Achieving key security objectives

The HP ProtectTools modules can work together to provide solutions for a variety of security issues, including the following key security objectives:

Protecting against targeted theft

Restricting access to sensitive data

Preventing unauthorized access from internal or external locations

Creating strong password policies

Protecting against targeted theft

An example of this type of incident would be the targeted theft of a computer containing confidential data and customer information in a cubicle or open environment. The following features help protect against targeted theft:

The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See the following procedures:

Enabling and disabling smart card power-on authentication support on page 46

Enabling and disabling power-on authentication support for Embedded Security on page 47

Assigning a name to a Java Card on page 39

Drive Encryption for HP ProtectTools on page 52

DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. See “Enabling and disabling DriveLock hard drive protection on page 48.”

The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See the following procedures:

Embedded Security “Setup procedures on page 28

Using the Personal Secure Drive on page 31

Restricting access to sensitive data

Suppose a contract auditor is working onsite and has been given computer access to review sensitive financial data; you do not want the auditor to be able to print the files or save them to a writeable device such as a CD. The following feature helps restrict access to data:

The DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. See “Enabling and disabling DriveLock hard drive protection on page 48.”

Preventing unauthorized access from internal or external locations

If a PC containing confidential data and customer information is accessed from an internal or external location, unauthorized users may be able to gain entry to corporate network resources or data from

4 Chapter 1 Introduction to security

ENWW

Page 10
Image 10
HP dc73 Blade Client manual Achieving key security objectives, Protecting against targeted theft