Organizations often provide personal computers for use by their employees. The computers, which increasingly comprise laptop computers and other mobile devices, are typically customized by an organization to operate with software that the organization has licensed, as well as with the particular settings, protocols, and configurations that have been adopted for use within the organization.
The process of initially configuring a computer, particular in large-scale deployments of computers, is referred to as provisioning. Before it becomes operational, each computer is provisioned with the software and settings that are responsible for its operations, including operating systems, utilities, drivers, applications, and so forth.
Computers can be provisioned manually, by technicians or users who supply physical media from which the computers may install selected software. Automated provisioning processes are also used, in which computers automatically utilize a local network connection to download their operating software. There are standard protocols for implementing such automated provisioning, including the Preboot eXecution Environment (PXE).
By provisioning its computers with standardized configurations, an organization can impose security measures on the computers and their users. For example, computers can be configured through provisioning to refuse the installation of unauthorized software, to encrypt stored data, to require passwords or other types of user authentication, and so on.
Despite these security measures, the loss or theft of a computer is usually viewed as a security breach. This is because many security measures can be overcome with enough time and/or effort. Even hard disk encryption, for example, may be defeated if an attacker has physical possession of the computer and is given enough time to break the encryption.