Home » HP Manuals » Laptops » HP 8530p » Manual Viewer

HP 8530p HP ProtectTools - Windows Vista and Windows XP - Page 12

Achieving key security objectives, Protecting against targeted theft - review

UPC - 884962209325

Add to My Manuals
Save this manual to your list of manuals

Page 12 highlights

Achieving key security objectives The HP ProtectTools modules can work together to provide solutions for a variety of security issues, including the following key security objectives: ● Protecting against targeted theft ● Restricting access to sensitive data ● Preventing unauthorized access from internal or external locations ● Creating strong password policies ● Addressing regulatory security mandates Protecting against targeted theft An example of this type of incident would be the targeted theft of a computer containing confidential data and customer information at an airport security checkpoint. The following features help protect against targeted theft: ● The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See the following procedures: ◦ Credential Manager ◦ Embedded Security ◦ Drive Encryption ● DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. ● The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See the following procedures: ◦ Embedded Security "Setup procedures on page 69" ◦ "Using the Personal Secure Drive on page 71" Restricting access to sensitive data Suppose a contract auditor is working onsite and has been given computer access to review sensitive financial data; you do not want the auditor to be able to print the files or save them to a writeable device such as a CD. The following features help restrict access to data: ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be printed or copied from the hard drive onto removable media. See "Device class configuration (advanced) on page 77." ● DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. Preventing unauthorized access from internal or external locations Unauthorized access to an unsecured business PC presents a very tangible risk to corporate network resources such as information from financial services, an executive, or R&D team, and to private 6 Chapter 1 Introduction to security

Section	Page
Introduction to security	7
HP ProtectTools features	8
Accessing HP ProtectTools Security	10
Achieving key security objectives	12
Protecting against targeted theft	12
Restricting access to sensitive data	12
Preventing unauthorized access from internal or external locations	12
Creating strong password policies	13
Additional security elements	14
Assigning security roles	14
Managing HP ProtectTools passwords	14
Creating a secure password	16
Backing up and restoring HP ProtectTools credentials	16
Backing up credentials and settings	16
Credential Manager for HP ProtectTools	17
Setup procedures	17
Logging on to Credential Manager	17
Using the Credential Manager Logon Wizard	18
Registering credentials	18
Registering fingerprints	18
Setting up the fingerprint reader	19
Using your registered fingerprint to log on to Windows	19
Registering a Smart Card or Token	19
Registering other credentials	20
General tasks	21
Creating a virtual token	21
Changing the Windows logon password	21
Changing a token PIN	21
Locking the computer (workstation)	22
Using Windows Logon	22
Logging on to Windows with Credential Manager	22
Using Single Sign On	23
Registering a new application	23
Using automatic registration	23
Using manual (drag and drop) registration	24
Managing applications and credentials	24
Modifying application properties	24
Removing an application from Single Sign On	24
Exporting an application	24
Importing an application	25
Modifying credentials	25
Using Application Protection	26
Restricting access to an application	26
Removing protection from an application	26
Changing restriction settings for a protected application	27
Advanced tasks (administrator only)	28
Specifying how users and administrators log on	28
Configuring custom authentication requirements	29
Configuring credential properties	29
Configuring Credential Manager settings	30
Example 1—Using the “Advanced Settings” page to allow Windows logon from Credential Manager	30
Example 2—Using the “Advanced Settings” page to require user verification before Single Sign On	31
Drive Encryption for HP ProtectTools (select models only)	32
Setup procedures	32
Opening Drive Encryption	32
General tasks	33
Activating Drive Encryption	33
Deactivating Drive Encryption	33
Logging in after Drive Encryption is activated	33
Advanced tasks	34
Managing Drive Encryption (administrator task)	34
Activating a TPM-protected password (select models only)	34
Encrypting or decrypting individual drives	34
Backup and recovery (administrator task)	34
Creating backup keys	34
Registering for online recovery	35
Managing an existing online recovery account	36
Performing a recovery	36
Privacy Manager for HP ProtectTools (select models only)	38
Opening Privacy Manager	39
Setup procedures	40
Managing Privacy Manager Certificates	40
Requesting and installing a Privacy Manager Certificate	40
Requesting a Privacy Manager Certificate	40
Installing a Privacy Manager Certificate	40
Viewing Privacy Manager Certificate details	41
Renewing a Privacy Manager Certificate	41
Setting a default Privacy Manager Certificate	41
Deleting a Privacy Manager Certificate	41
Restoring a Privacy Manager Certificate	42
Revoking your Privacy Manager Certificate	42
Managing Trusted Contacts	42
Adding Trusted Contacts	43
Adding a Trusted Contact	43
Adding Trusted Contacts using your Microsoft Outlook address book	44
Viewing Trusted Contact details	44
Deleting a Trusted Contact	44
Checking revocation status for a Trusted Contact	45
General tasks	46
Using Privacy Manager in Microsoft Office	46
Using Privacy Manager in Microsoft Outlook	49
Using Privacy Manager in Windows Live Messenger	50
Advanced tasks	54
Migrating Privacy Manager Certificates and Trusted Contacts to a different computer	54
Exporting Privacy Manager Certificates and Trusted Contacts	54
Importing Privacy Manager Certificates and Trusted Contacts	54
File Sanitizer for HP ProtectTools	55
Setup procedures	56
Opening File Sanitizer	56
Setting a shred schedule	56
Setting a free space bleaching schedule	57
Selecting or creating a shred profile	57
Selecting a predefined shred profile	57
Customizing a shred profile	57
Customizing a simple delete profile	58
Setting a shred schedule	59
Setting a free space bleaching schedule	59
Selecting or creating a shred profile	60
Selecting a predefined shred profile	60
Customizing a shred profile	60
Customizing a simple delete profile	61
General tasks	62
Using a key sequence to initiate shredding	62
Using the File Sanitizer icon	62
Manually shredding one asset	62
Manually shredding all selected items	63
Manually activating free space bleaching	63
Aborting a shred or free space bleaching operation	63
Viewing the log files	64
BIOS Configuration for HP ProtectTools	65
General tasks	66
Accessing BIOS Configuration	66
Viewing or changing settings	67
Viewing system information	67
Advanced tasks	68
Setting security options	68
Setting system configuration options	69
Embedded Security for HP ProtectTools (select models only)	74
Setup procedures	75
Enabling the embedded security chip	75
Initializing the embedded security chip	76
Setting up the basic user account	76
General tasks	77
Using the Personal Secure Drive	77
Encrypting files and folders	77
Sending and receiving encrypted e-mail	77
Changing the Basic User Key password	78
Advanced tasks	78
Backing up and restoring	78
Creating a backup file	78
Restoring certification data from the backup file	78
Changing the owner password	79
Resetting a user password	79
Enabling and disabling Embedded Security	79
Permanently disabling Embedded Security	79
Enabling Embedded Security after permanent disable	79
Migrating keys with the Migration Wizard	80
Device Access Manager for HP ProtectTools (select models only)	81
Starting background service	81
Simple configuration	82
Device class configuration (advanced)	83
Adding a user or a group	83
Removing a user or a group	83
Denying access to a user or group	83
Allowing access to a device class for one user of a group	83
Allowing access to a specific device for one user of a group	84
Troubleshooting	85
Credential Manager for HP ProtectTools	85
Embedded Security for HP ProtectTools (select models only)	88
Device Access Manager for HP ProtectTools	94
Miscellaneous	95
Glossary	98

Match case Limit results 1 per page

Achieving key security objectives

The HP ProtectTools modules can work together to provide solutions for a variety of security issues,

including the following key security objectives:

●

Protecting against targeted theft

●

Restricting access to sensitive data

●

Preventing unauthorized access from internal or external locations

●

Creating strong password policies

●

Addressing regulatory security mandates

Protecting against targeted theft

An example of this type of incident would be the targeted theft of a computer containing confidential

data and customer information at an airport security checkpoint. The following features help protect

against targeted theft:

●

The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See

the following procedures:

◦

Credential Manager

◦

Embedded Security

◦

Drive Encryption

●

DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and

installed into an unsecured system.

●

The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools

module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See

the following procedures:

◦

Embedded Security “

Setup procedures

on page

”

◦

“

Using the Personal Secure Drive

on page

”

Restricting access to sensitive data

Suppose a contract auditor is working onsite and has been given computer access to review sensitive

financial data; you do not want the auditor to be able to print the files or save them to a writeable device

such as a CD. The following features help restrict access to data:

●

Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable

devices so sensitive information cannot be printed or copied from the hard drive onto removable

media. See “

Device class configuration (advanced)

on page

.”

●

DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and

installed into an unsecured system.

Preventing unauthorized access from internal or external locations

Unauthorized access to an unsecured business PC presents a very tangible risk to corporate network

resources such as information from financial services, an executive, or R&D team, and to private

Chapter 1

Introduction to security