Additional security elements
Assigning security roles
In managing computer security (particularly for large organizations), one important practice is to divide responsibilities and rights among various types of administrators and users.
NOTE: In a small organization or for individual use, these roles may all be held by the same person.
For HP ProtectTools, the security duties and privileges can be divided into the following roles:
●Security
NOTE: Many of the features in HP ProtectTools can be customized by the security officer in cooperation with HP. For more information, go to http://www.hp.com.
●IT
●
CAUTION: Administrators are encouraged to follow “best practices” in restricting
Unauthorized users should not be granted administrative privileges.
Managing HP ProtectTools passwords
Most of the HP ProtectTools Security Manager features are secured by passwords. The following table lists the commonly used passwords, the software module where the password is set, and the password function.
The passwords that are set and used by IT administrators only are indicated in this table as well. All other passwords may be set by regular users or administrators.
HP ProtectTools password | Set in the following | Function |
| module |
|
|
|
|
Windows logon password | Windows Control Panel or | Can be used for manual logon and for |
| HP ProtectTools Security | authentication to access various Security |
| Manager | Manager features. |
|
|
|
Security Manager Backup and | Security Manager, by | Protects access to the Security Manager |
Recovery password | individual user | Backup and Recovery file. |
|
|
|
Smart card PIN | Credential Manager | Can be used as multifactor authentication. |
|
| Can be used as Windows authentication. |
|
| Authenticates users of Drive Encryption, if |
|
| the smart card is selected. |
|
|
|
6 | Chapter 1 Introduction to security |