Compaq dc7900 HP ProtectTools User Guide - Page 15

Protecting against targeted theft An example of this type of incident would be the targeted theft of a computer or its confidential data and customer information. This can easily occur in open office environments or in unsecured areas. The following features help protect the data if the computer is stolen: ● The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See the following procedures: ◦ Credential Manager ◦ Embedded Security ◦ Drive Encryption ● DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. ● The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See the following procedures: ◦ Embedded Security "Setup procedures on page 72" ◦ "Using the Personal Secure Drive on page 74" Restricting access to sensitive data Suppose a contract auditor is working onsite and has been given computer access to review sensitive financial data; you do not want the auditor to be able to print the files or save them to a writeable device such as a CD. The following features help restrict access to data: ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be printed or copied from the hard drive onto removable media. See Device class configuration (advanced) on page 79. ● DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. Preventing unauthorized access from internal or external locations Unauthorized access to an unsecured business PC presents a very tangible risk to corporate network resources such as information from financial services, an executive, or R&D team, and to private ENWW Achieving key security objectives 5