-registered Trusted Platform Modules to help form the root of a trusted computing platform.

Trusted platform ModuleTPM

Lenovo uses a NIST SP800-155-compliant secure BIOS framework to protect the integrity of the BIOS against unauthorized access.

Bios security

Lenovo products ship with FIPS-compliant WLAN modules from Intel® and other leading providers.

Wireless Wlan security

Lenovo products ship with FIPS-compliant WWAN modules from Ericsson and other leading providers.

Wireless WWan security

Lenovo uses FICAM-certified Common Access Card (CAC) readers for Personal Identity Verification (PIV) management in order to support two-factor authentication and user access control.

Common access Card reader

Lenovo products ship with either Windows® 7 (Ultimate or Enterprise) or Windows® 8 (Professional or Enterprise). Both versions are fully FIPS-compliant.

operating systemOS

All PCs sold to US government customers are made at one of two TAA-certified production nodes: Whitsett, NC, and Monterrey, Mexico.

Taa ComplianceTAA

Lenovo helps support the recovery of lost or stolen assets through the FIPS 201 compliant Absolute® Computrace software and service.

anti-theft/asset recovery

Lenovo supports FIPS 201 compliant full disk encryption to protect the drive from unauthorized access through both software-based encryption and support for hardware-based OPAL drive encryption.

full Disk encryption

Lenovo supports the encryption of data at rest with the FIPS 201 compliant SecureDocTM by WinMagic®.

Data encryption (at rest)DATA

1593

4608

95

27

for More inforMaTionVisit: www.lenovo.com/government

Or contact a sales rep at:www.lenovo.com/findarep

products you Can trustLenovo combines products, software, and services to deliver secure computing solutions that extend the reach of critical government services without compromising the integrity of vital information and investments. From consolidated imaging during the manufacturing process to customized UID asset tagging and Keep Your Drive service options that keep you in control of your data at all times.

Thinkserver® rD340

ThinkCentre® M93p ThinkCentre® M93z all-in-one

Thinkpad® W540 Thinkstation® D30

Thinkpad® X240 Thinkpad® T440s

Thinkstation® TD3401. NASCIO, Top 10 State CIO Priorities for 20142. TechAmerica Federal CIO Survey, 20133. Cisco Connected Government Survey, 20134. Meritalk, “The Cyber Security Experience,” 20135. Cisco Connected Government Survey, 2014

© 2014 Lenovo. All rights reserved. Lenovo is not responsible for photographic or typographic errors. Lenovo, the Lenovo logo, ThinkPad, ThinkCentre, ThinkServer, and ThinkStation are trademarks or registered trademarks of Lenovo. Intel, the Intel logo, Intel Core and Core Inside are registered trademarks of Intel Corporation in the U.S. and other countries. All other trademarks are the property of their respective owners. Version 1.00, April 2014