TPM Security feature

 

Overview:

This Nobi 6 cell Convertible unit includes TPM (Trusted Platform Module). The purpose is to deter theft of the classmate PC by rendering the device useless after theft. The Local HW-based Trusted Platform Module (TPM) stores a certificate with an expiration criteria – must be renewed regularly or device will be rendered useless. 

 

How it works:

Our Theft Deterrent solution relies on a central server, usually at the School or District level. Every classmate PC would have a motherboard-based Trusted Platform Module (TPM) which would look for “certificates” from the central server. These certificates have “expiration dates” – which can be something like 24 hours from time of issue, 7 days from time of issue, or whatever the administrator wishes to set. The client software would poll the server for new certificates and update the TPM. Certificates can also be pushed automatically from the server – or an administrator can push new certificates to a client’s TPM manually. Once the certificate expires, and no new certificate has been received by the TPM – the system will essentially become a brick. The motherboard-based TPM will not allow the device to boot up. 

 

If a system is stolen:

• The student reports it to the administrator – and the administrator issues a new certificate with immediate expiration to the client – once the client reconnects to the network and receives the new certificate, the system will be disabled.
• The client does not reconnect to the network with the administrator after theft, and device is disabled once the existing certificate expires.  (Note: there is no built-in way to track a stolen system).   For a deployment, the school would need a central server to run the server piece of this solution. The classmate PCs being deployed would have to be ones with the TPM built in and have the necessary drivers and client SW installed