Home » HP Manuals » Desktops » HP 600B » Manual Viewer

HP 600B HP ProtectTools Security Software,Version 6.0 User Guide - Page 19

Additional security elements, Assigning security roles, Managing HP ProtectTools passwords

Add to My Manuals
Save this manual to your list of manuals

Page 19 highlights

Additional security elements Assigning security roles In managing computer security, one important practice is to divide responsibilities and rights among various types of administrators and users. NOTE: In a small organization or for individual use, these roles may all be held by the same person. For HP ProtectTools, the security duties and privileges can be divided into the following roles: ● Security officer-Defines the security level for the company or network and determines the security features to deploy, such as Drive Encryption or Embedded Security. ● IT administrator-Applies and manages the security features defined by the security officer. Can also enable and disable some features. For example, if the security officer has decided to deploy Smart Cards, the IT administrator can enable both password and Smart Card mode. ● User-Uses the security features. For example, if the security officer and IT administrator have enabled Smart Cards for the system, the user can use the card for authentication. Managing HP ProtectTools passwords Most of the HP ProtectTools Security Manager features are secured by passwords. The following table lists the commonly used passwords, the software module where the password is set, and the password function. The passwords that are set and used by IT administrators only are indicated in this table as well. All other passwords may be set by regular users or administrators. HP ProtectTools password Password Manager logon password Set in this HP ProtectTools module Password Manager Basic User Key password NOTE: Also known as: Embedded Security password Embedded Security Emergency Recovery Token password Embedded Security, by IT administrator NOTE: Also known as: Emergency Recovery Token Key password Owner password Embedded Security, by IT administrator Function This password offers 2 options: ● It can be used in a separate logon to access Password Manager after logging on to Windows. ● It can be used in place of the Windows logon process, allowing access to Windows and Password Manager simultaneously. Used to access Embedded Security features, such as secure e-mail, file, and folder encryption. When used for power-on authentication, also protects access to the computer contents when the computer is turned on, restarted, or restored from hibernation. Protects access to the Emergency Recovery Token, which is a backup file for the embedded security chip. Protects the system and the TPM chip from unauthorized access to all owner functions of Embedded Security. ENWW Additional security elements 9

Section	Page
Introduction to security	11
HP ProtectTools features	12
HP ProtectTools security products description and common use examples	13
Credential Manager (Password Manager) for HP ProtectTools	13
Embedded Security for HP ProtectTools	14
Drive Encryption for HP ProtectTools	14
File Sanitizer for HP ProtectTools	15
Device Access Manager for HP ProtectTools	15
Privacy Manager for HP ProtectTools	15
Computrace for HP ProtectTools (formerly known as LoJack Pro)	16
Accessing HP ProtectTools Security	16
Achieving key security objectives	16
Protecting against targeted theft	17
Restricting access to sensitive data	17
Preventing unauthorized access from internal or external locations	18
Creating strong password policies	18
Additional security elements	19
Assigning security roles	19
Managing HP ProtectTools passwords	19
Creating a secure password	20
Backing up credentials and settings	21
HP ProtectTools Security Manager Administrative Console	22
About HP ProtectTools Administrative Console	22
Using the Administrative Console	22
Getting Started - Setup Wizard	23
Configuring your system	23
Enabling security features	24
Defining Security Manager authentication policies	24
Logon tab	24
Session tab	24
Defining Settings	25
Managing Users	25
Adding a user	25
Removing a user	26
Checking user status	26
Specifying device settings	26
Configuring Applications Settings	26
Encrypting Drives	27
Managing Device Access	27
HP ProtectTools Security Manager	28
Logging in after Security Manager is configured	28
Managing passwords	29
Setting credentials	29
Changing your Windows password	29
Setting up a Smart Card	29
Initializing the Smart Card	30
Registering the Smart Card	30
Managing communication privacy	30
Shredding or bleaching files	31
Viewing drive encryption status	31
Viewing device access	31
Activating theft recovery	31
Adding applications	32
Setting preferences	32
Backup and Restore	32
Backing up your data	32
Restoring your data	33
Changing your Windows user name and picture	34
Password Manager for HP ProtectTools	35
Adding logons	36
Editing logons	36
Using the Logons menu	37
Organizing logons into categories	37
Managing your logons	38
Assessing your password strength	38
Password Manager Icon settings	38
Drive Encryption for HP ProtectTools	39
Setup procedures	40
Opening Drive Encryption	40
General tasks	40
Activating Drive Encryption	40
Deactivating Drive Encryption	40
Logging in after Drive Encryption is activated	40
Advanced tasks	40
Managing Drive Encryption (administrator task)	40
Activating a TPM-protected password	40
Encrypting or decrypting individual drives	41
Backup and recovery (administrator task)	41
Creating backup keys	41
Privacy Manager for HP ProtectTools	42
Opening Privacy Manager	42
Setup procedures	42
Managing Privacy Manager Certificates	42
Requesting and installing a Privacy Manager Certificate	42
Requesting a Privacy Manager Certificate	43
Installing a Privacy Manager Certificate	43
Viewing Privacy Manager Certificate details	43
Renewing a Privacy Manager Certificate	44
Setting a default Privacy Manager Certificate	44
Deleting a Privacy Manager Certificate	44
Restoring a Privacy Manager Certificate	44
Revoking your Privacy Manager Certificate	45
Managing Trusted Contacts	45
Adding Trusted Contacts	45
Adding a Trusted Contact	46
Adding Trusted Contacts using your Microsoft Outlook address book	46
Viewing Trusted Contact details	47
Deleting a Trusted Contact	47
Checking revocation status for a Trusted Contact	47
General tasks	47
Using Privacy Manager in Microsoft Office	47
Using Privacy Manager in Microsoft Outlook	51
Advanced tasks	52
Migrating Privacy Manager Certificates and Trusted Contacts to a different computer	52
Exporting Privacy Manager Certificates and Trusted Contacts	52
Importing Privacy Manager Certificates and Trusted Contacts	52
File Sanitizer for HP ProtectTools	53
Setup procedures	53
Opening File Sanitizer	53
Setting a free space bleaching schedule	54
Setting a shred schedule	54
Selecting or creating a shred profile	54
Selecting a predefined shred profile	54
Customizing an advanced security shred profile	55
Customizing a simple delete profile	55
General tasks	56
Using a key sequence to initiate shredding	56
Using the File Sanitizer icon	56
Manually shredding one asset	57
Manually shredding all selected items	57
Manually activating free space bleaching	57
Aborting a shred or free space bleaching operation	58
Viewing the log files	58
Embedded Security for HP ProtectTools	59
Setup procedures	59
Installing Embedded Security for HP ProtectTools (if necessary)	59
Enabling the embedded security chip in Computer Setup	59
Initializing the embedded security chip	60
Setting up the basic user account	60
General tasks	61
Using the Personal Secure Drive	61
Encrypting files and folders	61
Sending and receiving encrypted e-mail	61
Advanced tasks	62
Backing up and restoring	62
Creating a backup file	62
Restoring certification data from the backup file	62
Changing the owner password	62
Resetting a user password	62
Migrating keys with the Migration Wizard	62
Device Access Manager for HP ProtectTools	63
Starting background service	63
Simple configuration	63
Device class configuration (advanced)	64
Adding a user or a group	64
Removing a user or a group	64
Denying or allowing access to a user or group	64
Just In Time Authentication (JITA) Configuration	64
Creating a JITA for a user or group	65
Creating an extendable JITA for a user or group	65
Disabling a JITA for a user or group	66
Advanced Settings	66
Computrace for HP ProtectTools	67
Glossary	68

Match case Limit results 1 per page

Additional security elements

Assigning security roles

In managing computer security, one important practice is to divide responsibilities and rights among

various types of administrators and users.

NOTE:

In a small organization or for individual use, these roles may all be held by the same person.

For HP ProtectTools, the security duties and privileges can be divided into the following roles:

●

Security officer—Defines the security level for the company or network and determines the

security features to deploy, such as Drive Encryption or Embedded Security.

●

IT administrator—Applies and manages the security features defined by the security officer. Can

also enable and disable some features. For example, if the security officer has decided to deploy

Smart Cards, the IT administrator can enable both password and Smart Card mode.

●

User—Uses the security features. For example, if the security officer and IT administrator have

enabled Smart Cards for the system, the user can use the card for authentication.

Managing HP ProtectTools passwords

Most of the HP ProtectTools Security Manager features are secured by passwords. The following

table lists the commonly used passwords, the software module where the password is set, and the

password function.

The passwords that are set and used by IT administrators only are indicated in this table as well. All

other passwords may be set by regular users or administrators.

HP ProtectTools password

Set in this

HP ProtectTools module

Function

Password Manager logon

password

Password Manager

This password offers 2 options:

●

It can be used in a separate logon to

access Password Manager after

logging on to Windows.

●

It can be used in place of the

Windows logon process, allowing

access to Windows and Password

Manager simultaneously.

Basic User Key password

NOTE:

Also known as:

Embedded Security password

Embedded Security

Used to access Embedded Security

features, such as secure e-mail, file, and

folder encryption. When used for power-on

authentication, also protects access to the

computer contents when the computer is

turned on, restarted, or restored from

hibernation.

Emergency Recovery Token

password

NOTE:

Also known as:

Emergency Recovery Token Key

password

Embedded Security, by IT

administrator

Protects access to the Emergency

Recovery Token, which is a backup file for

the embedded security chip.

Owner password

Embedded Security, by IT

administrator

Protects the system and the TPM chip from

unauthorized access to all owner functions

of Embedded Security.

ENWW

Additional security elements