HP 6930p ProtectTools (Select Models Only) - Windows 7

HP 6930p - EliteBook - Core 2 Duo 2.8 GHz Manual

Get HP 6930p - EliteBook - Core 2 Duo 2.8 GHz PDF manuals and user guides
UPC - 884962659670
View all HP 6930p manuals
Add to My Manuals
Save this manual to your list of manuals

HP 6930p manual content summary:

  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 1
    HP ProtectTools User Guide
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 2
    L.P. Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation. Bluetooth is a trademark HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 3
    reader 13 Using your registered fingerprint to log on to Windows 13 Registering a Smart Card or Token 13 Registering other credentials 14 General tasks ...15 Creating a virtual token ...15 Changing the Windows logon password 15 Changing a token PIN ...15 Locking the computer (workstation
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 4
    task 30 Activating a TPM-protected password (select models only 30 Encrypting or decrypting individual drives 30 Backup and recovery (administrator task 30 Creating backup keys 30 Performing a recovery 31 4 Privacy Manager for HP ProtectTools (select models only) Opening Privacy Manager
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 5
    Manager in Windows Live Messenger 44 Manually shredding all selected items 54 Manually activating free space bleaching 54 Aborting a shred or free space bleaching operation 54 Viewing the log files ...55 6 BIOS Configuration for HP ProtectTools General tasks ...57 Accessing BIOS password 72 v
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 6
    file 73 Changing the owner password 74 Resetting a user password 74 Enabling and disabling Embedded specific device for one user of a group 80 9 Troubleshooting Credential Manager for HP ProtectTools 81 Embedded Security for HP ProtectTools (select models only 84 Device Access Manager for HP
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 7
    Platform Module (TPM) embedded security chip is installed. HP ProtectTools software modules may be preinstalled, preloaded, or available for download from the HP Web site. Visit http://www.hp.com for more information. NOTE: The instructions in this guide are written with the assumption that you have
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 8
    for HP ProtectTools ● BIOS Configuration provides access to power-on user and administrator password management. ● BIOS Configuration provides an alternative to the pre-boot BIOS configuration utility known as Computer Setup. ● BIOS Configuration enablement of automatic DriveLock support, which
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 9
    only) devices based on user profiles. ● Device Access Manager prevents unauthorized users from removing data using external storage media and from introducing viruses into the system from external media. ● The administrator can disable access to writeable devices for specific individuals or
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 10
    make changes. 2. In the left pane, click HP ProtectTools, and then click Getting Started. 3. Click the Security Manager Setup button, located directly below the HP ProtectTools shield icon, to launch the Security Manager Wizard. The following page is displayed: 4 Chapter 1 Introduction to security
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 11
    wizard guides Windows® operating system administrators through HP ProtectTools module to set up more powerful features, click the module name. NOTE: After you have configured the Credential Manager module, you can also open HP ProtectTools by logging on to Credential Manager directly from the Windows
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 12
    or external locations ● Creating strong password policies ● Addressing review sensitive financial data; you do not want the auditor to be able to print the files or save them to a writeable device such as a CD. The following features help restrict access to data: ● Device Access Manager for HP
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 13
    If a mandate goes into effect that requires the use of strong password policy for dozens of Web-based applications and databases, Credential Manager for HP ProtectTools provides a protected repository for passwords and Single Sign On convenience using the following procedures: ● Credential Manager
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 14
    to deploy, such as Java™ Cards, biometric readers, or USB tokens. NOTE: Many of the features in HP ProtectTools can be customized by the security officer in cooperation with HP. For more information, see the HP Web site at http://www.hp.com. ● IT administrator-Applies and manages the security
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 15
    Setup utility. Power-on password BIOS Configuration Protects access to the computer contents when the computer is turned on, restarted, or restored from hibernation. Windows Logon password Windows Control Panel Can be used for manual logon or saved on the Java Card. Additional security
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 16
    , such as an e-mail, on the computer. ● Do not share accounts or tell anyone your password. Backing up and restoring HP ProtectTools credentials To back up and restore credentials from all supported HP ProtectTools modules, reference the following: Backing up credentials and settings You can back up
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 17
    Manager for HP ProtectTools Credential Manager for HP ProtectTools protects against unauthorized access to your computer using the following security features: ● Alternatives to passwords when logging on to Windows, such as using a Java Card or biometric reader to log on to Windows. For additional
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 18
    Security Manager. NOTE: In Windows 7 or Windows Vista, you must launch the HP ProtectTools Security Manager for Administrators to make changes. After logging on to Credential Manager, you can register additional credentials, such as a fingerprint or a Java Card. For additional information, refer
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 19
    or the token is connected to a USB port. NOTE: If the smart card is not inserted or the USB token is not connected, the Next button is disabled in Select Token dialog box. 5. On the Device Type dialog box, select Next. The Token Properties dialog box is displayed. 6. Type the User PIN, select
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 20
    Registering other credentials 1. In HP ProtectTools Security Manager, click Credential Manager. 2. Click My Identity, and then click Register Credentials. The Credential Manager Registration Wizard opens. 3. Follow the on-screen instructions. 14 Chapter 2 Credential Manager for HP ProtectTools
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 21
    , and then click Finish. The Token Properties dialog box is displayed. 6. Type the User PIN, select Register smart card or token for authentication, and then click Finish. Changing the Windows logon password 1. In HP ProtectTools Security Manager, click Credential Manager in the left pane
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 22
    dialog box, click the desired type of device, and then click Next. 4. Select the token for which you want to change the PIN, and then click Next. 5. Follow the on-screen instructions to complete the PIN change. NOTE: If you enter the incorrect PIN for the token several times in sequence, the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 23
    Windows logon from Credential Manager on page 24." For added security, you can configure the Lock Workstation feature to require a Java Card, biometric reader the system automatically adds your local Windows user account as the account for the Windows Logon service. Logging on to Windows with
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 24
    instructions. If your authentication information is correct, you will be logged on to your Windows with a Java Card, a fingerprint reader, or a also register an application manually. Using automatic registration or Web site password dialog box. 3. Type your password for the program HP ProtectTools
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 25
    Using manual (drag and drop) registration 1. In HP ProtectTools Security Manager, click Credential Manager, and then click Services and Applications in the left pane. 2. Click Manage Applications & Credentials. The Credential Manager Single Sign On dialog box is displayed. 3. To modify or remove a
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 26
    dialog box is displayed. 3. Click the application entry you want to import, and then click More. 4. Follow the on-screen instructions to complete the import. 5. Click OK. Modifying credentials 1. In HP ProtectTools Security Manager, click Credential Manager, and then click Services and Applications
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 27
    NOTE: You must authenticate your identity before viewing the password. 5. Follow the on-screen instructions. 6. Click OK. Using Application Protection This feature allows you to configure access to applications. You can restrict access based on the following criteria: ● Category of user ● Time of
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 28
    the following settings are available: a. If you want to restrict usage based on time, day, or date, click the Schedule tab and configure the settings . b. If you want to restrict usage based on inactivity, click the Advanced tab and select the period of inactivity.
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 29
    are required of either users or administrators. To specify how users or administrators log on: 1. In HP ProtectTools Security Manager, click Credential authentication methods must be supplied in order to logon to the system. If all registered authentication methods are not supplied, the user is
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 30
    dialogs, and password display. ● Services and Applications-Allows you to view the available services and modify the settings for those services. ● Security-Allows you to select the fingerprint reader software and adjust the security level of the fingerprint reader. ● Smart Cards and Tokens-Allows
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 31
    NOTE: Selecting the Use Credential Manager with classic logon prompt check box allows you to lock your computer. See "Locking the computer (workstation) on page 17." Advanced tasks (administrator only) 25
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 32
    Using the "Advanced Settings" page to require user verification before Single Sign On 1. In HP ProtectTools Security Manager, click Credential Manager, and then click Settings. 2. Click the Single Sign , and then click OK. 5. Restart the computer. 26 Chapter 2 Credential Manager for HP ProtectTools
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 33
    for HP ProtectTools (select models only) CAUTION: If you decide to uninstall the Drive Encryption module, you must first decrypt all encrypted drives. If you do not, you will not be able to access the data on encrypted drives unless you have registered with the Drive Encryption recovery service
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 34
    Setup procedures Opening Drive Encryption 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators. 2. Click Drive Encryption. 28 Chapter 3 Drive Encryption for HP ProtectTools (select models only)
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 35
    administrator has enabled Pre-boot Security in the HP ProtectTools Security Manager, you will log in to the computer immediately after the computer is turned on, rather than at the Drive Encryption logon screen. 1. Select your user name, and then type your Windows password or Java™ Card PIN, or
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 36
    ) The "Recovery" page allows Windows administrators to back up and recover encryption keys. Creating backup keys CAUTION: Be sure to keep the storage device containing the backup key in a safe place, because if you forget your password or lose your Java Card, this device provides your only access to
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 37
    Turn on the computer. 2. Insert the removable storage device that stores your backup key. 3. When the Drive Encryption for HP ProtectTools logon dialog box opens, click Cancel. 4. Click starts. NOTE: It is highly recommended that you reset your password after performing a recovery. Advanced tasks 31
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 38
    messaging (IM). Privacy Manager leverages the security infrastructure provided by HP ProtectTools Security Manager, which includes the following security logon methods: ● Fingerprint authentication ● Windows® password ● HP ProtectTools Java™ Card You may use any of the above security logon methods
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 39
    Opening Privacy Manager To open Privacy Manager: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. Click Privacy Manager: Sign and Chat. - or - Right-click the HP ProtectToolsicon in the notification area, at the far right of the taskbar, click Privacy Manager:
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 40
    that you save the file to a location other than your hard drive and put it in a safe place. This file should be for your use only, and is required in case you need to restore your Privacy Manager Certificate and associated keys. 5. Enter and confirm a password, and then click Next. 34 Chapter
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 41
    2. Click a Privacy Manager Certificate. 3. Click Renew certificate. 4. Follow the on-screen instructions to purchase a new Privacy Manager Certificate. NOTE: The Privacy Manager Certificate renewal process does not replace your old Privacy Manager Certificate. You will need to purchase a new Privacy
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 42
    installed or exported the Privacy Manager Certificate, and then click Next. 4. Enter the password you used when you installed or imported the file, and then click . 5. chosen security logon method. 6. Follow the on-screen instructions. Managing Trusted Contacts Trusted Contacts are users with whom
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 43
    Adding Trusted Contacts 1. You send an e-mail invitation to a Trusted Contact recipient. 2. The Trusted Contact recipient responds to the e-mail. 3. You receive the e-mail response from the Trusted Contact recipient, and click Accept. You can send Trusted Contact e-mail invitations to individual
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 44
    Manager. 2. Click the Trusted Contact you want to delete. 3. Click Delete contact. 4. When the confirmation dialog box opens, click Yes. 38 Chapter 4 Privacy Manager for HP ProtectTools (select models only)
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 45
    Checking revocation status for a Trusted Contact 1. Open Privacy Manager, and click Trusted Contacts Manager. 2. Click a Trusted Contact. 3. Click the Advanced button. The Advanced Trusted Contact Management dialog box opens. 4. Click Check Revocation. 5. Click Close. Setup procedures 39
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 46
    Office document 1. Right-click the HP ProtectTools icon in the notification area, dialog box opens, click Yes, and continue working. 4. When you have completed your editing, Add Signature Line Before Signing. NOTE: A check mark is displayed next to Add Signature Line Before Signing when this option
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 47
    of the document with instructions to sign by a specific date. To add Instructions to the signer, enter a message for this suggested signer. NOTE: This message will appear in place of a title, and is either deleted or replaced suggested signer will not be able to display the date and/or title in the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 48
    Microsoft Outlook, click New or Reply. 2. Type your e-mail message. 3. Attach the Microsoft Office document. 4. Refer to Sealing and sending an e-mail message for further instructions. Viewing a signed Microsoft Office document 42 Chapter 4 Privacy Manager for
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 49
    Certificate in order to view a signed Microsoft Office document. When a signed Microsoft Office document is opened, a Signatures dialog box opens next to the document, displaying the name of the user who signed the document and the date it was signed. You can right-click the name to view additional
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 50
    security label is displayed in the Windows Live Home. 2. Click the Windows Live icon, and then click Windows Live Services. 3. Click Gallery, and then click Messenger. 4. Click Activities, and then click Safety and Security. 5. Click Privacy Manager Chat, and then follow the on-screen instructions
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 51
    this button to close the Privacy Manager Chat window and return to the Chat Entry window. To display the Secure Communications window again, click Resume the session, and then you have set up. You can use the Display history for menu to select only specific accounts to view. General tasks 45
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 52
    History viewer 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. Click Privacy Manager: Sign and Chat, and to view its content. Reveal sessions for a specific account Revealing a session displays the decrypted Contact Screen Name for the currently selected
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 53
    sessions A list of sessions for all of your accounts is displayed in the Chat History Viewer. Displaying sessions for a specific account ▲ In the Chat History Viewer, select an account from the Display history for menu. Displaying sessions for a range of dates 1. In the Chat History View, click
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 54
    password-protected file to a network location or any removable storage device location, and then click Next. 5. Enter and confirm a password, and then click Next. NOTE: Store this password to a password-protected file, search for a location, and then click Next. 4. Enter the password you used when you
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 55
    supports the system hard drive only. About shredding Deleting an asset in Windows does not completely remove the contents of the asset from your hard drive. Windows can set up an automatic shred schedule, and you can also manually shred assets whenever you want. Free space bleaching allows you to
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 56
    or - ● Right-click the HP ProtectTools icon in the notification Windows shutdown - Choose this option to shred all selected assets when Windows shuts down. NOTE: When this option is selected, a dialog box is displayed Activate Scheduler check box, enter your Windows password, and then enter a day and
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 57
    To select a predefined shred profile: 1. Open File Sanitizer, and then click Settings. 2. Click a predefined shred profile. 3. Click View Details to view the list of assets that are selected for shredding. 4. Under Shred the following, select the check box next to each asset that you want to confirm
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 58
    4. Under Do not delete the following, click Add to select the specific assets that you want to exclude from shredding. NOTE: To remove an space bleaching schedule, select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to bleach your hard HP ProtectTools
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 59
    shredding one asset CAUTION: Shredded assets cannot be recovered. Carefully consider which items you select for manual shredding. 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click File Sanitizer, and then click Shred One. 2. When the Browse
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 60
    When the confirmation dialog box opens, click Yes. Manually shredding all selected items 1. Right-click the HP ProtectTools icon in the notification area, at the far , a message above the HP ProtectTools Security Manager icon in the notification area is displayed. The message provides details
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 61
    files of any errors or failures are generated. The log files are always updated according to the latest shred or free space bleaching operation. NOTE: Files that is created for free space bleaching operations. Both log files are located on the hard drive at: ● C:\Program Files\Hewlett-Packard\File
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 62
    and configuration settings. This gives users Windows access to system security features that are managed by Computer Setup. With BIOS Configuration, you can accomplish the following objectives: ● Manage administrator passwords. ● Configure other power-on authentication features, such as embedded
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 63
    or may not be a BIOS administrator. ● If you enter the Windows password incorrectly, you can only view BIOS configuration settings but not change them. 4. If you are not an HP ProtectTools user, the BIOS Configuration software checks to see whether a BIOS administrator password has been set up. ● If
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 64
    changes, and then click OK to save your changes and close the window. 3. Exit and restart the computer. Your changes go into effect when the computer restarts. NOTE: Password changes take effect immediately with no need to restart the computer. 58 Chapter 6 BIOS Configuration for HP ProtectTools
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 65
    the serial number) and about batteries in the system ● Specification information about the processor; cache and memory size; video version; keyboard controller version; and system ROM NOTE: The "File" page is for information purposes only. None of the displayed information can be modified. To
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 66
    to set a BIOS administrator password. System IDs Option Ownership Tag Asset Tracking Number Action Enter, view or change. Enter, view or change. TPM Embedded Security NOTE: This feature is supported only on computers equipped with the HP ProtectTools Embedded Security Chip (TPM). Option Reset of
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 67
    supported only on computers with optional smart card readers. Enable or disable. Administrator Tools Option HP SpareKey Always Prompt for HP SpareKey Enrollment Fingerprint Reset on Reboot (if present) Action Enable or disable. Enable or disable. Enable or disable. Password Policy Option Password
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 68
    options ● Port options ● Boot options ● Device configuration options ● Built-in device options ● AMT options (select models only) ● Security level options 3. Change the settings as needed. 4. Click Apply to apply the new settings to the system and leave the window open. - or - Click OK in the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 69
    Boot SD Card Boot Boot from EFI File Floppy boot PXE Internal NIC boot Boot Order Display Diagnostic URL Device configuration options Option USB Legacy Support Parallel port mode Fan always on while on AC power Data execution prevention SATA device mode Dual core CPU Secondary battery fast charge HP
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 70
    options Option Wireless Button State Embedded WLAN Device Radio Fingerprint Device Notebook MultiBay Notebook Upgrade Bay Security Level Network Interface Controller (LAN) Ambient light sensor Integrated Camera Embedded Bluetooth® Device Radio Modem Device Microphone LAN/WLAN Switching Wake on LAN
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 71
    , view, or hide. Express Card Slot Security Level Change, view, or hide. Dual Core CPU Security Level Change, view, or hide. Wake on LAN Security Level Change, view, or hide. Ambient Light Sensor Security Level Change, view, or hide. Secondary Battery Fast Charge Security Level Change
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 72
    Custom Logo Policy Unconfigure AMT on next boot Security Level SD Card Boot Security Level HP QuickLook 2 Security Level Wireless Button State Security Level Modem Device Security Level Finger Print reset Security Level HP SpareKey Security Level TXT Technology Security Level Diagnostic URL Security
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 73
    the key hierarchy ● Support for third-party applications HP ProtectTools can use the embedded chip as an authentication factor when the user logs on to Windows. On select models, the TPM embedded security chip also enables enhanced BIOS security features accessed through BIOS Configuration for HP
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 74
    for HP ProtectTools. To enable the embedded security chip: 1. Open Computer Setup by turning on or restarting the computer, and then pressing f10 while the "f10 = ROM Based Setup" message is displayed in the lower-left corner of the screen. 2. If you have not set an administrator password, use
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 75
    Security, you will perform the following tasks: ● Set an owner password for the embedded security chip that protects access to all owner functions all users. To initialize the embedded security chip: 1. Right-click the HP ProtectTools Security Manager icon in the notification area, at the far right
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 76
    password. To set up a basic user account and enable the user security features: 1. If the Embedded Security User Initialization Wizard is not open, clickStart , click All Programs, and then click HP obtain one from a certification authority. For instructions on configuring your e-mail and obtaining a
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 77
    the PSD directly from Windows Explorer. Encrypting files and folders When working with encrypted files, consider the following rules: ● Only files and folders on NTFS partitions can be encrypted. Files and folders on FAT partitions cannot be encrypted. ● System files and compressed files cannot
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 78
    the Basic User Key password: 1. Click Start , click All Programs, and then click HP ProtectTools Security Manager. 2. In the left pane, click Embedded Security, and then click User Settings. 3. In the right pane, under Basic User Key password, click Change. 4. Type the old password, and then set and
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 79
    left pane, click Embedded Security, and then click Backup. 3. In the right pane, click Backup. The HP Embedded Security for ProtectTools Backup Wizard opens. 4. Follow the on-screen instructions. Restoring certification data from the backup file To restore data from the backup file: 1. Click Start
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 80
    HP ProtectTools Security Manager. 2. In the left pane, click Embedded Security, and then click Advanced. 3. In the right pane, under Owner Password, click Change. 4. Type the old owner password, and then set and confirm the new owner password. 5. Click OK. Resetting a user password An administrator
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 81
    Migrating keys with the Migration Wizard Migration is an advanced administrator task that allows the management, restoration, and transfer of keys and certificates. For details on migration, refer to the Embedded Security software Help. Advanced tasks 75
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 82
    (select models only) This security tool is available to administrators only. Device Access Manager for HP ProtectTools has the following security features that protect against unauthorized access to devices attached to your computer system: ● Device profiles that are created for each user to define
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 83
    profiles to be applied, the HP ProtectTools Device Locking/Auditing background service must be running. When you first attempt to apply device profiles, HP ProtectTools Security Manager opens a dialog box to ask if you would you like to start the background service. Click Yes to start the background
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 84
    serial and parallel ports ● All Bluetooth devices ● All infrared devices ● All modem devices ● All PCMCIA devices ● All 1394 devices To deny access to a class of devices for all non Device Administrators: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 85
    More selections are available to allow specific users or groups of users to be granted or denied access to types of devices. Adding a user or a group 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the left pane, click Device Access Manager, and then click
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 86
    allow one user access to a specific device while denying access to all other members of that user's group for all devices in the class. To allow access to a specific device for one user but not the group: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 87
    . If a specific Single Sign On cannot be disabled for a given application, call HP technical support and request 3rd-level support through your HP Service contact. The option to Browse for Virtual Token is not displayed during the logon process. The user cannot move the location of a registered
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 88
    mode, the Administrator or user is unable to log on to Credential Manager and the Windows logon screen remains displayed no matter which logon credential (password, fingerprint, or Java Card) is selected. Update Windows to Service Pack 2 via Windows Update. Refer to Microsoft knowledge base article
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 89
    Identity process loses association with virtual token. Details Solution HP is investigating resolution options for future customer software releases. When user restores identity, Credential Manager can lose the association with the location of the virtual token at logon screen. Even though
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 90
    during Embedded Security initialization, an error message is displayed. This is as designed. Storage of the recovery archive on removable media is not supported. The recovery archive can be stored on a network drive or on another local drive other than the C drive. 84 Chapter 9 Troubleshooting
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 91
    the power loss: the Embedded Security Device option to password. However, HP strongly recommends having the Computer Setup (f10) Utility password protected at all times. The PSD password box is no longer displayed when the system becomes active after standby status When a user logs on to the system
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 92
    the PSD when the removable hard drive is not present, an error message is displayed stating that the device is not ready. During uninstall, if the user has not initialized the Basic User and opens the Administration tool, the Disable option is not available and Uninstaller will not continue until
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 93
    settings in the BIOS. ● Reboots the computer. ● Begins to restore Embedded Security. During the restore process, Credential Manager asks if the system can automate the logon to Infineon TPM User Authentication. If the user selects Yes, the location of SPEmRecToken is automatically displayed in the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 94
    is displayed: are working as designed Resetting the system ROM to default hides the TPM to Windows. This does not allow the security software to operate properly and makes TPM-encrypted data inaccessible. Unhide the TPM in BIOS: Open the Computer Setup (f10) Utility, navigate to Security > Device
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 95
    )\(admin name). This is the default setting if the Scheduled Task is created manually. HP is working to provide future product releases with default settings that include computer name\admin name. When the administrator instead configures the Automatic Backup to save to a mapped drive, the process
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 96
    access the devices. Verify that the HP ProtectTools Device Locking service has started. As an administrative user, browse to Control Panel > Administrative Tools > Services. In the Services window, search for the HP ProtectTools Device Locking/Auditing service. Be sure that the service is started
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 97
    TCG Spec. Version = 1.2 ● Vendor = Broadcom Corporation ● FW Version = 2.18 (or greater) ● TPM Device driver library version 2.0.0.9 (or greater) 5. If the FW version does not match 2.18, download and update the TPM firmware. The TPM Firmware SoftPaq is a support download available on the HP Web
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 98
    Embedded Security options (including Power-on authentication support). However, after reenabling Embedded Security Device, Power-on authentication support remains enabled. HP is working on a resolution, which will be provided in future Web-based ROM SoftPaq offerings. 92 Chapter 9 Troubleshooting
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 99
    log on to the system using the TPM password, but, if the user presses f10 to access the BIOS, the user is granted Read rights access only. To be able to write to BIOS, the user must type the BIOS password instead of the TPM password at the Poweron Authentication window. The BIOS asks for both the
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 100
    Setup setup password BIOS profile Group of BIOS configuration settings that can be saved and applied to other accounts. BIOS security mode Setting in Java Card Security that, when enabled, requires the use of a Java Card and a valid PIN for user authentication. certification authority Service that
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 101
    a set of common rules and procedures. Drive Encryption logon screen A logon screen that is displayed before Windows starts up. Users must enter their Windows user name and the password or Java Card PIN. Under most circumstances, entering the correct information at the Drive Encryption logon screen
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 102
    to a credit card, which stores identifying information about the owner. Used to authenticate the owner to a computer. stringent security Security feature in BIOS Configuration that provides enhanced protection for the power-on and administrator passwords and other forms of power-on authentication
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 103
    rights in Drive Encryption. They can only enroll (with administrator approval) and log in. virtual token Security feature that works very much like a Java Card and card reader. The token is saved either on the computer hard drive or in the Windows registry. When you log on with a virtual token, you
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 104
    troubleshooting 81 user verification 26 virtual token, creating 15 Windows Logon 17 Windows logon password, changing 15 Windows logon, allow 24 D data, restricting access to 6 decrypting a drive 27 Device Access Manager for HP ProtectTools background service 77 device class configuration 79 device
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 105
    69 P password Basic User Key 72 BIOS administrator 57 changing owner 74 emergency recovery token 69 guidelines 10 HP ProtectTools 8 managing 8 owner 69 policies, creating 7 resetting user 74 secure, creating 10 Windows 57 Windows logon 15 personal secure drive (PSD) 71 port options 61, 62 power-on
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 106
    displaying sessions for a range of dates 47 displaying sessions for a specific account 47 displaying 43 using Privacy Manager in Windows Live Messenger 44 view a password 9 setting boot options 61 built-in device options 61 device configuration options 61 port options 61 security options 60 system
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 107
    69 troubleshooting Credential Manager 81 Device Access Manager 90 Embedded Security 84 miscellaneous 91 U unauthorized access, preventing 6 V viewing file options 59 viewing settings 58 virtual token 15 virtual token, Credential Manager 13, 15 W Windows Logon Credential Manager 17 password 9 Index
  • HP 6930p | ProtectTools (Select Models Only) - Windows 7 - Page 108
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
HP ProtectTools
User Guide