Now, the Power On password has to be enabled in the BIOS for the Power On fingerprint security to work. However, when I enabled this, it ended up asking me to swipe my finger and then ask me for the password as well. However, after a couple of reboots and a bit of BIOS fiddling, this problem resolved itself. Then when I switched on the T42, I was asked to swipe my finger and when the Power On password screen appeared, it instantly registered "OK" as if I had just input the correct password and the boot continued.
Of course since the Power On security layer is something that occurs well before Windows has started up, the fingerprint data can't be stored in a Windows file or folder. Instead, the fingerprint scanner itself stores the fingerprint data and retrieves it when the Power On security request is made. You can store a total of 21 profiles in the scanner, which should be more than enough, unless you share one notebook between a score of users. If you're worried about someone extracting the fingerprint data from the scanner and breaking your security, dont be. The scanner only stores a tiny amount of data for each fingerprint, just enough to ensure an accurate match, and nowhere near enough to recreate a complete fingerprint.
You can also apply fingerprint authentication to your Windows login. However, to save you having to swipe your finger twice and wear it out, you can tell the fingerprint software to automatically login the user that passed the Power On authentication. If more than one person uses the notebook, you can quickly and easily switch between users with the fingerprint scanner instead of passwords.
For an IT manager, biometric security will make life much easier. Gone will be all those phone calls from users who've forgotten their passwords. And there will be no more worries about insecure passwords, or even keystroke loggers, trapping passwords and passing them onto hackers and fraudsters.
But the fingerprint scanner is not the only security enhancement that IBM has implemented into the latest T-Series ThinkPads. IBM has partnered with data security specialist Utimaco, to ensure that ThinkPad users can keep their data safe, no matter how careless they may be with it. Utimaco SafeGuard Easy will keep every byte of data on your notebook encrypted, so that even if your machine is lost or stolen, no one can get access to the data stored on it. Unlike many encryption solutions, SafeGuard Easy does not need any user intervention, since the level of encryption can be configured so that everything you save to your notebook is safeguarded. I was concerned that keeping the entire contents of the hard disk encrypted could have an adverse effect on the performance, but Jackie Groves, Managing Director of Utimaco, assured me that the performance hit will be no more than two per cent and completely transparent to the user.