Additional Security Elements; Assigning Security Roles; Managing Hp Protecttools Passwords - HP Compaq dc7900 USDT User Manual

Additional security elements

Assigning security roles

In managing computer security (particularly for large organizations), one important practice is to divide
responsibilities and rights among various types of administrators and users.
NOTE: In a small organization or for individual use, these roles may all be held by the same person.
For HP ProtectTools, the security duties and privileges can be divided into the following roles:
●
Security officer—Defines the security level for the company or network and determines the security
features to deploy, such as Java™ Cards, biometric readers, or USB tokens.
● IT administrator—Applies and manages the security features defined by the security officer. Can
also enable and disable some features. For example, if the security officer has decided to deploy
Java Cards, the IT administrator can enable Java Card BIOS security mode.
●
User—Uses the security features. For example, if the security officer and IT administrator have
enabled Java Cards for the system, the user can set the Java Card PIN and use the card for
authentication.

Managing HP ProtectTools passwords

Most of the HP ProtectTools Security Manager features are secured by passwords. The following table
lists the commonly used passwords, the software module where the password is set, and the password
function.
The passwords that are set and used by IT administrators only are indicated in this table as well. All
other passwords may be set by regular users or administrators.
HP ProtectTools password
Credential Manager logon
password
Credential Manager recovery file
password
Basic User Key password
NOTE: Also known as:
Embedded Security password
Emergency Recovery Token
password
ENWW
Set in this HP ProtectTools
module
Credential Manager
Credential Manager, by IT
administrator
Embedded Security
Embedded Security, by IT
administrator
Function
This password offers 2 options:
● It can be used in a separate logon to
access Credential Manager after
logging on to Windows.
●
It can be used in place of the Windows
logon process, allowing access to
Windows and Credential Manager
simultaneously.
Protects access to the Credential Manager
recovery file.
Used to access Embedded Security
features, such as secure e-mail, file, and
folder encryption. When used for power-on
authentication, also protects access to the
computer contents when the computer is
turned on, restarted, or restored from
hibernation.
Protects access to the Emergency Recovery
Token, which is a backup file for the
embedded security chip.
Additional security elements 7