The BIOS might support many different security features to protect BIOS settings and data on the hard drive, and also help recover the computer if it is stolen. There are several common security features found in the BIOS.

BIOS passwords - Passwords allow different levels of access to the BIOS settings, as shown in the figure.

These are some common levels of user access:

Drive encryption - A hard drive can be encrypted to prevent data theft. Encrypting changes the data into code that cannot be understood. Without the correct password, the computer does not boot, and the computer cannot decrypt the data. Even if the hard drive is placed in another computer, the encrypted data remains encrypted.

Trusted Platform Module - The TPM chip contains security items, such as encryption keys and passwords.

Lojack - This is a two-part system for protecting computers from Absolute Software. The first part is a program called the Persistence Module that is installed in the BIOS by the manufacturer. The second part is a program called the Application Agent that is installed by the user. When the Application Agent is installed, the Persistence Module is activated. The Persistence Module installs the Application Agent if it is removed from the computer. The Persistence Module cannot be turned off after it is activated. The Application Agent calls the Absolute Monitoring Center over the Internet to report device information and location on a set schedule. If the computer is stolen, the owner can contact Absolute Software and perform the following functions: