HP Compaq dc7900 USDT User Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Software
  5. Compaq dc7900 Business PC
  6. User manual

HP Compaq dc7900 USDT User Manual

Hp compaq dc7900 usdt: supplementary guide
Hide thumbs Also See for Compaq dc7900 USDT:
Table of Contents

Advertisement

Quick Links

See also: Troubleshooting Manual , Service Reference Manual
HP ProtectTools
User Guide

Advertisement

Table of Contents
loading

Related Manuals for HP Compaq dc7900 USDT

Summary of Contents for HP Compaq dc7900 USDT

  • Page 1 HP ProtectTools User Guide...
  • Page 2 Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. This document contains proprietary information that is protected by copyright.

  • Page 3: About This Book

    About This Book This guide provides basic information for upgrading this computer model. WARNING! Text set off in this manner indicates that failure to follow directions could result in bodily harm or loss of life. CAUTION: Text set off in this manner indicates that failure to follow directions could result in damage to equipment or loss of information.
  • Page 4 About This Book ENWW...

  • Page 5: Table Of Contents

    2 HP ProtectTools Security Manager for Administrators About HP ProtectTools Security Manager for Administrators ... 10 Getting Started - Configuring HP ProtectTools Security Manager for Administrators ... 11 Getting Started - Configuring user security login methods ... 13 Logging in after Security Manager is configured ... 14 Administrator Tools - Managing users (administrator task) ...
  • Page 6 Settings ... 19 3 Credential Manager for HP ProtectTools Setup procedures ... 20 Logging on to Credential Manager ... 20 Registering credentials ... 21 General tasks ... 23 Creating a virtual token ... 23 Changing the Windows logon password ... 23 Changing a token PIN ...
  • Page 7 Logging in after Drive Encryption is activated ... 32 Advanced tasks ... 33 Managing Drive Encryption (administrator task) ... 33 Backup and recovery (administrator task) ... 33 5 Privacy Manager for HP ProtectTools Opening Privacy Manager ... 37 Setup procedures ... 38 Managing Privacy Manager Certificates ... 38 Requesting and installing a Privacy Manager Certificate ...
  • Page 8 Manually activating free space bleaching ... 60 Aborting a shred or free space bleaching operation ... 61 Viewing the log files ... 61 7 Java Card Security for HP ProtectTools General tasks ... 62 Changing a Java Card PIN ... 62 Selecting the card reader ...
  • Page 9 Denying access to a user or group ... 79 11 Troubleshooting Credential Manager for HP ProtectTools ... 80 Embedded Security for HP ProtectTools ... 83 Device Access Manager for HP ProtectTools ... 89 Miscellaneous ... 90 Glossary ... 93 Index ... 97 ENWW Creating a backup file ...
  • Page 10 ENWW...

  • Page 11: Introduction To Security

    NOTE: Credential Manager, Java Card Security, and Drive Encryption are configured using the Security Manager setup wizard. HP ProtectTools software modules may be preinstalled, preloaded, or available as a configurable option or as an after market option. Visit NOTE: The instructions in this guide are written with the assumption that you have already installed the applicable HP ProtectTools software modules.

  • Page 12: Hp Protecttools Features

    HP ProtectTools features The following table details the key features of HP ProtectTools modules: Module HP ProtectTools Security Manager for Administrators Credential Manager for HP ProtectTools Drive Encryption for HP ProtectTools Privacy Manager for HP ProtectTools File Sanitizer for HP ProtectTools...
  • Page 13 Module BIOS Configuration for HP ProtectTools Embedded Security for HP ProtectTools Device Access Manager for HP ProtectTools ENWW Key features ● BIOS Configuration provides access to power-on user and administrator password management. ● BIOS Configuration provides an alternative to the pre-boot BIOS configuration utility known as Computer Setup.

  • Page 14: Accessing Hp Protecttools Security

    Logging on to Windows with Credential Manager on page Achieving key security objectives The HP ProtectTools modules can work together to provide solutions for a variety of security issues, including the following key security objectives: ● Protecting against targeted theft ●...

  • Page 15: Protecting Against Targeted Theft

    CD. The following features help restrict access to data: ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be printed or copied from the hard drive onto removable media.

  • Page 16: Creating Strong Password Policies

    Credential Manager ◦ “Using Single Sign On on page ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be copied from the hard drive. See on page ● The Personal Secure Drive feature encrypts sensitive data to help ensure it cannot be accessed without authentication using the following procedures: ◦...

  • Page 17: Additional Security Elements

    NOTE: In a small organization or for individual use, these roles may all be held by the same person. For HP ProtectTools, the security duties and privileges can be divided into the following roles: ● Security officer—Defines the security level for the company or network and determines the security features to deploy, such as Java™...
  • Page 18 Setup, or Security Setup password Power-on password Windows Logon password Chapter 1 Introduction to security Set in this HP ProtectTools Function module Embedded Security, by IT Protects the system and the TPM chip from administrator unauthorized access to all owner functions of Embedded Security.

  • Page 19: Creating A Secure Password

    Do not share accounts or tell anyone your password. Backing up and restoring HP ProtectTools credentials To back up and restore credentials from all supported HP ProtectTools modules, reference the following: Backing up credentials and settings You can back up credentials in the following ways: ●...

  • Page 20: Hp Protecttools Security Manager For Administrators

    Use the modules HP ProtectTools Security Manager for Administrators for the initial security setup. The Security Manager centralized user interface has the following features: ●...

  • Page 21: Getting Started - Configuring Hp Protecttools Security Manager For Administrators

    The setup wizard guides the Windows administrator through configuring Security Manager: In HP ProtectTools Security Manager for Administrators, click Getting Started, and then click the Security Manager Setup button. A demonstration that describes the Security Manager features may start.
  • Page 22 CAUTION: methods (Windows password, fingerprint authentication, and/or the HP ProtectTools Java™ Card), that user will not be able to log in to the computer. It is recommended that all users first configure their login methods before this option is selected.

  • Page 23: Getting Started - Configuring User Security Login Methods

    Repeat the process to register a second finger then click Finish. ● “Register an HP ProtectTools Java Card” - Insert the HP ProtectTools Java Card, enter the Java Card PIN, then click Finish. On the “Congratulations” page, review your selections, and then click Done.

  • Page 24: Logging In After Security Manager Is Configured

    Windows. ● If the HP Credential Manager level of security has been configured and all of the security login methods are required, users must log in using all of the configured methods when the Credential Manager login screen opens. This action logs the user in to Windows.

  • Page 25: Administrator Tools - Managing Users (Administrator Task)

    Type the Windows password for the selected account, and then click OK. NOTE: If the user will be logging in with the fingerprint and/or HP ProtectTools Java Card security login method, he or she must now log in to the computer and run the setup wizard to configure those security login methods.

  • Page 26: Checking User Status

    Blank - Indicates that a security login method is not required. Backup and Restore HP ProtectTools Backup and Restore provides a central location from which you can back up and restore security credentials from installed HP ProtectTools modules. In Security Manager, click Backup and Restore, and then click the one of the following buttons: ●...

  • Page 27: Using The Backup Wizard

    Therefore, HP recommends that you store the storage file and the token file on two different removable media that are stored in different locations.

  • Page 28: Backup Complete

    If necessary, type the password for the file. Click Next. The “Security Modules” page opens. Security Modules This page displays all installed modules that have backup data in the file selected in the “File Location” page. Chapter 2 HP ProtectTools Security Manager for Administrators ENWW...

  • Page 29: Confirmation

    ● Click Finish to exit the wizard. Settings IN HP ProtectTools Security Manager for Administrators, click Settings to change the settings options. The following Security Manager settings are available: ● Select the Show icon on the taskbar check box to display a taskbar icon that allows you to start the host and activate a specific page and/or launch a specific application.

  • Page 30: Credential Manager For Hp Protecttools

    ● HP ProtectTools Security Manager for Administrators icon in the notification area ● In Windows Vista®, click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators. ● In Windows XP, click Start, click All Programs, and then click HP ProtectTools Security Manager.

  • Page 31: Using The Credential Manager Logon Wizard

    Windows password. Setting up the fingerprint reader In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. Click My Identity, and then click Register Fingerprints. Follow the on-screen instructions to complete registering your fingerprints and setting up the fingerprint reader.

  • Page 32: Registering A Smart Card Or Token

    You must have a card reader configured for this procedure. If you do not have a reader installed, you can register a virtual token as described in In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. Click My Identity, and then click Register Smart Card or Token.

  • Page 33: General Tasks

    PIN to complete the authentication. To create a new virtual token: In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. Click My Identity, and then click Register Smart Card or Token. On the Device Type dialog box, click Virtual Token, and then click Next.

  • Page 34: Locking The Computer (Workstation)

    For added security, you can configure the Lock Workstation feature to require a Java Card, biometric reader, or token to unlock the computer. For more information, see settings on page In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. Click My Identity. Click Lock Workstation to lock your computer immediately.

  • Page 35: Using Single Sign On

    Select More, and then click Wizard Options. If you want this to be the default user name the next time that you log on to the computer, select the Use last user name on next logon check box. If you want this logon policy to be the default method, select the Use last policy on next logon check box.

  • Page 36: Using Manual (Drag And Drop) Registration

    Using manual (drag and drop) registration In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then click Services and Applications in the left pane. Click Manage Applications and Credentials. The Credential Manager Single Sign On dialog box is displayed.

  • Page 37: Importing An Application

    To export an application: In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then click Services and Applications in the left pane. Click Manage Applications and Credentials. The Credential Manager Single Sign On dialog box is displayed. Click the application entry you want to export, and then click More.

  • Page 38: Using Application Protection

    ● User inactivity Restricting access to an application In HP ProtectTools Security Manage for Administrators, click Credential Manager in the left pane, and then click Services and Applications. Click Application Protection, and then click Manage Protected Applications. Select a category of user whose access you want to manage.

  • Page 39: Changing Restriction Settings For A Protected Application

    On the Credentials tab of the “Multifactor Authentication” page, you can view the list of available authentication methods, and modify the settings. To configure the credentials: In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. Click Multifactor Authentication. Click the Credentials tab.

  • Page 40: Configuring Credential Manager Settings

    Smart Cards and Tokens—Allows you to view and modify properties for all available Java Cards and tokens. To modify Credential Manager settings: In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. Click Settings. Click the appropriate tab for the settings you want to modify.

  • Page 41: Example 2-Using The "Advanced Settings" Page To Require User Verification Before Single Sign On

    The procedure above may be slightly different for Windows XP. Example 2—Using the “Advanced Settings” page to require user verification before Single Sign On In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then click Settings. Click the Single Sign On tab.

  • Page 42: Drive Encryption For Hp Protecttools

    Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. Click Drive Encryption. General tasks Activating Drive Encryption Use the HP ProtectTools Security Manager for Administrators setup wizard to activate Drive Encryption. Deactivating Drive Encryption Use the HP ProtectTools Security Manager for Administrators setup wizard to deactivate Drive Encryption.

  • Page 43: Advanced Tasks

    Drive Encryption (active or inactive) and to view the encryption status of all of the hard drives on the computer. Activating a TPM-protected password Use Embedded Security for HP ProtectTools to activate the TPM. After activation, logging in at the Drive Encryption logon screen requires the Windows user name and password. NOTE: Because the password is protected by a TPM security chip, if the hard drive is moved to another computer, data cannot be accessed unless the TPM settings are migrated to that computer.

  • Page 44: Registering For Online Recovery

    Write down your coupon code, and then return to the “Account Activation” page in the wizard. Enter your account activation code, and then click Next. When the confirmation dialog box opens, click OK. Chapter 4 Drive Encryption for HP ProtectTools ENWW...

  • Page 45: Managing An Existing Online Recovery Account

    Turn on the computer. Insert the removable storage device that stores your backup key. When the Drive Encryption for HP ProtectTools logon dialog box opens, click Cancel. Click Options in the lower-left corner of the screen, and then click Recovery.
  • Page 46 NOTE: This section describes how to perform an online recovery when you have access to a different computer with an Internet connection. If you do not have access to such a computer, contact HP technical support. Turn on the computer.

  • Page 47: Privacy Manager For Hp Protecttools

    Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. Click Privacy Manager: Sign and Chat. – or – Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click Privacy Manager: Sign and Chat, and then click Configuration. – or –...

  • Page 48: Setup Procedures

    This file should be for your use only, and is required in case you need to restore your Privacy Manager Certificate and associated keys. Enter and confirm a password, and then click Next. Chapter 5 Privacy Manager for HP ProtectTools ENWW...

  • Page 49: Viewing Privacy Manager Certificate Details

    Authenticate using your chosen security logon method. If you choose to begin the Trusted Contact invitation process, follow the on-screen instructions. – or – If you click Cancel, refer to Managing Trusted Contacts for information on adding a Trusted Contact at a later time.

  • Page 50: Restoring A Privacy Manager Certificate

    Authenticate using your chosen security logon method. Follow the on-screen instructions. Managing Trusted Contacts Trusted Contacts are users with whom you have exchanged Privacy Manager Certificates, enabling you to securely communicate with one another. Chapter 5 Privacy Manager for HP ProtectTools ENWW...

  • Page 51: Adding Trusted Contacts

    Adding Trusted Contacts You send an e-mail invitation to a Trusted Contact recipient. The Trusted Contact recipient responds to the e-mail. You receive the e-mail response from the Trusted Contact recipient, and click Accept. You can send Trusted Contact e-mail invitations to individual recipients or you can send the invitation to all the contacts in your Microsoft Outlook address book.

  • Page 52: Adding Trusted Contacts Using Your Microsoft Outlook Address Book

    When you have finished viewing the details, click OK. Deleting a Trusted Contact Open Privacy Manager, and click Trusted Contacts Manager. Click the Trusted Contact you want to delete. Click Delete contact. When the confirmation dialog box opens, click Yes. Chapter 5 Privacy Manager for HP ProtectTools ENWW...

  • Page 53: Checking Revocation Status For A Trusted Contact

    Microsoft Word, Microsoft Excel, and Microsoft PowerPoint documents. Configuring Privacy Manager in a Microsoft Office document Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click File Sanitizer, and then click Shred Now.
  • Page 54 Click OK. Adding a suggested signer's signature line When suggested signers open the document, they will see their name in brackets, indicating that their signature is required. Chapter 5 Privacy Manager for HP ProtectTools ENWW...
  • Page 55 To sign the document: Double-click the appropriate signature line. Authenticate using your chosen security logon method. The signature line will be shown according to the settings specified by the owner of the document. Encrypting a Microsoft Office document You can encrypt a Microsoft Office document for you and for your Trusted Contacts. When you encrypt a document and close it, you and the Trusted Contact(s) you select from the list must authenticate before opening it.

  • Page 56: Using Privacy Manager In Microsoft Outlook

    On the toolbar of a Microsoft e-mail message, click the down arrow next to Send Securely, and then click Settings. Select the actions you want to perform when you send a secure e-mail, and then click OK. Chapter 5 Privacy Manager for HP ProtectTools ENWW...

  • Page 57: Using Privacy Manager In Windows Live Messenger

    Signing and sending an e-mail message In Microsoft Outlook, click New or Reply. ▲ Type your e-mail message. ▲ Click the down arrow next to Send Securely, and then click Sign and Send. ▲ Authenticate using your chosen security logon method. ▲...
  • Page 58 Hide all and Show all–Click the appropriate button to expand or collapse the messages shown in the Secure Communications window. You can also hide or show individual messages by clicking the message header. Chapter 5 Privacy Manager for HP ProtectTools ENWW...
  • Page 59 Starting the Chat History viewer Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. Click Privacy Manager: Sign and Chat, and then click Chat History Viewer.
  • Page 60 To add columns to the display: Right-click on any column heading, and then select Add/Remove Columns. Select a column heading in the left panel, and then click Add to move it to the right panel. Chapter 5 Privacy Manager for HP ProtectTools ENWW...
  • Page 61 To remove columns from the display: Right-click on any column heading, and then select Add/Remove Columns. Select a column heading in the right panel, and then click Remove to move it to the left panel. Filter displayed sessions A list of sessions for all of your accounts is displayed in the Chat History Viewer. Displaying sessions for a specific account In the Chat History Viewer, select an account from the Display history for menu.

  • Page 62: Advanced Tasks

    On the “Select Data” page, select the data categories to be included in the migration file, and then click Next. On the “Migration File” page, enter a file name or click Browse to search for a location, and then click Next. On the “Migration File Import” page, click Finish. Chapter 5 Privacy Manager for HP ProtectTools ENWW...

  • Page 63: File Sanitizer For Hp Protecttools

    Free space bleaching provides no additional security to shredded assets. You can set an automatic free space bleaching schedule or you can manually activate free space bleaching using the HP ProtectTools icon in the notification area, at the far right of the taskbar. ENWW...

  • Page 64: Setup Procedures

    Double-click the File Sanitizer icon. – or – ● Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click File Sanitizer, and then click Open File Sanitizer. Setting a free space bleaching schedule...

  • Page 65: Customizing A Shred Profile

    Under Shred the following, select the check box next to each asset that you want to confirm before shredding. Click Apply, and then click OK. Customizing a shred profile When you create a shred profile, you specify the number of shred cycles, which assets to include for shredding, which assets to confirm before shredding, and which assets to exclude from shredding: Open File Sanitizer, and click Settings, click Advanced Security Settings, and then click View Details.

  • Page 66: Setting A Shred Schedule

    URL history, when you close a Web browser. ● Scheduler — Select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to shred selected assets. Click Apply, and then click OK. Chapter 6 File Sanitizer for HP ProtectTools ENWW...

  • Page 67: Setting A Free Space Bleaching Schedule

    Setting a free space bleaching schedule NOTE: Free space bleaching is for those assets that you delete using the Windows Recycle Bin or for manually deleted assets. Free space bleaching provides no additional security to shredded assets. To set a free space bleaching schedule: Open File Sanitizer, and click Free Space Bleaching.

  • Page 68: Customizing A Simple Delete Profile

    To remove an asset from the delete list, click the asset, and then click Remove. Under Do not delete the following, click Add to select the specific assets that you want to exclude from shredding. Chapter 6 File Sanitizer for HP ProtectTools ENWW...

  • Page 69: General Tasks

    Navigate to the document or folder you want to shred. Drag the asset to the File Sanitizer icon on the desktop. When the confirmation dialog box opens, click Yes. Click Yes to confirm that you want to remove the selected user.

  • Page 70: Manually Shredding One Asset

    Shredded assets cannot be recovered. Carefully consider which items you select for manual shredding. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click File Sanitizer, and then click Shred One. When the Browse dialog box opens, navigate to the asset you want to shred, and then click OK.

  • Page 71: Aborting A Shred Or Free Space Bleaching Operation

    Aborting a shred or free space bleaching operation When a shred or free space bleaching operation is in progress, a message above the HP ProtectTools Security Manager for Administrators icon in the notification area is displayed. The message provides details on the shred or free space bleaching process (percentage complete), and gives you the option to abort the operation.

  • Page 72: Java Card Security For Hp Protecttools

    PIN number to grant access – like using an ATM card with a PIN. The Java Card can be used to access Credential Manager, Drive Encryption, HP BIOS, or any number of third party access points.

  • Page 73: Selecting The Card Reader

    Windows Device Manager. To select the card reader: Select Start > All Programs > HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP.

  • Page 74: Assigning A Name To A Java Card

    You must assign a name to a Java Card before it can be used for power-on authentication. To assign a name to a Java Card: Select Start > All Programs > HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP.

  • Page 75: Enabling Java Card Power-On Authentication And Creating An Administrator Java Card

    When you are prompted to create a recovery file, click Cancel to create a recovery file at a later time or click OK and follow the on-screen instructions in the HP ProtectTools Backup Wizard to create a recovery file now.

  • Page 76: Creating A User Java Card

    Java Card. To create a user Java Card: Select Start > All Programs > HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. In the left pane, click Java Card Security, and then click Advanced.

  • Page 77: Bios Configuration For Hp Protecttools

    Configure boot options, which includes enabling MultiBoot and changing the boot order. NOTE: All of the features in BIOS Configuration for HP ProtectTools are also available in F10 Setup. For detailed instructions on using F10 Setup, refer to the Computer Setup (F10) Utility Guide included with your computer or BIOS update.

  • Page 78: General Tasks

    If you enter the Windows password incorrectly, you can only view BIOS configuration settings but not change them. If you are not an HP ProtectTools user, the BIOS Configuration software checks to see whether a BIOS administrator password has been set up.

  • Page 79: Viewing Or Changing Settings

    For more information on Storage options, refer to the Computer Setup (F10) Utility Guide. Security The Security option within BIOS Configuration for HP ProtectTools is the central location for all settings related to security and passwords. The settings included are: ●...

  • Page 80: Power

    Thermal NOTE: For more information on Power options, refer to the Computer Setup (F10) Utility Guide. Advanced The settings within the Advanced option of BIOS Configuration for HP ProtectTools are intended for advanced users. These settings include: ● Power-On Options ●...

  • Page 81: Embedded Security For Hp Protecttools

    Support for third-party applications (such as Microsoft Outlook and Internet Explorer) for protected digital certificate operations when using the Embedded Security software The TPM embedded security chip enhances and enables other HP ProtectTools Security Manager for Administrators security features. For example, Credential Manager for HP ProtectTools can use the embedded chip as an authentication factor when the user logs on to Windows.

  • Page 82: Setup Procedures

    Embedded Security configuration. To save your preferences and exit Computer Setup, use the arrow keys to select File, and click Save Changes and Exit. Then follow the on-screen instructions. Chapter 9 Embedded Security for HP ProtectTools while the ENWW...

  • Page 83: Initializing The Embedded Security Chip

    Basic User Keys for all users. To initialize the embedded security chip: Right-click the HP ProtectTools Security Manager for Administrators icon in the notification area, at the far right of the taskbar, and then select Embedded Security Initialization.

  • Page 84: General Tasks

    Embedded Security enables you to send and receive encrypted e-mail, but the procedures vary depending upon the program you use to access your e-mail. For more information, refer to the Embedded Security software Help, and the software Help for your e-mail program. Chapter 9 Embedded Security for HP ProtectTools ENWW...

  • Page 85: Changing The Basic User Key Password

    Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. In the left pane, click Embedded Security, and then click Backup. In the right pane, click Backup. The HP Embedded Security for ProtectTools Backup Wizard opens. Follow the on-screen instructions.

  • Page 86: Changing The Owner Password

    Changing the owner password To change the owner password: Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. In the left pane, click Embedded Security, and then click Advanced.

  • Page 87: Migrating Keys With The Migration Wizard

    Migrating keys with the Migration Wizard Migration is an advanced administrator task that allows the management, restoration, and transfer of keys and certificates. For details on migration, refer to the Embedded Security software Help. ENWW Advanced tasks...

  • Page 88: Device Access Manager For Hp Protecttools

    10 Device Access Manager for HP ProtectTools This security tool is available to administrators only. Device Access Manager for HP ProtectTools has the following security features that protect against unauthorized access to devices attached to your computer system: ● Device profiles that are created for each user to define device access ●...

  • Page 89: Device Class Configuration (Advanced)

    Adding a user or a group Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. In the left pane, click Device Access Manager, and then click Device Class Configuration.

  • Page 90: 11 Troubleshooting

    Single Sign On, which is available in the Credential Manager software Help files. If a specific Single Sign On cannot be disabled for a given application, call HP technical support and request 3rd-level support through your HP Service contact. The browse option was removed because it allowed non-users to delete and rename files and take control of Windows.
  • Page 91 ROM is restored to factory settings. Solution local PC, Credential Manager can only change the password used to log on. HP is researching a workaround for future product enhancements. HP is researching a workaround for future product enhancements. This is as designed.

  • Page 92: Chapter 11 Troubleshooting

    Manager has the virtual token registered, the user must reregister the token to restore the association. Solution HP is investigating resolution options for future customer software releases. This is currently by design. When uninstalling Credential Manager without keeping identities, the system (server) part of the token is...

  • Page 93: Embedded Security For Hp Protecttools

    Microsoft EFS is supported only on NTFS and does not function on FAT32. This is a feature of Microsoft EFS and is not related to HP ProtectTools software. This is as designed. Users have access rights to an emergency archive so that they can save/update their Basic User Key backup copy.
  • Page 94 This is as designed. The Computer Setup (F10) Utility password can only be removed by a user who knows the password. However, HP strongly recommends having the Computer Setup (F10) Utility password protected at all times. This is by design.
  • Page 95 This is by design—to avoid issues with Microsoft EFS, a 30-second watchdog timer was created to generate the error message). HP will correct this in a future release. The ability to encrypt does not require password authentication, since this is a feature of the Microsoft EFS encryption.
  • Page 96 Usage of secure e- mail is set and controlled by 3rd-party applications. The HP wizard allows linkage to the three reference applications for immediate customization. HP is working to resolve the XML-file-overwrite issue and will provide a solution in a future SoftPaq.
  • Page 97 The processes are working as designed and function properly; however, the internal Embedded Security error message is not clear and should state a more appropriate message. HP is working to enhance this in future products. The non-selected users can be restored by resetting the TPM, running the restore process, and selecting all users before the next default daily backup runs.
  • Page 98 \SYSTEM to (computer name)\(admin name). This is the default setting if the Scheduled Task is created manually. HP is working to provide future product releases with default settings that include computer name\admin name. HP will address this issue in future releases.

  • Page 99: Device Access Manager For Hp Protecttools

    (e.g., Administrator), which takes precedence? Device Access Manager for HP ProtectTools Solution Verify that the HP ProtectTools Device Locking service has started. As an administrative user, browse to Control Panel > Administrative Tools > Services. In the Services window, search for the HP ProtectTools Device Locking/Auditing service.

  • Page 100: Miscellaneous

    Embedded Security, Java Card Security, and biometrics are extendable plug-ins for the Security Manager interface. Security Manager must be installed before an HP-approved security plug-in can be loaded. This is the expected behavior of the TPM firmware utility for models containing Broadcom-enabled TPMs.
  • Page 101 Embedded Security Device, which hides the other Embedded Security options (including Power-on authentication support). However, after reenabling Embedded Security Device, Power-on authentication support remains enabled. HP is working on a resolution, which will be provided in future Web-based ROM SoftPaq offerings. Miscellaneous...
  • Page 102 Software Impacted— Short description Security Power-On Authentication overlaps the BIOS Password during boot sequence. The BIOS asks for both the old and new passwords through Computer Setup after the Owner password is changed. Chapter 11 Troubleshooting Details Power-On Authentication prompts the user to log on to the system using the TPM password, but, if the user presses to access the BIOS, the user is...

  • Page 103: Glossary

    The task that must be completed before any of the Drive Encryption features are accessible. Drive Encryption is activated using the HP ProtectTools Security Manager for Administrators setup wizard. Only an administrator can activate Drive Encryption. The activation process consists of activating the software, encrypting the drive, creating a user account, and creating the initial backup encryption key on a removable storage device.
  • Page 104 The secure writing of random data over deleted assets on the hard drive to distort the contents of the deleted assets, making recovery of the data more difficult. identity. In the HP ProtectTools Credential Manager, a group of credentials and settings that is handled like an account or profile for a particular user.
  • Page 105 power-on authentication. Security feature that requires some form of authentication, such as a Java Card, security chip, or password, when the computer is turned on. Privacy Manager certificate. A digital certificate that requires authentication each time you use it for cryptographic operations, such as signing and encrypting e-mail messages and Microsoft Office documents.
  • Page 106 A communication session during which trusted messages are sent from a trusted sender to a Trusted Contact. Trusted Platform Module (TPM) embedded security chip. The generic term for the HP ProtectTools Embedded Security Chip. A TPM authenticates a computer, rather than a user, by storing information specific to the host system, such as encryption keys, digital certificates, and passwords.

  • Page 107: Index

    Device Access Manager 78 backing up and restoring all ProtectTools modules 16 certification information 75 Embedded Security 75 HP ProtectTools credentials 9 Single Sign On data 26 backup wizard 17 basic user account 73 Basic User Key password changing 75...
  • Page 108 32 encrypting files and folders 74 F10 Setup password 8 features, HP ProtectTools 2 File Sanitizer 59 File Sanitizer for HP ProtectTools aborting a shred or free space bleaching operation 61 free space bleaching 53 manually activating free space...
  • Page 109 73 password Basic User Key 75 BIOS administrator 68 changing owner 76 emergency recovery token 73 guidelines 9 HP ProtectTools 7 managing 7 owner 73 policies, creating 6 resetting user 76 secure, creating 9 Windows 68 Windows logon 23...
  • Page 110 18 restricting access to sensitive data 5 device access 78 security BIOS Configuration for HP ProtectTools 69 key objectives 4 levels 11 logging in 14 login methods 11, 13 roles 7 setup wizard 11, 13 security setup password 8...

This manual is also suitable for:

Dc7900 - convertible minitower pcProtecttools security manager

Table of Contents