Home » HP Manuals » Laptops » HP ProBook 6565b » Manual Viewer

HP ProBook 6565b HP ProtectTools Getting Started - Windows 7 and Windows Vista - Page 16

Achieving key security objectives, Protecting against targeted theft - review

Add to My Manuals
Save this manual to your list of manuals

Page 16 highlights

Achieving key security objectives The HP ProtectTools modules can work together to provide solutions for a variety of security issues, including the following key security objectives: ● Protecting against targeted theft ● Restricting access to sensitive data ● Preventing unauthorized access from internal or external locations ● Creating strong password policies Protecting against targeted theft An example of targeted theft would be the theft of a computer containing confidential data and customer information at an airport security checkpoint. The following features help protect against targeted theft: ● The pre-boot authentication feature, if enabled, helps prevent access to the operating system. Refer to the following chapters: ◦ Security Manager for HP ProtectTools ◦ Embedded Security for HP ProtectTools ◦ Drive Encryption for HP ProtectTools ● The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools module, encrypts sensitive data to help ensure that it cannot be accessed without authentication. Refer to the following chapter: ◦ Embedded Security for HP ProtectTools ● Computrace can track the computer's location after a theft. Refer to the following chapter: ◦ Computrace for HP ProtectTools Restricting access to sensitive data Suppose a contract auditor is working onsite and has been given computer access to review sensitive financial data; you do not want the auditor to be able to print the files or save them to a writable device such as a CD. The following feature helps restrict access to data: ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writable devices so sensitive information cannot be printed or copied from the hard drive onto removable media. Preventing unauthorized access from internal or external locations Unauthorized access to an unsecured business computer presents a very real risk to corporate network resources such as information from financial services, an executive, or the R&D team, and to 8 Chapter 1 Introduction to security

Section	Page
Introduction to security	9
HP ProtectTools features	10
HP ProtectTools security product description and common use examples	12
Credential Manager for HP ProtectTools	12
Drive Encryption for HP ProtectTools	12
File Sanitizer for HP ProtectTools	13
Device Access Manager for HP ProtectTools	13
Privacy Manager for HP ProtectTools	14
Computrace for HP ProtectTools (formerly LoJack Pro)	14
Embedded Security for HP ProtectTools (select models only)	14
Achieving key security objectives	16
Protecting against targeted theft	16
Restricting access to sensitive data	16
Preventing unauthorized access from internal or external locations	16
Creating strong password policies	17
Additional security elements	18
Assigning security roles	18
Managing HP ProtectTools passwords	18
Creating a secure password	20
Backing up and restoring HP ProtectTools credentials	20
Getting started with the Setup Wizard	21
HP ProtectTools Security Manager Administrative Console	23
Opening HP ProtectTools Administrative Console	24
Using Administrative Console	25
Configuring your system	26
Setting up authentication for your computer	26
Logon Policy	26
Session Policy	27
Settings	27
Managing users	27
Credentials	28
SpareKey	28
Fingerprints	28
Smart card	29
Face	29
Configuring your applications	30
General tab	30
Applications tab	30
Central Management	30
HP ProtectTools Security Manager	31
Opening Security Manager	32
Using the Security Manager dashboard	33
Security Applications Status	34
My Logons	35
Password Manager	35
For Web pages or programs where a logon has not yet been created	35
For Web pages or programs where a logon has already been created	36
Adding logons	36
Editing logons	37
Using the Logons menu	38
Organizing logons into categories	38
Managing your logons	38
Assessing your password strength	39
Password Manager icon settings	39
VeriSign Identity Protection (VIP)	40
Settings	41
Credential Manager	41
Changing your Windows password	41
Setting up your SpareKey	42
Enrolling your fingerprints	42
Setting up a smart card	43
Initializing the smart card	43
Registering the smart card	43
Configuring the smart card	44
Enrolling scenes for face logon	44
Advanced User Settings	45
Your personal ID card	47
Setting your preferences	47
Backing up and restoring your data	48
Drive Encryption for HP ProtectTools (select models only)	50
Opening Drive Encryption	51
General tasks	52
Activating Drive Encryption for standard hard drives	52
Activating Drive Encryption for self-encrypting drives	52
Deactivating Drive Encryption	54
Logging in after Drive Encryption is activated	54
Protect your data by encrypting your hard drive	56
Displaying encryption status	56
Advanced tasks	57
Managing Drive Encryption (administrator task)	57
Encrypting or decrypting individual drives (software encryption only)	57
Backup and recovery (administrator task)	58
Backing up encryption keys	58
Recovering encryption keys	58
Privacy Manager for HP ProtectTools (select models only)	59
Opening Privacy Manager	60
Setup procedures	61
Managing Privacy Manager Certificates	61
Requesting a Privacy Manager Certificate	61
Obtaining a preassigned Corporate Privacy Manager Certificate	62
Setting up a Privacy Manager Certificate	62
Importing a third-party certificate	62
Viewing Privacy Manager Certificate details	63
Renewing a Privacy Manager Certificate	63
Setting a default Privacy Manager Certificate	63
Deleting a Privacy Manager Certificate	64
Restoring a Privacy Manager Certificate	64
Revoking your Privacy Manager Certificate	64
Managing Trusted Contacts	65
Adding Trusted Contacts	65
Adding a Trusted Contact	65
Adding Trusted Contacts using Microsoft Outlook contacts	66
Viewing Trusted Contact details	67
Deleting a Trusted Contact	67
Checking revocation status for a Trusted Contact	67
General tasks	68
Using Privacy Manager in Microsoft Outlook	68
Configuring Privacy Manager for Microsoft Outlook	68
Signing and sending an e-mail message	68
Sealing and sending an e-mail message	69
Viewing a sealed e-mail message	69
Using Privacy Manager in a Microsoft Office 2007 document	69
Configuring Privacy Manager for Microsoft Office	70
Signing a Microsoft Office document	70
Adding a signature line when signing a Microsoft Word or Microsoft Excel document	70
Adding suggested signers to a Microsoft Word or Microsoft Excel document	70
Adding a suggested signer's signature line	71
Encrypting a Microsoft Office document	71
Removing encryption from a Microsoft Office document	72
Sending an encrypted Microsoft Office document	72
Viewing a signed Microsoft Office document	72
Viewing an encrypted Microsoft Office document	73
Advanced tasks	74
Migrating Privacy Manager Certificates and Trusted Contacts to a different computer	74
Backing up Privacy Manager Certificates and Trusted Contacts	74
Restoring Privacy Manager Certificates and Trusted Contacts	74
Central administration of Privacy Manager	75
File Sanitizer for HP ProtectTools	76
Shredding	77
Free space bleaching	78
Opening File Sanitizer	79
Setup procedures	80
Setting a shred schedule	80
Setting a free space bleaching schedule	80
Selecting or creating a shred profile	81
Selecting a predefined shred profile	81
Customizing a shred profile	81
Customizing a simple delete profile	82
General tasks	84
Using a key sequence to initiate shredding	84
Using the File Sanitizer icon	85
Manually shredding one asset	85
Manually shredding all selected items	85
Manually activating free space bleaching	86
Aborting a shred or free space bleaching operation	86
Viewing the log files	86
Device Access Manager for HP ProtectTools (select models only)	87
Opening Device Access Manager	88
Setup Procedures	89
Configuring device access	89
Simple Configuration	89
Starting the background service	90
Device Class Configuration	90
Denying access to a user or group	92
Allowing access for a user or a group	92
Allowing access to a class of devices for one user of a group	93
Allowing access to a specific device for one user of a group	93
Removing settings for a user or a group	94
Resetting the configuration	94
JITA Configuration	94
Creating a JITA for a user or group	95
Creating an extendable JITA for a user or group	95
Disabling a JITA for a user or group	96
Advanced Settings	97
Device Administrators group	97
eSATA Support	98
Unmanaged Device Classes	98
Theft recovery	100
Embedded Security for HP ProtectTools (select models only)	101
Setup procedures	102
Enabling the embedded security chip in Computer Setup	102
Initializing the embedded security chip	103
Setting up the basic user account	104
General tasks	105
Using the personal secure drive	105
Encrypting files and folders	105
Sending and receiving encrypted e-mail	105
Changing the Basic User Key password	106
Advanced tasks	107
Backing up and restoring	107
Creating a backup file	107
Restoring certification data from the backup file	107
Changing the owner password	108
Resetting a user password	108
Migrating keys with the Migration Wizard	109
Localized password exceptions	110
Windows IMEs not supported at the Preboot Security level or the HP Drive Encryption level	110
Password changes using keyboard layout that is also supported	111
Special key handling	112
What to do when a password is rejected	114
Glossary	115

Match case Limit results 1 per page

Achieving key security objectives

The HP ProtectTools modules can work together to provide solutions for a variety of security issues,

including the following key security objectives:

●

Protecting against targeted theft

●

Restricting access to sensitive data

●

Preventing unauthorized access from internal or external locations

●

Creating strong password policies

Protecting against targeted theft

An example of targeted theft would be the theft of a computer containing confidential data and

customer information at an airport security checkpoint. The following features help protect against

targeted theft:

●

The pre-boot authentication feature, if enabled, helps prevent access to the operating system.

Refer to the following chapters:

◦

Security Manager for HP ProtectTools

◦

Embedded Security for HP ProtectTools

◦

Drive Encryption for HP ProtectTools

●

The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools

module, encrypts sensitive data to help ensure that it cannot be accessed without authentication.

Refer to the following chapter:

◦

Embedded Security for HP ProtectTools

●

Computrace can track the computer's location after a theft. Refer to the following chapter:

◦

Computrace for HP ProtectTools

Restricting access to sensitive data

Suppose a contract auditor is working onsite and has been given computer access to review sensitive

financial data; you do not want the auditor to be able to print the files or save them to a writable

device such as a CD. The following feature helps restrict access to data:

●

Device Access Manager for HP ProtectTools allows IT managers to restrict access to writable

devices so sensitive information cannot be printed or copied from the hard drive onto removable

media.

Preventing unauthorized access from internal or external locations

Unauthorized access to an unsecured business computer presents a very real risk to corporate

network resources such as information from financial services, an executive, or the R&D team, and to

Chapter 1

Introduction to security