Manuals / Brands / Computer Equipment / Desktops / HP / Computer Equipment / Desktops

HP Microtower PC 202 G2 Protecting against targeted theft, Restricting access to sensitive data

1 74

Download 74 pages, 1.86 Mb

●Creating strong password policies

●Addressing regulatory security mandates

Protecting against targeted theft

An example of this type of incident would be the targeted theft of a computer or its confidential data and customer information. This can easily occur in open office environments or in unsecured areas. The following features help protect the data if the computer is stolen:

●The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See the following chapters:

◦Password Manager for HP ProtectTools on page 25

◦Embedded Security for HP ProtectTools on page 49

◦Drive Encryption for HP ProtectTools on page 29

●DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system.

●The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See the following chapter:

◦Embedded Security for HP ProtectTools on page 49

●Computrace can track the computer's location after a theft. See the following chapter:

◦Computrace for HP ProtectTools on page 57

Restricting access to sensitive data

Suppose a contract auditor is working on site and has been given computer access to review sensitive financial data; you do not want the auditor to be able to print the files or save them to a writeable device such as a CD. The following feature helps restrict access to data:

Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be printed or copied from the hard drive onto removable media. See Device class configuration (advanced) on page 54.

ENWW	Achieving key security objectives 7

Contents

Page Page About This Book WARNING CAUTION: Page Table of contents Page Page Page Page Page 1 Introduction to security Page Credential Manager (Password Manager) for HP ProtectTools Example 1: Example 2: Embedded Security for HP ProtectTools Drive Encryption for HP ProtectTools File Sanitizer for HP ProtectTools Device Access Manager for HP ProtectTools Privacy Manager for HP ProtectTools Computrace for HP ProtectTools (formerly known as LoJack Pro) HP ProtectTools Administrative Console Protecting against targeted theft Restricting access to sensitive data Preventing unauthorized access from internal or external locations Creating strong password policies Assigning security roles Managing HP ProtectTools passwords Creating a secure password Backing up credentials and settings 2HP ProtectTools Security Manager Administrative Console Management Tools Links Setup Wizard Help About Logon tab Session tab Adding a user Removing a user Checking user status Page 3 HP ProtectTools Security Manager Changing your Windows password Credentials 2.Click Windows Password Current Windows password Change Initializing the Smart Card Configure the use of the smart card Setup a Smart Card 4.Ensure that Initialize the smart card is selected PIN Drive Encryption Encryption Status Device Access Manager Simple Configuration Device Class Configuration Discover More Add Applications Updates and Messages Keep me informed about new applications and updates Check Now Browse Restoring your data 3.Click Restore data Windows user name Choose Picture 4Password Manager for HP ProtectTools ●For a website - select Add [domain name] to Password Manager ●For a program - select Add this logon screen to Password Manager Manage Choose other fields Submit logon data Submit account data Password Manager Add Category All To manage your logons: Add Logon Edit To add an additional logon for a website or program: Add additional logon 5 Drive Encryption for HP ProtectTools Activating a TPM-protectedpassword Encrypting or decrypting individual drives Creating backup keys 6 Privacy Manager for HP ProtectTools Requesting a Privacy Manager Certificate Installing a Privacy Manager Certificate Renewing a Privacy Manager Certificate 3.Click Renew certificate Setting a default Privacy Manager Certificate Set default Deleting a Privacy Manager Certificate Adding Trusted Contacts Adding a Trusted Contact Trusted Contacts Invite Contacts Send Adding Trusted Contacts using your Microsoft Outlook address book Viewing Trusted Contact details Deleting a Trusted Contact Checking revocation status for a Trusted Contact Configuring Privacy Manager in a Microsoft Office document File Sanitizer Shred Now Documents Signing a Microsoft Office document Insert Text Signature Line Privacy Manager Signature Provider Suggested signer Signing a Microsoft Office Document Removing the encryption from a Microsoft Office document Remove Encryption Sending an encrypted Microsoft Office document New Using Privacy Manager in Microsoft Outlook Configuring Privacy Manager for Microsoft Outlook E-mail Privacy Signing and sending an e-mailmessage Exporting Privacy Manager Certificates and Trusted Contacts Importing Privacy Manager Certificates and Trusted Contacts 7 File Sanitizer for HP ProtectTools Setting a free space bleaching schedule Bleaching Activate Scheduler Setting a shred schedule Shred View Details Shred the following Customizing an advanced security shred profile Advanced Security Settings Available shred options Simple Delete Settings Available delete options Delete the following Do not delete the following Using a key sequence to initiate shredding Manually shredding one asset Shred One Open Manually shredding all selected items Manually activating free space bleaching Aborting a shred or free space bleaching operation Stop Viewing the log files 8Embedded Security for HP ProtectTools Setup password New password Verify new password TPM Embedded Security 5.Select Embedded security device state and change to Enable Using the Personal Secure Drive Encrypting files and folders Encrypt ●Apply changes to this folder only ●Apply changes to this folder, subfolders, and files Creating a backup file Restoring certification data from the backup file 9Device Access Manager for HP ProtectTools Adding a user or a group Select Users or Groups Removing a user or a group Denying or allowing access to a user or group User/Groups Scenario: Result: Creating a JITA for a user or group JITA Configuration removable media Extendable Disabling a JITA for a user or group 10 Computrace for HP ProtectTools Glossary Drive Encryption key recovery service Drive Encryption logon screen DriveLock emergency recovery archive Encryption File System (EFS) revocation password seal for trusted contacts security logon method Send Security button shred cycle trusted message Trusted Platform Module (TPM) embedded security chip trusted sender TXT user Index P password R restricting