EOL IT Services has now merged with tier1 Asset Management Ltd

Cheap Laptops May Not Be Suitable For Your Business

by | Mar 24, 2015 | IT Security

If you have to buy laptops for a number of your employees you may be tempted by the cheaper models. However, these cheaper laptops may come with risks that could make the cost saving a false economy. This is due to a flaw in the bundled software that comes with some of these lower cost devices.

So what is this flaw and how could it impact your business? This article highlights the findings following an investigation into some of Lenovo’s cheaper laptop models.

It must be stated that it is not just Lenovo laptops impacted by this security risk. Many laptop manufacturers have bundled similar software in a bid to keep the overall cost of these laptops down.

 The security risk

A large number of Lenovo’s cheaper laptops are pre-loaded with a piece of software called Superfish. This software monitors the laptop user’s internet activity and searches so that it can display contextual ads.

This may sound innocent enough, but it is the manner in which it manages this task that causes the risk. The flaws in this software could leave the laptop user vulnerable to hackers.

The Superfish software gives Lenovo laptop users a false sense of security. Whilst they may be sure they have a secure connection to their bank for example, Superfish breaks the encryption so that it can see the content of what you are browsing in an attempt to display an ad. But the browser still displays the recognisable padlock symbol in the address bar giving the impressions the connection is secure. This means the end user is communicating openly with their bank in a way that would be very easy for a hacker to intercept.

This is not the first time that such third-party software has proven to be a problem, however. Just last year we saw the Heartbleed and Shellshock vulnerabilities and, as is the case with the Lenovo/Superfish issues, the problem lies in companies putting too much trust in outsourced development.

 Is there a solution to this problem?

Tighter regulations might be the obvious answer and is usually the first response to a security problem such as this. Stricter regulations would mean that code is examined and would have to pass a type of quality control and certain security tests before the software is allowed to be included.

However, this would be tough to enforce and it is market forces that a driving laptop manufacturers to look at other ways of reducing retail costs.

In a business environment you should always consider the risks inherent in buying cheaper hardware. Never rely on the default settings, and in cases like this it may even be worthwhile completely formatting the whole laptop hard drive and installing a fresh copy of the operating system without any of the commercial software that comes with the retail version.

[Photo Credit:  Tokuriki]

Recent Stories

The Hidden Environmental Impact of Our Smartphones.

The Hidden Environmental Impact of Our Smartphones.

Checking emails, social media or the news; banking, making payments, taking photographs, finding our way; it is fair to say that we would be lost without our smartphones, perhaps literally. Oh, let’s not forget, our now indispensable devices also make calls. Essential...

Delivering Social Value Through Our Business Operations

Delivering Social Value Through Our Business Operations

We have become increasingly aware of economic, social and environmental issues. Our renewed sense of community, which naturally came into focus during Government lockdowns, furthered the opportunity for ethical businesses to drive social impact, rather than simply be...