Résumé du contenu de la page N° 1
HP ProtectTools Security Software,
Version 6.0
User Guide
Résumé du contenu de la page N° 2
© Copyright 2009, 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Microsoft, Windows and Windows Vista are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warrant
Résumé du contenu de la page N° 3
About This Book This guide provides basic information for upgrading this computer model. WARNING! Text set off in this manner indicates that failure to follow directions could result in bodily harm or loss of life. CAUTION: Text set off in this manner indicates that failure to follow directions could result in damage to equipment or loss of information. NOTE: Text set off in this manner provides important supplemental information. ENWW iii
Résumé du contenu de la page N° 4
iv About This Book ENWW
Résumé du contenu de la page N° 5
Table of contents 1 Introduction to security .................................................................................................................................. 1 HP ProtectTools features ..................................................................................................................... 2 HP ProtectTools security products description and common use examples ........................................ 3 Credential Manager (Password Manager) for HP ProtectTools .....
Résumé du contenu de la page N° 6
Specifying device settings ................................................................................................. 16 Configuring Applications Settings ....................................................................................................... 16 Encrypting Drives ............................................................................................................................... 17 Managing Device Access ...........................................................
Résumé du contenu de la page N° 7
Logging in after Drive Encryption is activated .................................................................... 30 Advanced tasks .................................................................................................................................. 30 Managing Drive Encryption (administrator task) ................................................................ 30 Activating a TPM-protected password .............................................................. 30 Encrypting or d
Résumé du contenu de la page N° 8
Setting a shred schedule ................................................................................................... 44 Selecting or creating a shred profile .................................................................................. 44 Selecting a predefined shred profile .................................................................................. 44 Customizing an advanced security shred profile ............................................................... 45 Customizing
Résumé du contenu de la page N° 9
Creating an extendable JITA for a user or group ............................................................... 55 Disabling a JITA for a user or group .................................................................................. 56 Advanced Settings ............................................................................................................................. 56 10 Computrace for HP ProtectTools ................................................................................
Résumé du contenu de la page N° 10
x ENWW
Résumé du contenu de la page N° 11
1 Introduction to security HP ProtectTools security software provides security features that help protect against unauthorized access to the computer, networks, and critical data. Enhanced security functionality is provided by several HP ProtectTools software modules. HP ProtectTools provides two versions that can be utilized: HP ProtectTools Security Manager Administrative Console and HP ProtectTools Security Manager (for general users). Both Administrator and user versions are available in the
Résumé du contenu de la page N° 12
HP ProtectTools features The following table details the key features of HP ProtectTools modules: Module Key features HP ProtectTools Security Manager Administrative ● The Security Manager setup wizard is used by administrators to Console set up and configure levels of security and security logon methods. ● Configure options hidden from basic users. ● Activate Drive Encryption and configure user access. ● Configure Device Access Manager configurations and user access. ● Administrator tools are u
Résumé du contenu de la page N° 13
Module Key features Smart Card Security (part of Security Manager) ● Provides a management software interface for Smart Card. HP ProtectTools Smart Card is a personal security device that protects authentication data requiring both the card and a PIN number to grant access. The Smart Card can be used to access Password Manager, Drive Encryption, or any number of third party access points. ● Change PIN number. Embedded Security for HP ProtectTools ● Uses a Trusted Platform Module (TPM) embedded s
Résumé du contenu de la page N° 14
Example 1: A Purchasing Agent for a large manufacturer makes most of her corporate transactions over the Internet. She also frequently visits several popular web sites that require login information. She is keenly aware of security so does not use the same password on every account. The Purchasing Agent has decided to use Credential Manager to match web links with different user names and passwords. When she goes to a web site to log in, Credential Manager presents the credentials automatically.
Résumé du contenu de la page N° 15
Both Embedded Security and Drive Encryption for HP ProtectTools will not allow access to the encrypted data even when the drive is removed because they are both bound to the original motherboard. Example 2: A Hospital Administrator wants to ensure only doctors and authorized personnel can access any data on their local computer without sharing their personal passwords. The IT department adds the Administrator, doctors, and all authorized personnel as Drive Encryption users. Now only authorized p
Résumé du contenu de la page N° 16
Example 1: A Stock Broker wants to make sure his e-mails only go to specific clients and ensure no one can fake the e-mail account and intercept it. The Stock Broker signs himself and his clients up with Privacy Manager. Privacy Manager issues them a Certificate of Authentication (CA) to each user. Using this tool, the Stock Broker and his clients must authenticate before the e-mail is exchanged. Privacy Manager for HP ProtectTools makes it easy to send and receive e-mail where the recipient has
Résumé du contenu de la page N° 17
● Creating strong password policies ● Addressing regulatory security mandates Protecting against targeted theft An example of this type of incident would be the targeted theft of a computer or its confidential data and customer information. This can easily occur in open office environments or in unsecured areas. The following features help protect the data if the computer is stolen: ● The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See the following
Résumé du contenu de la page N° 18
Preventing unauthorized access from internal or external locations Unauthorized access to an unsecured business PC presents a very tangible risk to critical data such as information from financial services, an executive, or R&D team, and to private information such as patient records or personal financial records. The following features help prevent unauthorized access: ● The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See the following chapters: ◦
Résumé du contenu de la page N° 19
Additional security elements Assigning security roles In managing computer security, one important practice is to divide responsibilities and rights among various types of administrators and users. NOTE: In a small organization or for individual use, these roles may all be held by the same person. For HP ProtectTools, the security duties and privileges can be divided into the following roles: ● Security officer—Defines the security level for the company or network and determines the security fea
Résumé du contenu de la page N° 20
HP ProtectTools password Set in this Function HP ProtectTools module Smart Card PIN Smart Card Security Can be used as a multifactor authentication option. Can be used as a Windows authentication. Authenticates users of Drive Encryption, if the Smart Card token is selected. Computer Setup password BIOS, by IT administrator Protects access to the Computer Setup utility. NOTE: Also known as BIOS administrator, F10 Setup, or Security Setup password Power-on password BIOS Protects access to the comp