HP Dc5700 HP Compaq dc5700 Business PC Service Reference Guide, 1st Edition - Page 51

Cable Lock Provision, Using DriveLock, DriveLock Applications

Get HP Dc5700 - Compaq Business Desktop PDF manuals and user guides
UPC - 882780819535
View all HP Dc5700 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 51 highlights

Desktop Management Using DriveLock When one or more hard drives that support the ATA Security command set are detected, the DriveLock option appears under the Security menu in Computer Setup. The user is presented with options to set the master password or to enable DriveLock. A user password must be provided in order to enable DriveLock. Since the initial configuration of DriveLock is typically performed by a system administrator, a master password should be set first. HP encourages system administrators to set a master password whether they plan to enable DriveLock or keep it disabled. This will give the administrator the ability to modify DriveLock settings if the drive is locked in the future. Once the master password is set, the system administrator may enable DriveLock or choose to keep it disabled. If a locked hard drive is present, POST will require a password to unlock the device. If a power-on password is set and it matches the device's user password, POST will not prompt the user to re-enter the password. Otherwise, the user will be prompted to enter a DriveLock password. On a cold boot, either the master or the user password may be used. On a warm boot, enter the same password used to unlock the drive during the preceding cold-boot. Users will have two attempts to enter a correct password. On a cold boot, if neither attempt succeeds, POST will continue but the drive will remain inaccessible. On a warm boot or restart from Windows, if neither attempt succeeds, POST will halt and the user will be instructed to cycle power. DriveLock Applications The most practical use of the DriveLock security feature is in a corporate environment. The system administrator would be responsible for configuring the hard drive which would involve, among other things, setting the DriveLock master password and a temporary user password. In the event that the user forgets the user password or the equipment is passed on to another employee, the master password can always be used to reset the user password and regain access to the hard drive. HP recommends that corporate system administrators who choose to enable DriveLock also establish a corporate policy for setting and maintaining master passwords. This should be done to prevent a situation where an employee intentionally or unintentionally sets both DriveLock passwords before leaving the company. In such a scenario, the hard drive would be rendered unusable and require replacement. Likewise, by not setting a master password, system administrators may find themselves locked out of a hard drive and unable to perform routine checks for unauthorized software, other asset control functions, and support. For users with less stringent security requirements, HP does not recommend enabling DriveLock. Users in this category include personal users or users who do not maintain sensitive data on their hard drives as a common practice. For these users, the potential loss of a hard drive resulting from forgetting both passwords is much greater than the value of the data DriveLock has been designed to protect. Access to Computer Setup and DriveLock can be restricted through the Setup password. By specifying a Setup password and not giving it to end users, system administrators are able to restrict users from enabling DriveLock. 3.5.5 Cable Lock Provision The rear panel of the computer accommodates a cable lock so that the computer can be physically secured to a work area. For illustrated instructions, please see the Removal and Replacement chapter for the specific chassis. Service Reference Guide, dc5700 437804-001 3-23

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
Service Reference Guide, dc5700
437804-001
3–23
Desktop Management
Using DriveLock
When one or more hard drives that support the ATA Security command set are detected, the
DriveLock option appears under the Security menu in Computer Setup. The user is presented
with options to set the master password or to enable DriveLock. A user password must be
provided in order to enable DriveLock. Since the initial configuration of DriveLock is typically
performed by a system administrator, a master password should be set first. HP encourages
system administrators to set a master password whether they plan to enable DriveLock or keep
it disabled. This will give the administrator the ability to modify DriveLock settings if the drive is
locked in the future. Once the master password is set, the system administrator may enable
DriveLock or choose to keep it disabled.
If a locked hard drive is present, POST will require a password to unlock the device. If a
power-on password is set and it matches the device’s user password, POST will not prompt the
user to re-enter the password. Otherwise, the user will be prompted to enter a DriveLock
password. On a cold boot, either the master or the user password may be used. On a warm boot,
enter the same password used to unlock the drive during the preceding cold-boot. Users will have
two attempts to enter a correct password. On a cold boot, if neither attempt succeeds, POST will
continue but the drive will remain inaccessible. On a warm boot or restart from Windows, if
neither attempt succeeds, POST will halt and the user will be instructed to cycle power.
DriveLock Applications
The most practical use of the DriveLock security feature is in a corporate environment. The
system administrator would be responsible for configuring the hard drive which would involve,
among other things, setting the DriveLock master password and a temporary user password. In
the event that the user forgets the user password or the equipment is passed on to another
employee, the master password can always be used to reset the user password and regain access
to the hard drive.
HP recommends that corporate system administrators who choose to enable DriveLock also
establish a corporate policy for setting and maintaining master passwords. This should be done to
prevent a situation where an employee intentionally or unintentionally sets both DriveLock
passwords before leaving the company. In such a scenario, the hard drive would be rendered
unusable and require replacement. Likewise, by not setting a master password, system
administrators may find themselves locked out of a hard drive and unable to perform routine
checks for unauthorized software, other asset control functions, and support.
For users with less stringent security requirements, HP does not recommend enabling DriveLock.
Users in this category include personal users or users who do not maintain sensitive data on their
hard drives as a common practice. For these users, the potential loss of a hard drive resulting
from forgetting both passwords is much greater than the value of the data DriveLock has been
designed to protect. Access to Computer Setup and DriveLock can be restricted through the
Setup password. By specifying a Setup password and not giving it to end users, system
administrators are able to restrict users from enabling DriveLock.
3.5.5 Cable Lock Provision
The rear panel of the computer accommodates a cable lock so that the computer can be
physically secured to a work area. For illustrated instructions, please see the Removal and
Replacement chapter for the specific chassis.