Home » HP Manuals » Laptops » HP ProBook 6440b » Manual Viewer

HP ProBook 6440b ProtectTools (Select Models Only) - Vista - Page 13

Additional security elements, Assigning security roles, Managing HP ProtectTools passwords, CAUTION

Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

Additional security elements Assigning security roles In managing computer security (particularly for large organizations), one important practice is to divide responsibilities and rights among various types of administrators and users. NOTE: In a small organization or for individual use, these roles may all be held by the same person. For HP ProtectTools, the security duties and privileges can be divided into the following roles: ● Security officer-Defines the security level for the company or network and determines the security features to deploy, such as Java™ Cards, biometric readers, or USB tokens. NOTE: Many of the features in HP ProtectTools can be customized by the security officer in cooperation with HP. For more information, see the HP Web site at http://www.hp.com. ● IT administrator-Applies and manages the security features defined by the security officer. Can also enable and disable some features. For example, if the security officer has decided to deploy Java Cards, the IT administrator can enable Java Card BIOS security mode. ● User-Uses the security features. For example, if the security officer and IT administrator have enabled Java Cards for the system, the user can set the Java Card PIN and use the card for authentication. CAUTION: Administrators are encouraged to follow "best practices" in restricting end-user privileges and restricting user access. Unauthorized users should not be granted administrative privileges. Managing HP ProtectTools passwords Most of the HP ProtectTools Security Manager features are secured by passwords. The following table lists the commonly used passwords, the software module where the password is set, and the password function. The passwords that are set and used by IT administrators only are indicated in this table as well. All other passwords may be set by regular users or administrators. HP ProtectTools password Security Manager logon password Security Manager recovery file password Java™ Card PIN Set in this HP ProtectTools Function module Security Manager Security Manager, by IT administrator Java Card Security This password offers 2 options: ● It can be used as a Security Manager logon to access Security Manager after logging on to Windows. ● It can be used to allow access to Windows and Security Manager simultaneously. Protects access to the Security Manager recovery file. Protects access to the Java Card contents and authenticates users of the Java Card. When used for power-on authentication, the Java Card PIN also protects access to the Additional security elements 5

Section	Page
Introduction to security	9
HP ProtectTools features	10
Achieving key security objectives	11
Protecting against targeted theft	11
Restricting access to sensitive data	11
Preventing unauthorized access from internal or external locations	11
Creating strong password policies	12
Additional security elements	13
Assigning security roles	13
Managing HP ProtectTools passwords	13
Creating a secure password	15
Backing up and restoring HP ProtectTools credentials	15
Getting started	16
Opening HP ProtectTools Administrative Console	17
Enabling security features	18
Enrolling your fingerprints	19
Setting up a smart card	20
Using Administrative Console	21
Configuring your system	22
Setting up authentication for your computer	23
Logon Policy	23
Session Policy	23
Settings	24
Managing users	25
Specifying device settings	26
Fingerprints	26
Smart card	26
Configuring your applications	27
General tab	28
Applications tab	29
Adding management tools	30
HP ProtectTools Security Manager	31
Setup procedures	32
Getting started	32
Registering credentials	32
Enrolling your fingerprints	32
Changing your Windows password	33
Setting up a smart card	33
Using the Security Manager dashboard	33
Opening HP ProtectTools Security Manager	34
General tasks	35
Password Manager	35
For web pages or programs where a logon has not yet been created	35
For web pages or programs where a logon has already been created	35
Adding logons	36
Editing logons	37
Using the logons menu	37
Organizing logons into categories	37
Managing your logons	38
Assessing your password strength	38
Password Manager icon settings	38
Settings	39
Credentials	39
Your personal ID card	40
Setting your preferences	40
Backing up and restoring your data	41
Adding applications	42
Security Applications Status	42
Drive Encryption for HP ProtectTools (select models only)	43
Setup procedures	44
Opening Drive Encryption	44
General tasks	45
Activating Drive Encryption	45
Deactivating Drive Encryption	45
Logging in after Drive Encryption is activated	45
Protect your data by encrypting your hard drive	46
Displaying encryption status	46
Advanced tasks	47
Managing Drive Encryption (administrator task)	47
Encrypting or decrypting individual drives	47
Backup and recovery (administrator task)	47
Creating backup keys	47
Performing a recovery	48
Privacy Manager for HP ProtectTools (select models only)	49
Setup procedures	50
Opening Privacy Manager	50
Managing Privacy Manager Certificates	50
Requesting and installing a Privacy Manager Certificate	50
Requesting a Privacy Manager Certificate	51
Obtaining a preassigned Privacy Manager Corporate Certificate	51
Installing a Privacy Manager Certificate	51
Viewing Privacy Manager Certificate details	52
Renewing a Privacy Manager Certificate	52
Setting a default Privacy Manager Certificate	52
Deleting a Privacy Manager Certificate	52
Restoring a Privacy Manager Certificate	53
Revoking your Privacy Manager Certificate	53
Managing Trusted Contacts	53
Adding Trusted Contacts	54
Adding a Trusted Contact	54
Adding Trusted Contacts using Microsoft Outlook contacts	55
Viewing Trusted Contact details	55
Deleting a Trusted Contact	56
Checking revocation status for a Trusted Contact	56
General tasks	57
Using Privacy Manager in Microsoft Outlook	57
Configuring Privacy Manager for Microsoft Outlook	57
Signing and sending an e-mail message	57
Sealing and sending an e-mail message	58
Viewing a sealed e-mail message	58
Using Privacy Manager in a Microsoft Office 2007 document	58
Configuring Privacy Manager for Microsoft Office	59
Signing a Microsoft Office document	59
Adding a signature line when signing a Microsoft Word or Microsoft Excel document	59
Adding suggested signers to a Microsoft Word or Microsoft Excel document	59
Adding a suggested signer's signature line	60
Encrypting a Microsoft Office document	60
Removing encryption from a Microsoft Office document	61
Sending an encrypted Microsoft Office document	61
Viewing a signed Microsoft Office document	61
Viewing an encrypted Microsoft Office document	62
Using Privacy Manager in Windows Live Messenger	62
Starting a Privacy Manager Chat session	62
Configuring Privacy Manager for Windows Live Messenger	63
Chatting in the Privacy Manager Chat window	63
Viewing chat history	64
Reveal all sessions	64
Reveal sessions for a specific account	65
View a session ID	65
View a session	65
Search sessions for specific text	65
Delete a session	65
Add or remove columns	66
Filter displayed sessions	66
Displaying sessions for a specific account	66
Displaying sessions for a range of dates	66
Displaying sessions that are saved in a folder other than the default folder	66
Advanced tasks	67
Migrating Privacy Manager Certificates and Trusted Contacts to a different computer	67
Backing up Privacy Manager Certificates and Trusted Contacts	67
Restoring Privacy Manager Certificates and Trusted Contacts	67
Central administration of Privacy Manager	68
File Sanitizer for HP ProtectTools	69
Shredding	70
Free space bleaching	71
Setup procedures	72
Opening File Sanitizer	72
Setting a shred schedule	72
Setting a free space bleaching schedule	72
Selecting or creating a shred profile	73
Selecting a predefined shred profile	73
Customizing a shred profile	73
Customizing a simple delete profile	74
General tasks	75
Using a key sequence to initiate shredding	75
Using the File Sanitizer icon	76
Manually shredding one asset	76
Manually shredding all selected items	76
Manually activating free space bleaching	77
Aborting a shred or free space bleaching operation	77
Viewing the log files	77
Device Access Manager for HP ProtectTools (select models only)	78
Setup Procedures	79
Opening Device Access Manager	79
Configuring device access	79
Device administrators group	79
Simple Configuration	79
Starting background service	80
Device Class Configuration	81
Denying access to a user or group	82
Allowing access for a user or a group	83
Removing access for a user or a group	83
Allowing access to a class of devices for one user of a group	84
Allowing access to a specific device for one user of a group	84
Resetting the configuration	84
Advanced tasks	86
Controlling access to the configuration settings	86
Granting access to an existing group or user	86
Denying access to an existing group or user	87
Adding a new group or user	87
Removing group or user access	87
Related documentation	87
LoJack Pro for HP ProtectTools	88
Troubleshooting	89
HP ProtectTools Security Manager	89
Device Access Manager for HP ProtectTools	91
Miscellaneous	93
Glossary	94

Match case Limit results 1 per page

Additional security elements

Assigning security roles

In managing computer security (particularly for large organizations), one important practice is to divide

responsibilities and rights among various types of administrators and users.

NOTE:

In a small organization or for individual use, these roles may all be held by the same person.

For HP ProtectTools, the security duties and privileges can be divided into the following roles:

●

Security officer—Defines the security level for the company or network and determines the security

features to deploy, such as Java™ Cards, biometric readers, or USB tokens.

NOTE:

Many of the features in HP ProtectTools can be customized by the security officer in

cooperation with HP. For more information, see the HP Web site at

http://www.hp.com

●

IT administrator—Applies and manages the security features defined by the security officer. Can

also enable and disable some features. For example, if the security officer has decided to deploy

Java Cards, the IT administrator can enable Java Card BIOS security mode.

●

User—Uses the security features. For example, if the security officer and IT administrator have

enabled Java Cards for the system, the user can set the Java Card PIN and use the card for

authentication.

CAUTION:

Administrators are encouraged to follow “best practices” in restricting end-user privileges

and restricting user access.

Unauthorized users should not be granted administrative privileges.

Managing HP ProtectTools passwords

Most of the HP ProtectTools Security Manager features are secured by passwords. The following table

lists the commonly used passwords, the software module where the password is set, and the password

function.

The passwords that are set and used by IT administrators only are indicated in this table as well. All

other passwords may be set by regular users or administrators.

HP ProtectTools password

Set in this HP ProtectTools

module

Function

Security Manager logon

password

Security Manager

This password offers 2 options:

●

It can be used as a Security Manager

logon to access Security Manager after

logging on to Windows.

●

It can be used to allow access to

Windows and Security Manager

simultaneously.

Security Manager recovery file

password

Security Manager, by IT

administrator

Protects access to the Security Manager

recovery file.

Java™ Card PIN

Java Card Security

Protects access to the Java Card contents

and authenticates users of the Java Card.

When used for power-on authentication, the

Java Card PIN also protects access to the

Additional security elements