Workflow

1. Procurement

• Factory‑sealed Pixel devices from the official supply chain
• Documentation of all serial numbers
• Traceable, controlled procurement paths
• No intermediaries, no refurbished devices
• Direct shipping to the customer

2. Preparation

• Visual inspection of the hardware
• Serial number verification
• Preparation of installation on‑site at the customer
• Documentation of the initial state

3. Installation & Hardening

• Installation via CLI using hardened ThinkPads (ME‑free)
• Signature and hash verification of system images
• Setup of the agreed security profiles
• Deactivation of unnecessary components
• No cloud dependencies, no MDM
Internal testing steps and methods are not published.

4. Integrity verification

• Verified Boot screen (color & fingerprint)
• Bootloader status (“locked”)
• Hardware attestation (KeyMint/StrongBox)
• Verification of system configuration
• No profiles, certificates, or VPN configurations beyond the agreed scope
• No Google services in the secure profile

The complete checklist is sent to the customer in advance as soon as the device has been shipped.

All steps are designed so they can be verified at any time by the customer or their IT security advisors.

5. Documented handover

• Handover protocol with serial numbers
• Reference values for Verified Boot
• Documentation of all customer‑relevant verification steps
• Checklist for later re‑verification
• Optional: brief introduction for internal IT teams