Lenovo and Absolute Security have introduced ThinkShield TraceLock, a new cyber resilience capability for selected ThinkPad laptops that allows for locating, activating, locking, erasing, or restoring devices even when they are powered off or disconnected from the corporate network. The solution will be available starting July 1, 2026, on various models with WWAN connectivity and will be integrated into Absolute Control and Absolute Resilience licenses.
The initiative addresses one of the most common yet less visible issues in enterprise security: losing control of endpoint devices. A lost, stolen, powered-off, offline from VPN, or compromised OS device can become a blind spot for IT teams. In a company with thousands of devices spread across offices, remote work, travel, and suppliers, this blind spot can ultimately affect sensitive data, compliance, and business continuity.
Absolute Security argues that many organizations cannot locate or control a significant portion of their deployed devices. John Herrema, the company’s product director, noted that enterprises rely on hundreds of millions of PCs for their operations, yet some of these devices fall outside security and management reach when they are disconnected, powered down, or lost.
A persistent connection beneath the operating system
ThinkShield TraceLock leverages Absolute Security’s cyber resilience platform and the Absolute Connections Framework, an architecture built into firmware designed to maintain persistent communication with compatible devices. The key point is that control does not depend solely on the OS or whether the laptop is connected to the corporate network or known WiFi.
This “below the OS” approach allows IT teams to gain visibility over devices that would normally be out of reach of traditional management tools. From a cloud console, organizations can locate compatible devices, restore connectivity, enforce policies, lock devices, wipe drives, or initiate recovery processes.
Compared to many traditional MDM or EDR solutions, the differentiator is persistence. If an attacker, mistake, or software glitch renders the OS inoperable, conventional management methods may lose control. Absolute aims to fill that gap with a firmware-embedded layer designed to maintain control and restore functionality even in scenarios of corruption, theft, or disconnection.
According to Absolute and Lenovo, TraceLock can help reduce the risk of data breaches, ransomware, unauthorized access, and operational outages. The solution can also assist in re-establishing security policies and compliance, generating audit-ready documentation, and automating the recovery of failed PCs to their last known good state, including reimaging compromised or damaged systems.
Security, compliance, and recovery for distributed devices
This announcement aligns with a clear trend in enterprise cybersecurity: the workstation is no longer always stationed within the office or under direct IT control. Mobile laptops, remote workers, temporary devices, hybrid environments, and devices spending weeks off the corporate network make uniform policy enforcement more challenging.
For regulated industries, this lack of control can be especially problematic. If an organization cannot demonstrate what happened with a lost laptop, what data it stored, whether it was encrypted, whether it was locked promptly, or whether access policies were enforced, the incident could lead to legal, compliance, or reputational issues.
TraceLock addresses this scenario with specific functions: locating the device, waking it when possible, connecting to it, locking it, erasing drives, and restoring it. The ability to perform actions on devices offline is particularly useful in cases of theft or loss, but also for ransomware, mass software failures, or misconfigurations rendering devices inoperative.
Nima Baiati, Vice President and General Manager of Commercial Software & Security Solutions at Lenovo, argued that AI has transformed cybersecurity and that companies need a level of control that goes beyond the OS and network perimeter. His message echoes current security strategies: believing that endpoints must be recoverable even when traditional defenses fail.
Limited availability and internal governance requirements
ThinkShield TraceLock will not be broadly available on all Lenovo devices. Starting July 1, 2026, it will be offered on select ThinkPad models equipped with WWAN, including ThinkPad X1 Carbon Gen 14, ThinkPad X1 2-in-1 Gen 11, ThinkPad T14s Gen 7 Intel, and ThinkPad T16 Gen 5 Intel. When purchasing new ThinkPads, companies will be able to add TraceLock via Absolute Control and Absolute Resilience licenses.
This limited availability is significant. Enabling communication with powered-off or disconnected devices requires hardware support, firmware, connectivity, and licensing—it’s not simply a software installable feature on old laptops. For many organizations, adoption will make more sense during asset refresh cycles, for critical equipment, data-sensitive profiles, or employees with high mobility.
Governance and privacy considerations are also crucial. Technology capable of locating, locking, erasing, or restoring devices from a persistent firmware layer must be managed with strong internal controls. Companies should define who can perform actions, under what conditions, with what audit trail, and how employees are informed. As control tools become more powerful, limiting their use to well-documented processes is essential.
This move reinforces the idea that cyber resilience extends beyond prevention. It’s not enough to just prevent attacks or data loss; organizations need visibility, device recovery capabilities, system restoration, and compliance demonstration—even when endpoints are outside their usual environment. TraceLock aims precisely at this: offering response capabilities when devices go missing, are powered off, or experience failure.
In a market where laptops remain the primary entry point to corporate data, internal apps, and credentials, persistent endpoint control could become a highly valued component. Lenovo and Absolute position it as an additional layer for organizations that need to know where their devices are, their status, and how to recover them before a loss turns into a breach.
FAQs
What is Lenovo ThinkShield TraceLock?
It is a solution developed by Lenovo and Absolute Security to locate, activate, lock, erase, or restore compatible ThinkPad laptops through a firmware-based persistent connection.
Does it work when the laptop is off?
Yes, designed to maintain connection and control even when devices are off or disconnected from WiFi or the corporate network, within supported hardware, firmware, connectivity, and licensing conditions.
Which companies benefit most?
It is especially useful for organizations with many deployed devices, remote or mobile employees, compliance requirements, sensitive data, or scenarios involving theft, loss, ransomware, or OS failure recovery.
Which models will be supported at launch?
Starting July 1, 2026, it will be available on selected ThinkPad models with WWAN, including ThinkPad X1 Carbon Gen 14, ThinkPad X1 2-in-1 Gen 11, ThinkPad T14s Gen 7 Intel, and ThinkPad T16 Gen 5.
via: absolute