HP 8000 HP ProtectTools Guide

HP 8000 - Elite Convertible Minitower PC Manual

Get HP 8000 - Elite Convertible Minitower PC PDF manuals and user guides
UPC - 884420665106
View all HP 8000 manuals
Add to My Manuals
Save this manual to your list of manuals

HP 8000 manual content summary:

  • HP 8000 | HP ProtectTools Guide - Page 1
    HP ProtectTools Security Software, Version 5.0 User Guide
  • HP 8000 | HP ProtectTools Guide - Page 2
    services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors written consent of Hewlett-Packard Company. HP ProtectTools Security Software User Guide HP Compaq Business PC First Edition: September 2009 Document Part
  • HP 8000 | HP ProtectTools Guide - Page 3
    About This Book This guide provides basic information for upgrading this computer model. WARNING! Text set off in this manner indicates that failure to follow directions could result in bodily harm or loss of life. CAUTION: Text
  • HP 8000 | HP ProtectTools Guide - Page 4
    iv About This Book ENWW
  • HP 8000 | HP ProtectTools Guide - Page 5
    7 Backing up credentials and settings 8 2 HP ProtectTools Security Manager Administrative Console About HP ProtectTools Administrative Console 9 Using the Administrative Console ...9 Getting Started - Setup Wizard ...10 Configuring your system ...10 Enabling security features 11 Defining Security
  • HP 8000 | HP ProtectTools Guide - Page 6
    Setting credentials ...16 Changing your Windows password 16 Setting up a Smart Card ...16 Managing communication privacy ...17 Shredding or bleaching files 24 Password Manager Icon settings ...24 5 Drive Encryption for HP ProtectTools Setup procedures ...27 Opening Drive Encryption 27 General
  • HP 8000 | HP ProtectTools Guide - Page 7
    36 Using Privacy Manager in Microsoft Outlook 39 Using Privacy Manager in Windows Live Messenger 40 Advanced tasks ...45 Migrating Privacy Manager Certificates and Trusted Contacts to a different computer ...45 Exporting Privacy Manager Certificates and Trusted Contacts 45 Importing Privacy
  • HP 8000 | HP ProtectTools Guide - Page 8
    57 Changing the owner password 57 Resetting a user password 57 Migrating keys with the Migration Wizard 57 10 Device Access Manager for HP ProtectTools Starting background service ...59 Simple or Denying Permissions 61 11 LoJack Pro for HP ProtectTools Glossary ...63 Index ...67 viii ENWW
  • HP 8000 | HP ProtectTools Guide - Page 9
    . HP Professional Desktop systems do not currently support fingerprint devices. HP ProtectTools software modules may be preinstalled, preloaded, or available as a configurable option or as an after market option. Visit http://www.hp.com for more information. NOTE: The instructions in this guide are
  • HP 8000 | HP ProtectTools Guide - Page 10
    such as Windows password and Smart Card. ● Configure and change File Sanitizer Shred, Bleaching, and Settings. ● View settings for Encryption Status and Device Access Manager. ● Use Privacy Manager to increase security of e-mails, documents, and instant messaging. ● Activate LoJack Pro for HP
  • HP 8000 | HP ProtectTools Guide - Page 11
    even if the hard drive is reformatted or replaced. ● Requires separate purchase of tracking and tracing subscription to activate. Accessing HP ProtectTools Security To access HP ProtectTools Security Manager from the Windows Start menu: ▲ In Windows, click Start, click All Programs, and then click
  • HP 8000 | HP ProtectTools Guide - Page 12
    's location after a theft. See the following chapter: ◦ LoJack Pro for HP ProtectTools on page 62 Restricting access to sensitive data Suppose a contract auditor is working on site and has been given computer access to review sensitive financial data; you do not want the auditor to be able to
  • HP 8000 | HP ProtectTools Guide - Page 13
    to an unsecured business PC presents a very tangible risk to critical data such as information from financial services, an executive, or the hard drive. See the following chapter: ◦ Device Access Manager for HP ProtectTools on page 59 ● The Personal Secure Drive feature encrypts sensitive data
  • HP 8000 | HP ProtectTools Guide - Page 14
    logon process, allowing access to Windows and Password Manager simultaneously. Used to access Embedded Security features, such as secure e-mail, file, and folder encryption. When used for power-on authentication, also protects access to the computer contents when the computer is turned on, restarted
  • HP 8000 | HP ProtectTools Guide - Page 15
    if the Java Card token is selected. Protects access to the Computer Setup utility. BIOS Windows Control Panel Protects access to the computer contents when the computer is turned on, restarted, or restored from hibernation. Can be used for manual logon or saved on the Java Card. Creating a secure
  • HP 8000 | HP ProtectTools Guide - Page 16
    ways: ● Use Drive Encryption for HP ProtectTools to select and back up HP ProtectTools credentials. You can also register for Online Drive Encryption Key Recovery Service to store a backup copy of your encryption key, which will enable you to access your computer if you forget your password and do
  • HP 8000 | HP ProtectTools Guide - Page 17
    users of the computer ● Adjust device-specific parameters ● Configure Security Manager applications ● Add additional Security Manager applications Using the Administrative Console The Security Manager Administrative Console is the central location for administering HP ProtectTools Security Manager
  • HP 8000 | HP ProtectTools Guide - Page 18
    and all users who share the computer. The first time that you log on to Windows, you will be prompted to set up HP ProtectTools Security Manager. Click OK to launch the Security Manager Setup wizard, which will guide you through the basic steps in configuring the program. NOTE: You can also launch
  • HP 8000 | HP ProtectTools Guide - Page 19
    to authenticate each class of user when accessing the computer and HP ProtectTools applications during a user session. Logon tab To specify the credentials required to access the computer, decrypt the hard drive, and log on to Windows: 1. In the left pane of the Administrative Console, expand
  • HP 8000 | HP ProtectTools Guide - Page 20
    a user when logging on to HP ProtectTools applications during a Windows session: 1. In the left pane specific setting. 3. Click the Apply button to save the changes. NOTE: The Allow One Step logon setting allows users of this computer to skip Windows logon if authentication was performed at the BIOS
  • HP 8000 | HP ProtectTools Guide - Page 21
    lock when a smart card is removed. However, the computer will lock only if the smart card was used as an authentication credential when logging on to Windows. 1. Click Start, click All Programs, and then click HP ProtectTools Administrative Console. 2. In the Administrative Console left pane
  • HP 8000 | HP ProtectTools Guide - Page 22
    been removed from the computer or sent to a data recovery service. To enable or disable Drive Encryption, click on the Setup Wizard in the Administrative Console. For more information on using Drive Encryption for HP ProtectTools, refer to Drive Encryption for HP ProtectTools on page 26. Managing
  • HP 8000 | HP ProtectTools Guide - Page 23
    , users may log in using any one of the configured security login methods when the computer is first turned on. This action logs the user in to Windows. ● If the HP Drive Encryption and the HP Password Manager levels of security have been configured and all security login methods are required
  • HP 8000 | HP ProtectTools Guide - Page 24
    computer. Each supported credential will have an entry in the Credentials group. Changing your Windows password Security Manager makes changing your Windows password simpler or quicker than doing it through the Windows Control panel. To change your Windows password: 1. In HP strong form of
  • HP 8000 | HP ProtectTools Guide - Page 25
    confirm a PIN and then click Save. Managing communication privacy Privacy Manager for HP ProtectTools enables you to use advanced security login ( HP ProtectTools, refer to File Sanitizer for HP ProtectTools on page 46. Viewing drive encryption status Drive Encryption is set up by the Windows
  • HP 8000 | HP ProtectTools Guide - Page 26
    Software to remotely monitor, manage, and track your computer. If your computer is lost or stolen, Absolute's Recovery Team will partner with law enforcement towards recovery. For more information on using LoJack Pro, refer to LoJack Pro for HP ProtectTools on page 62. Adding applications Additional
  • HP 8000 | HP ProtectTools Guide - Page 27
    your data: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the Security Manager left pane, click Advanced listed. Click Next. 7. Click Finish. Changing your Windows user name and picture Your Windows user name and a picture are displayed in the upper
  • HP 8000 | HP ProtectTools Guide - Page 28
    3. To change your picture, click the Choose Picture button and browse to select a picture. 4. Click the Save button to save your changes. 20 Chapter 3 HP ProtectTools Security Manager ENWW
  • HP 8000 | HP ProtectTools Guide - Page 29
    to the logon screen and log you in automatically. To verify your identity you will use your HP ProtectTools credentials, such as your Windows password or smart card, depending on your computer configuration. This means that you will use the same credentials to log on to all logon screens you
  • HP 8000 | HP ProtectTools Guide - Page 30
    selecting Add Logon from the Password Manager Manage tab. Some options depend on the security devices connected to the computer; for example using the Ctrl-H Hot Key or inserting a smart card. ● Click the arrows to the credential(s) to log on. 22 Chapter 4 Password Manager for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 31
    change the Hot Key combination from Password Manager > Settings. Organizing logons into categories Use categories to keep your logons in order. It's a simple matter of creating one or more categories and drag-and-dropping your logons into the desired categories. To add a category: 1. In the Security
  • HP 8000 | HP ProtectTools Guide - Page 32
    select Password Manager and click the Manage tab. ● Add a logon - Click Add Logon and follow the on-screen instructions. ● Edit a logon - Select a logon and click Edit. Then change the logon data as desired. ● Manager icon with a "+" sign. 24 Chapter 4 Password Manager for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 33
    for it. ● Do not prompt for this screen - Select this option so that Password Manager will not prompt you again to add a logon for this specific logon screen. ● Never prompt - Select this option to ensure that Password Manager never prompts you for logon screens that have not been set up. Additional
  • HP 8000 | HP ProtectTools Guide - Page 34
    drive has been removed from the computer or sent to a data recovery service. Drive Encryption for HP ProtectTools software is the industry's first : Drive Encryption does not support Dictionary Attack prevention without configuring Embedded Security for HP ProtectTools password protection and using
  • HP 8000 | HP ProtectTools Guide - Page 35
    must log in at the Drive Encryption logon screen: NOTE: If the Windows administrator has enabled Pre-boot Security in the HP ProtectTools Administrative Console, you will log in to the computer immediately after the computer is turned on, rather than at the Drive Encryption logon screen. 1. Select
  • HP 8000 | HP ProtectTools Guide - Page 36
    encryption status of all of the hard drives on the computer. Activating a TPM-protected password Use Embedded Security for HP ProtectTools to activate the TPM. After activation, logging in at the Drive Encryption logon screen requires the Windows user name and password. NOTE: Because the password is
  • HP 8000 | HP ProtectTools Guide - Page 37
    encryption key is saved on the storage device you selected. 5. Click OK when the confirmation dialog box opens. NOTE: Refer to the Drive Encryption for HP ProtectTools Help file for information on managing and performing a recovery. ENWW Advanced tasks 29
  • HP 8000 | HP ProtectTools Guide - Page 38
    security of communication when using Microsoft mail, Microsoft Office documents, and Instant Messenger. Privacy Manager leverages the security infrastructure provided by HP ProtectTools Security Manager, which includes the following security logon methods: ● Windows password ● HP ProtectTools Java
  • HP 8000 | HP ProtectTools Guide - Page 39
    Privacy Manager) using a valid e-mail address. The e-mail address must be set up as an account within Microsoft Outlook on the same computer from which you are requesting the Privacy Manager Certificate. Requesting a Privacy Manager Certificate 1. In the Security Manager left pane, expand Privacy
  • HP 8000 | HP ProtectTools Guide - Page 40
    -screen instructions to purchase a new Privacy Manager Certificate. NOTE: The Privacy Manager Certificate renewal process does not replace your are installed on your computer. If you have more than one Privacy Manager Certificate on your computer that was installed from for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 41
    click Revoke. 4. When the confirmation dialog box opens, click Yes. 5. Authenticate using your chosen security logon method. 6. Follow the on-screen instructions. Managing Trusted Contacts Trusted Contacts are users with whom you have exchanged Privacy Manager Certificates, enabling you to securely
  • HP 8000 | HP ProtectTools Guide - Page 42
    become a Trusted Contact, Trusted Contact recipients must have Privacy Manager installed on their computers or have the alternate client installed. For information on installing the alternate client, to your Trusted Contacts list. 9. Click OK. 34 Chapter 6 Privacy Manager for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 43
    Adding Trusted Contacts using your Microsoft Outlook address book 1. In the Security Manager left pane, expand Privacy Manager, click Trusted Contacts, and then click the Invite Contacts button. - or - In Microsoft Outlook, click the down arrow next to Send Securely on the toolbar, and then click
  • HP 8000 | HP ProtectTools Guide - Page 44
    you are using Microsoft Office 2007, you must have all the Microsoft updates applied otherwise some signed e-mails will go into the Junk E-mail . Configuring Privacy Manager in a Microsoft Office document 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the
  • HP 8000 | HP ProtectTools Guide - Page 45
    at the bottom of the final page of the document with instructions to sign by a specific date. To add a suggested signer to a Microsoft Word Instructions to the signer, enter a message for this suggested signer. NOTE: This message will appear in place of a title, and is either deleted or replaced
  • HP 8000 | HP ProtectTools Guide - Page 46
    . 4. Click the down arrow next to Sign and Encrypt, and then click Remove Encryption. Sending an encrypted Microsoft Office document 38 Chapter 6 Privacy Manager for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 47
    Refer to Sealing and sending an e-mail message for further instructions. Viewing a signed Microsoft Office document NOTE: You do Manager must be installed on his or her computer. In addition, the Trusted Contact must the Microsoft updates applied otherwise some signed e-mails will go into the
  • HP 8000 | HP ProtectTools Guide - Page 48
    of the person who signed the e-mail Using Privacy Manager in Windows Live Messenger NOTE: Live Messenger is a Microsoft Product and changes made by Microsoft to their product may not be reflected in this document. HP uses Live Messenger for Privacy Manager Chat. You must install Live
  • HP 8000 | HP ProtectTools Guide - Page 49
    Windows Live Messenger, follow these steps: 1. Log in to Windows Live Home. 2. Click Activities, and then click Safety and Security. 3. Click Privacy Manager Chat, and then follow the on-screen instructions the bottom toolbar and select Privacy Manager for HP ProtectTools - Start Chat. 3. Enter your
  • HP 8000 | HP ProtectTools Guide - Page 50
    Windows window After starting Privacy Manager Chat, a Privacy Manager Chat window opens in Windows Live Messenger. Using Privacy Manager Chat is similar to using basic Windows window Communications window. window and return to the Chat Entry window. To display the Secure Communications window window
  • HP 8000 | HP ProtectTools Guide - Page 51
    that you have set up. You can use the Display history for menu to select only specific accounts to view. Starting the Chat History viewer 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. Click Privacy Manager: Sign and Chat, and then click Chat History Viewer
  • HP 8000 | HP ProtectTools Guide - Page 52
    Search sessions for specific text You can only search for text in revealed (decrypted) sessions that are displayed in the viewer window. These are the sessions where the Contact Screen Name is shown in alternate history files folder check box. 44 Chapter 6 Privacy Manager for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 53
    them as a password-protected file to a network location or any removable storage device, and then import the file to the new computer. Exporting Privacy Manager Certificates and Trusted Contacts To export your Privacy Manager Certificates and Trusted Contacts to a password-protected file, follow
  • HP 8000 | HP ProtectTools Guide - Page 54
    with new information. Shredding is different than a standard Windows delete (also known as a simple delete in File Sanitizer) in that when you shred automatic free space bleaching schedule or you can manually activate free space bleaching using the HP ProtectTools icon in the notification area, at
  • HP 8000 | HP ProtectTools Guide - Page 55
    . - or - ● Right-click the HP ProtectTools icon in the notification area, at using the Windows Recycle Bin or for manually deleted assets Windows will close the software in preparation for shutting down and produce an error. If you select No in order to continue shredding, Windows may produce an error
  • HP 8000 | HP ProtectTools Guide - Page 56
    ● Scheduler - Select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to shred selected the higher the number of shred cycles you specify, the more secure the computer is. 3. Select the assets you want to shred: a. Under Available HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 57
    the asset, and then click Remove 4. Under Do not delete the following, click Add to select the specific assets that you want to exclude from shredding. 5. When you finish configuring the simple delete profile, click Apply. General tasks Using a key sequence to initiate shredding To specify a key
  • HP 8000 | HP ProtectTools Guide - Page 58
    to the File Sanitizer icon on the desktop. 3. When the confirmation dialog box opens, click Yes. Manually shredding one asset CAUTION: Shredded assets recovered. Carefully consider which items you select for manual shredding. 1. Right-click the HP ProtectTools icon in the notification area, at the
  • HP 8000 | HP ProtectTools Guide - Page 59
    the desktop, and then click Shred Now. 2. When the confirmation dialog box opens, click Yes. Manually activating free space bleaching 1. Right-click the HP ProtectTools is performed, log files of any errors or failures are generated. The log files are always updated according to the latest shred or
  • HP 8000 | HP ProtectTools Guide - Page 60
    be used to access Password Manager, Drive Encryption, HP BIOS, or any number of third party access points. the Computer Setup utility to enable Java Card authentication in a power-on Windows password, then enter a Smart Card PIN number. 5. Click Save. 52 Chapter 8 Java Card Security for HP
  • HP 8000 | HP ProtectTools Guide - Page 61
    (EFS is not available on Windows Home versions) ● Creation of a personal secure drive (PSD) for protecting user data ● Data management functions, such as backing up and restoring the key hierarchy ● Some models provide Embedded Security Power On Authentication ● Support for third-party applications
  • HP 8000 | HP ProtectTools Guide - Page 62
    Setup utility as described below. This procedure cannot be performed in BIOS Configuration for HP ProtectTools. To enable the embedded security chip in Computer Setup: 1. Open Computer Setup by turning on or restarting the computer, and then pressing F10 while the "F10 = ROM Based Setup" message
  • HP 8000 | HP ProtectTools Guide - Page 63
    area, at the far right of the taskbar, and then select Embedded Security Initialization. The HP ProtectTools Embedded Security Initialization Wizard opens. 2. Follow the on-screen instructions. Setting up the basic user account Setting up a basic user account in Embedded Security accomplishes
  • HP 8000 | HP ProtectTools Guide - Page 64
    able to use a recovery agent to decrypt your information. NOTE: Encrypting files and folders is not supported on Windows Home versions. To encrypt files and folders: 1. Right-click the file or folder that you want Help for your e-mail program. 56 Chapter 9 Embedded Security for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 65
    Backup. 3. In the right pane, click Configure. The HP Embedded Security for HP ProtectTools Backup Wizard opens. 4. Follow the on-screen instructions. Restoring certification data from the backup file To restore data from , restoration, and transfer of keys and certificates. ENWW Advanced tasks 57
  • HP 8000 | HP ProtectTools Guide - Page 66
    For details on migration, refer to the Embedded Security software Help. 58 Chapter 9 Embedded Security for HP ProtectTools ENWW
  • HP 8000 | HP ProtectTools Guide - Page 67
    instructions. Starting background service For device profiles to be applied, the HP ProtectTools Device Locking/Auditing background service you control through Device Access Manager Simple Configuration. serial and parallel ports for all non-Device Administrators ENWW Starting background service 59
  • HP 8000 | HP ProtectTools Guide - Page 68
    Administrative Console. 2. In the left pane, click Device Access Manager, and then click Simple Configuration. 3. In the right pane, select the check box of a device to deny access. 4. Click the Save icon. NOTE: If background service is not running, it attempts to start now. Click Yes to allow it
  • HP 8000 | HP ProtectTools Guide - Page 69
    -only) Configuration Settings access in order to view the Simple Configuration and Device Class Configuration information. A user or a user or group 1. Click Start, click All Programs, and then click HP ProtectTools Administrative Console. 2. In the left pane, expand Device Access Manager, and
  • HP 8000 | HP ProtectTools Guide - Page 70
    , the Customer Center can assist local authorities to locate and recover the computer. If configured, LoJack Pro can continue to function even if the hard drive is erased or replaced. To activate LoJack Pro for HP ProtectTools: 1. Connect to the Internet. 2. Click Start, click All Programs, and then
  • HP 8000 | HP ProtectTools Guide - Page 71
    administrator. See Windows administrator. asset as accessing a computer, modifying settings HP ProtectTools. Automatic Technology Manager (ATM). Allows network administrators to manage systems remotely at the BIOS level. BIOS specific individuals. decryption. Procedure used in cryptography to convert
  • HP 8000 | HP ProtectTools Guide - Page 72
    in cryptography to convert plain text into Windows user or administrator account, either on a local computer, in a workgroup, or on a domain. personal secure drive (PSD). Provides a protected storage area for sensitive information. power-on authentication. Security feature that requires some form
  • HP 8000 | HP ProtectTools Guide - Page 73
    Windows reference to an asset. The asset content remains on the hard drive until obscuring data is written over it by free space bleaching. smart card. Small for the HP ProtectTools Embedded Security Chip. A TPM authenticates a computer, rather than a user, by storing information specific to the
  • HP 8000 | HP ProtectTools Guide - Page 74
    Hardware and firmware that provides security against attacks on a computer's software and data. user. Anyone enrolled in Drive Encryption approval) and log in. Windows administrator. A user with full rights to modify permissions and manage other users. Windows user account. Profile for an
  • HP 8000 | HP ProtectTools Guide - Page 75
    and restoring certification information 57 Embedded Security 57 backup and restore 18 basic user account 55 Basic User Key password setting 55 BIOS administrator password 7 C changing Windows password 16 Computer Setup administrator password 7 configuring users 10 controlling device access 59 D data
  • HP 8000 | HP ProtectTools Guide - Page 76
    G Getting started administrators 10 H HP ProtectTools features 2 HP ProtectTools Security Manager adding applications 18 backup and restore 18 changing Windows user name 19 changing your picture 19 device access 17 drive encryption status 17 logging in 15 managing communication privacy 17 managing
  • HP 8000 | HP ProtectTools Guide - Page 77
    40 search sessions for specific text 44 sending an Microsoft Outlook 39 using Privacy Manager in Windows Live Messenger 40 view a session 43 10 logging in 15 login methods 10 roles 6 setup wizard 10 security setup password 7 shred profile customizing 48 predefined 48 selecting or creating 48 simple
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
HP ProtectTools Security Software, Version 5.0
User Guide