Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Banned PCs: Finding the right network security controls to ease fears

Several governments reportedly banned PCs with alleged ties to the Chinese government. Uncover the network security controls to ease enterprise fears.

A lot of noise was made over the revelation that Lenovo PCs have been banned from classified government networks in several countries, including the U.S., due to the company's connections to the Chinese government. Can proper network security controls temper such fears? Which do you recommend?

Ask the expert

Perplexed about network security? Send your network security-related questions today! (All questions are anonymous.)

This is a really question difficult to answer, as no one outside of the government will ever know the real reasons for the widely reported ban on the use of Lenovo personal computers (PCs) by U.S. government agencies and various other governments. Nor will people know the validity of the company's connection to alleged malicious activities by China-based actors. The Australian Department of Defense, for one, emerged and called the ban "factually incorrect."

In regards to the proper network security controls to implement, this is an even more difficult question to answer, because the Chinese manipulation of Lenovo hardware and firmware is alleged, and specific mitigations are hard to recommend against something that is not factually known.

Therefore, I would like to suggest that companies implement some general network security controls that should both temper fears over banned computers and maintain network safety. First, if Lenovo PCs are being used in your enterprise environment and connecting to the corporate network, constant monitoring of network logs is paramount, especially if malicious activity is suspected or has been seen before. If an abnormally high amount of malicious traffic specifically involves the Lenovo machines, then obviously that would require both quick action and further analysis of the devices. Second, be sure to pay close attention to the data leaving the network. If nothing trips your firewall alerts, look at the type of data exiting the network and ensure that nothing sensitive or private is being taken. Data loss prevention and data exfiltration prevention systems are a great help.

This was last published in April 2014

Dig Deeper on SIEM, log management and big data security analytics

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.