Motion Le1600 Encryption Tools - Motion Computing LE1600 White Paper

boot, allowing the user to repair the software installation by restoring or reinstalling the operating
system.
Inside of the BIOS you can configure the system networking resources at the hardware level. For
example, the Bluetooth and 802.11 radios can be disabled so that they do not appear present to
the operating system. Supervisor passwords can then be set within the BIOS to prevent users
from changing the configuration. The BIOS hard drive password prevents the system from being
booted without entering a password. This can be used to prevent theft of information stored on
the hard drive.
Security Lock Slot
All Motion tablet PCs are equipped with a built-in security lock slot to support security hardware
such as lockable steel cables. The cables can be attached to tablet and/or docking station
chassis to prevent theft. The hardware cable locks are widely available from manufacturers such
as Kensington and Targus.
LE1600 Security Lock Slot
Motion Security Center
The Motion Security Center is a launch pad for the different security applications preinstalled on
the Motion Tablet PC. Users can access the different security applications, find information on
what each application is for, as well as answers to frequently asked questions.

Motion LE1600 Encryption Tools

Encryption is used to prevent any non-authorized exposure of data and information. The level of
protection provided is determined by what encryption algorithm selected. Security policies often
determine the level of protection needed and will dictate the encryption algorithm to be used. The
Motion tablet PC ships with three encryption applications that can be enabled to meet your
needs: Motion OmniPass, Infineon Personal Secure Drive, and Windows Encrypting File System.
Motion OmniPass
With the Motion OmniPass software application you can securely lock files or entire folders on
your tablet PC. Files can be encrypted with any algorithm you require. The application enables
the basic and enhanced Microsoft encryption engines called Cryptographic Service Provider
(CSP). Once encrypted, the files can only be unlocked or decrypted by the owner. The owner is
required to authenticate every time a file is decrypted. The owner can authenticate with any
combination of the following methods, using password, the fingerprint reader, TPM, or digital
certificates in a smart card.
Infineon Personal Secure Drive
The Infineon Personal Secure Drive (PSD) provides protected storage for your sensitive data
using the TPM. The software creates a virtual drive that is only visible and accessible by the
user. Data contained in the PSD is automatically encrypted using the 192 bit Advanced
Encryption System (AES) algorithm. When a file is opened or moved from the PSD it is
automatically decrypted once the user has authenticated with the TPM. The PSD can be
designated as your temporary drive and folder to be used as an application "scratch pad" which
Customer Whitepaper: Motion Tablet PC Security Basics, Rev A03 Page 7