Hardening Against Cold Boot Attacks

Secure encryption keys in Windows Connected Standby mode

Read Solution Brief


Drive encryption incorporates a feature to protect systems in Windows Connected Standby mode. Introduced in Windows 8, Connected Standby mode provides an iPad-like experience for both PCs and tablets. Upon pressing the power button, the device immediately responds by either entering standby mode or resuming an up-and-running state.

When a device is in Connected Standby mode, encryption keys are always in memory, creating some exposure to cold boot attacks. Someone could steal encryption keys residing in memory, making the data on the device accessible to unauthorized users. To help prevent this exposure, McAfee software removes the key from memory and places it in a secure area on Intel hardware when the system is going into Connected Standby mode. The sequence is reversed when the device comes out of Connected Standby mode.

Key Benefits

  • Protects Microsoft Windows 8 laptops, tablets, and desktop PCs.
  • Provides transparent security that does not require any action from the end user.
  • Leverages the McAfee ePolicy Orchestrator (McAfee ePO) console, the same software used to deploy and manage all McAfee encryption products.
Related Products & Solutions

Related Products

Download a trial version now. The hardening against cold boot attacks feature is available as part of drive encryption software, a key component in the following data and endpoint protection suites: