HP dc73 Blade Client manual Additional security elements, Assigning security roles

Page 12

Additional security elements

Assigning security roles

In managing computer security (particularly for large organizations), one important practice is to divide responsibilities and rights among various types of administrators and users.

NOTE: In a small organization or for individual use, these roles may all be held by the same person.

For HP ProtectTools, the security duties and privileges can be divided into the following roles:

Security officer—Defines the security level for the company or network and determines the security features to deploy, such as Java™ Cards, biometric readers, or USB tokens.

NOTE: Many of the features in HP ProtectTools can be customized by the security officer in cooperation with HP. For more information, see the HP Web site at http://www.hp.com.

IT administrator—Applies and manages the security features defined by the security officer. Can also enable and disable some features. For example, if the security officer has decided to deploy Java Cards, the IT administrator can enable Java Card BIOS security mode.

User—Uses the security features. For example, if the security officer and IT administrator have enabled Java Cards for the system, the user can set the Java Card PIN and use the card for authentication.

Managing HP ProtectTools passwords

Most of the HP ProtectTools Security Manager features are secured by passwords. The following table lists the commonly used passwords, the software module where the password is set, and the password function.

The passwords that are set and used by IT administrators only are indicated in this table as well. All other passwords may be set by regular users or administrators.

HP ProtectTools password

Set in this HP ProtectTools

Function

 

 

module

 

 

 

 

Credential Manager logon

Credential Manager

This password offers 2 options:

password

 

It can be used in a separate logon to

 

 

 

 

 

 

access Credential Manager after

 

 

 

logging on to Windows.

 

 

 

It can be used in place of the Windows

 

 

 

logon process, allowing access to

 

 

 

Windows and Credential Manager

 

 

 

simultaneously.

 

 

 

Credential Manager recovery file

Credential Manager, by IT

Protects access to the Credential Manager

password

administrator

recovery file.

 

 

 

Basic User Key password

Embedded Security

Used to access Embedded Security

NOTE:

Also known as:

 

features, such as secure e-mail, file, and

 

folder encryption. When used for power-on

Embedded Security password

 

authentication, also protects access to the

 

 

 

computer contents when the computer is

 

 

 

turned on, restarted, or restored from

 

 

 

hibernation.

 

 

 

Emergency Recovery Token

Embedded Security, by IT

Protects access to the Emergency Recovery

password

administrator

Token, which is a backup file for the

NOTE:

Also known as:

 

embedded security chip.

 

 

Emergency Recovery Token Key

 

 

password

 

 

 

 

 

 

6 Chapter 1 Introduction to security

ENWW

Page 11 Page 13
Image 12
Page 11 Page 13
Contents ProtectTools First Edition July Document Part Number Table of contents Embedded Security for HP ProtectTools Java Card Security for HP ProtectToolsBios Configuration for HP ProtectTools TroubleshootingDrive Encryption for HP ProtectTools Enww Introduction to security HP ProtectTools features Module Key featuresAccessing HP ProtectTools Security Restricting access to sensitive data Achieving key security objectivesProtecting against targeted theft Creating strong password policies Managing HP ProtectTools passwords Additional security elementsAssigning security roles Java Card PIN also protects access to HP ProtectTools Backup and Restore Creating a secure passwordBacking up credentials and settings Restoring credentials Configuring settings Credential Manager for HP ProtectTools Setup procedures Using the Credential Manager Logon WizardLogging on to Credential Manger Registering credentials Logging on for the first timeRegistering fingerprints Setting up the fingerprint reader Using your registered fingerprint to log on to WindowsRegistering a Java Card, USB eToken, or virtual token Registering a USB eTokenChanging the Windows logon password General tasksCreating a virtual token Changing a token PINManaging identity Clearing an identity from the systemUsing Windows Logon Locking the computerLogging on to Windows with Credential Manager Adding an accountUsing Single Sign On Using automatic registrationRemoving an account Registering a new applicationUsing manual drag and drop registration Managing applications and credentialsModifying application properties Removing an application from Single Sign OnUsing Application Protection Importing an applicationModifying credentials Restricting access to an application Changing restriction settings for a protected applicationRemoving protection from an application Enww Advanced tasks administrator only Specifying how users and administrators log onConfiguring custom authentication requirements Configuring credential propertiesConfiguring Credential Manager settings Select Start All Programs HP ProtectTools Security Manager Embedded Security for HP ProtectTools Select Embedded security device state and change to Enable Enabling the embedded security chipInitializing the embedded security chip Setting up the basic user account Using the Personal Secure Drive Encrypting files and foldersSending and receiving encrypted e-mail Changing the Basic User Key password Creating a backup file Restoring certification data from the backup fileAdvanced tasks Backing up and restoringChanging the owner password Resetting a user passwordEnabling Embedded Security after permanent disable Enabling and disabling Embedded SecurityMigrating keys with the Migration Wizard Java Card Security for HP ProtectTools Changing a Java Card PIN Selecting the card readerAdvanced tasks administrators only Assigning a Java Card PINSetting power-on authentication Assigning a name to a Java CardTo enable Java Card power-on authentication Disabling Java Card power-on authentication Creating a user Java CardBios Configuration for HP ProtectTools Managing boot options Enabling and disabling system configuration options Enww Managing HP ProtectTools add-on module settings Under Smart Card Security, click EnableClick Apply, and then click OK in the HP ProtectTools window Using DriveLock Enabling and disabling DriveLock hard drive protectionDriveLock Applications Managing Computer Setup passwords Setting the power-on passwordChanging the power-on password Setting the setup passwordChanging the setup password Setting password optionsEnabling and disabling stringent security Enww Drive Encryption for HP ProtectTools Encryption management User management Recovery Right pane, click Click here to backup your keysTroubleshooting Security Change password option, but, sinceCredential Manager for ProtectTools Virtual Token duringClick Advanced Settings Click Service & ApplicationsConnect Click Java Cards and TokensReader to log on to Credential ManagerF10 = ROM Based Setup message is displayed It to Embedded Security Device-EnableSelect Enable Save changes and exit Security Restore IdentityEmbedded Security for ProtectTools Select File Save Changes and Exit Process cannot access File because it isBeing used by another ProcessOut with access denied Clicks Restore under Backup Error has been detectedSelects SPSystemBackup .xml Selected Backup Archive doesEnww Miscellaneous Click All Programs Click HP ProtectTools Security ManagerPower-on Computer Setup, the Power-on Authentication support Glossary Enww Access IndexEnww Enww
Related manuals
Manual 65 pages 2.14 Kb
Top Page Image Contents