HP EliteDesk 800 G8 TamperLock User Guide - Page 8
Policy settings
![]() |
View all HP EliteDesk 800 G8 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 8 highlights
4 Policy settings You can use HP Client Management tools to view and configure HP TamperLock policies as BIOS settings. The associated settings control the HP TamperLock capability enablement as well as the actions taken when the cover is removed. Table 4-1 TamperLock policy settings Settings Description Default HP Recommended Cover opening sensor ● Disabled-No action taken when cover is removed. Disabled ● Notify the user-Displays warning message on the next startup when the cover is opened. ● Administrator Credential-This setting requires entering the administrator password or the one-time-PIN (when HP Sure Admin is enabled) before continuing startup after the cover is opened. To enable this setting, you must set a password or enable HP Sure Admin Enhanced BIOS Authentication Mode with a local access key set. ● Administrator Password-Same behavior as Administrator Credential (This setting name is present to maintain compatability with earlier setting management software that supported the cover opening sensor). Administrator Credential or Administrator Password Power off upon cover opening Only available when cover opening sensor is not set to Disabled. Disabled Disabled-if system is in on or sleep state when cover is removed, it remains in that state. Enabled-the system immediately turns off if the cover is removed while the system is on or sleep (S3 or Modern Standby). Enabled Clear TPM on boot after cover opening Only available when cover opening sensor is not disabled. Disabled ● Disabled-No change to TPM state when cover is removed. ● Enabled-TPM is cleared on the next startup after the cover is removed. All customer keys in the TPM are cleared. NOTE: Enable this setting only when manual recovery is possible from remote backup or when you do not want recovery. If BitLocker is enabled, the drive cannot be decrypted without the BitLocker recovery key. Depends on Customer requirements. Pre-boot DMA protection Thunderbolt Only-Input-Output Memory Thunderbolt Only All PCI-Devices Management Unit (IOMMU) hardware-based DMA 4 Chapter 4 Policy settings
![](/manual_guide/products/hewlettpackard-elitedesk-800-g8-tamperlock-user-guide-22c0333/8.png)