Secured Dreamstime Alexandersikov 150869360 607da723ae66f

Securing Enterprise Laptops

April 26, 2021

The multilevel LynxSafe system uses hypervisor technology to secure laptops and PCs.

Lynx Software Technologies’ LynxSafe targets user compute platforms that must meet mandatory compliance requirements like those outlined in the Commercial Solutions for Classified (C SfC) specification (see figure). It allows enterprise IT teams to utilize hypervisor technology to create isolated partitions that can run multiple secured operating systems.

The operating system available to a user is isolated with access to protected storage and communication.

The multilevel system supports different levels of security for business and personal domains that’s even more important with many more people working remotely due to COVID-19. This forces a zero-trust environment to isolate and secure applications that users will need in their daily activities. The technology can also be applied to secure endpoints like edge servers.

LynxSafe is based on the LynxSecure separation kernel, which is design to be secure and to provide secure isolated virtual-machine environments for operating systems such as Linux or Windows. It can run VPNs in isolated partitions to force communications through secure connections as well as preventing attacks through the isolated operating systems. It also can provide secure storage where the encryption is managed outside of the isolated operating systems.

Secure key and data storage as well as remote management allow IT management to control what connections are allowed between particular operating systems and applications on a device and the VPN-linked networks at other locations that could be enterprise sites or a secured cloud environment. Meanwhile, users can run unsecured applications in other partitions.

User operating systems like Linux and Windows aren’t modified in any fashion; therefore, existing applications will work normally. It’s simply the connections and storage they can use, which is limited—not by the applications or operating systems themselves—but rather the LynxSafe software.

With such external management, features like encrypted storage and secure boot can be managed by IT. Thus, even if a laptop is lost, access to the storage and use of communication will not be possible. Most operating systems like Linux and Windows have this type of feature, but if they’re compromised then all bets are off. If an operating system running under LynxSafe is compromised, it will not have access to compromise the secured storage or VPN that’s inaccessible with the operating system.

About the Author

William G. Wong | Senior Content Director - Electronic Design and Microwaves & RF

I am Editor of Electronic Design focusing on embedded, software, and systems. As Senior Content Director, I also manage Microwaves & RF and I work with a great team of editors to provide engineers, programmers, developers and technical managers with interesting and useful articles and videos on a regular basis. Check out our free newsletters to see the latest content.

You can send press releases for new products for possible coverage on the website. I am also interested in receiving contributed articles for publishing on our website. Use our template and send to me along with a signed release form.

Check out my blog, AltEmbedded on Electronic Design, as well as his latest articles on this site that are listed below.

You can visit my social media via these links:

I earned a Bachelor of Electrical Engineering at the Georgia Institute of Technology and a Masters in Computer Science from Rutgers University. I still do a bit of programming using everything from C and C++ to Rust and Ada/SPARK. I do a bit of PHP programming for Drupal websites. I have posted a few Drupal modules.

I still get a hand on software and electronic hardware. Some of this can be found on our Kit Close-Up video series. You can also see me on many of our TechXchange Talk videos. I am interested in a range of projects from robotics to artificial intelligence.