HP ProBook 6445b - Notebook PC User Manual
Protecttools (select models only) - vista
Hide thumbs
Also See for ProBook 6445b - Notebook PC:
- Maintenance and service manual (230 pages) ,
- User manual (183 pages) ,
- Manuallines (12 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for HP ProBook 6445b - Notebook PC
Summary of Contents for HP ProBook 6445b - Notebook PC
- Page 1 HP ProtectTools User Guide...
- Page 2 © Copyright 2009 Hewlett-Packard Development Company, L.P. Bluetooth is a trademark owned by its proprietor and used by Hewlett-Packard Company under license. Java is a US trademark of Sun Microsystems, Inc. Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation. SD Logo is a trademark of its proprietor.
-
Page 3: Table Of Contents
Table of contents 1 Introduction to security HP ProtectTools features ........................2 Achieving key security objectives ......................3 Protecting against targeted theft ..................3 Restricting access to sensitive data ..................3 Preventing unauthorized access from internal or external locations ........3 Creating strong password policies .................. - Page 4 5 Adding management tools 6 HP ProtectTools Security Manager Setup procedures ..........................24 Getting started ........................24 Registering credentials ...................... 24 Enrolling your fingerprints ................. 24 Changing your Windows password ..............25 Setting up a smart card ..................25 Using the Security Manager dashboard ................25 Opening HP ProtectTools Security Manager ..............
- Page 5 Creating backup keys ..................39 Performing a recovery ..................40 8 Privacy Manager for HP ProtectTools (select models only) Setup procedures ..........................42 Opening Privacy Manager ....................42 Managing Privacy Manager Certificates ................42 Requesting and installing a Privacy Manager Certificate ..........42 Requesting a Privacy Manager Certificate ............
- Page 6 Starting a Privacy Manager Chat session ............54 Configuring Privacy Manager for Windows Live Messenger ......55 Chatting in the Privacy Manager Chat window ..........55 Viewing chat history ..................56 Reveal all sessions ................56 Reveal sessions for a specific account ..........57 View a session ID ................
- Page 7 Device administrators group ................71 Simple Configuration ..................71 Starting background service ............. 72 Device Class Configuration ................73 Denying access to a user or group ........... 74 Allowing access for a user or a group ..........75 Removing access for a user or a group ..........75 Allowing access to a class of devices for one user of a group ..
- Page 8 viii...
-
Page 9: Introduction To Security
Introduction to security HP ProtectTools Security Manager software provides security features that help protect against unauthorized access to the computer, networks, and critical data. Administration of HP ProtectTools Security Manager is provided through the Administrative Console feature. Using the console, the local administrator can perform the following tasks: ●... -
Page 10: Hp Protecttools Features
HP ProtectTools features The following table details the key features of HP ProtectTools modules. Module Key features ● Credential Manager for HP ProtectTools Password Manager acts as a personal password vault, streamlining the logon process with the Single Sign On feature, which automatically remembers and applies user credentials. -
Page 11: Achieving Key Security Objectives
Achieving key security objectives The HP ProtectTools modules can work together to provide solutions for a variety of security issues, including the following key security objectives: ● Protecting against targeted theft ● Restricting access to sensitive data ● Preventing unauthorized access from internal or external locations ●... -
Page 12: Creating Strong Password Policies
● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be copied from the hard drive. ● DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and installed into an unsecured system. -
Page 13: Additional Security Elements
Additional security elements Assigning security roles In managing computer security (particularly for large organizations), one important practice is to divide responsibilities and rights among various types of administrators and users. NOTE: In a small organization or for individual use, these roles may all be held by the same person. For HP ProtectTools, the security duties and privileges can be divided into the following roles: ●... - Page 14 HP ProtectTools password Set in this HP ProtectTools Function module Computer Setup utility and to the computer contents. Authenticates users of Drive Encryption, if the Java Card token is selected. Windows Logon password Windows® Control Panel Can be used for manual logon or saved on the Java Card.
-
Page 15: Creating A Secure Password
Creating a secure password When creating passwords, you must first follow any specifications that are set by the program. In general, however, consider the following guidelines to help you create strong passwords and reduce the chances of your password being compromised: ●... -
Page 16: Getting Started
Getting started NOTE: Administration of HP ProtectTools requires administrative privileges. The HP ProtectTools Setup Wizard guides you through setting up the most commonly used features of Security Manager. However, there is a wealth of additional functionality available through the HP ProtectTools Administrative Console. -
Page 17: Opening Hp Protecttools Administrative Console
Opening HP ProtectTools Administrative Console For administrative tasks, such as setting system policies or configuring software, open the console as follows: Click Start, click All Programs, click HP, and then click HP ProtectTools Administrative ▲ Console. – or – In the left panel of Security Manager, click Administration. For user tasks, such as registering fingerprints or using Security Manager, open the console as follows: Click Start, click All Programs, click HP, and then click HP ProtectTools Security Manager. -
Page 18: Enabling Security Features
Enabling security features The Setup Wizard will ask you to verify your identity. Read the “Welcome” screen, and then click Next. Verify your identity, either by typing your Windows password if you do not have any enrolled fingerprints yet, or by scanning your fingerprint with the fingerprint reader. Click Next. If your Windows password is blank, you will be asked to create one. -
Page 19: Enrolling Your Fingerprints
Enrolling your fingerprints If you have selected "Fingerprint" and if your computer has a fingerprint reader built in or connected, you will be guided through the process of setting up or "enrolling" your fingerprints: An outline of two hands is displayed. Fingers that are already enrolled are highlighted in green. Click a finger on the outline. -
Page 20: Setting Up A Smart Card
Setting up a smart card If you have selected "Smart card" and if a smart card reader is built in or connected to your computer, the HP ProtectTools Setup Wizard will prompt you to set up a smart card PIN (personal identification number). -
Page 21: Using Administrative Console
Using Administrative Console HP ProtectTools Administrative Console is the central location for administering HP ProtectTools Security Manager features and applications. The console is composed of the following components: ● Tools—Displays the following categories for configuring security on your computer: ◦ Home—Allows you to select the security tasks to perform. -
Page 22: Configuring Your System
Configuring your system The System group is accessed from the Tools menu panel on the left side of the HP ProtectTools Administrative Console screen. You can use the applications in this group to manage the policies and settings for the computer, its users, and its devices. The following applications are included in the System group: ●... -
Page 23: Setting Up Authentication For Your Computer
Setting up authentication for your computer Within the Authentication application, you can select which security features should be implemented on this computer, set policies governing access to the computer, and configure additional advanced settings. You can specify the credentials required to authenticate each class of user when logging into Windows or logging into Web sites and programs during a user session. -
Page 24: Settings
Settings You can allow one or more of the following security settings: ● Allow One Step logon—Allows users of this computer to skip Windows logon if authentication was performed at the BIOS or encrypted disk level. ● Allow HP SpareKey authentication for Windows logon—Allows users of this computer to use the HP SpareKey feature to log on to Windows despite any other authentication policy required by Security Manager. -
Page 25: Managing Users
Managing users Within the Users application, you can monitor and manage this computer's HP ProtectTools users. All HP ProtectTools users are listed and verified against the policies set through Security Manager and whether or not they have registered the appropriate credentials enabling them to meet those policies. To add additional users, click Add. -
Page 26: Specifying Device Settings
Specifying device settings Within the Device application, you can specify settings available for any built-in or attached security devices recognized by HP ProtectTools Security Manager. Fingerprints The Fingerprints page has three tabs: Enrollment, Sensitivity, and Advanced. Enrollment You can choose the minimum and maximum number of fingerprints that a user is allowed to enroll. You can also clear all of the data from the fingerprint reader. -
Page 27: Configuring Your Applications
Configuring your applications The Applications group is accessed from the Security Applications menu panel on the left side of HP ProtectTools Administrative Console. You can use Settings to customize the behavior of currently installed HP ProtectTools Security Manager applications. To edit your application settings: In the Tools menu, from the Applications group, click Settings. -
Page 28: General Tab
General tab The following settings are available on the General tab: Do not automatically launch the Setup Wizard for administrators—Select this option to prevent ▲ the wizard from automatically opening upon logon. Do not automatically launch the Getting Started wizard for users—Select this option to prevent ▲... -
Page 29: Applications Tab
Applications tab The settings displayed here can change when new applications are added to Security Manager. The minimal settings shown by default are as follows: ● Security Manager—Enables the Security Manager application for all users of the computer. ● Enable the Discover more button—Allows all users of this computer to add applications to HP ProtectTools Security Manager by clicking the [+] Discover more button. -
Page 30: Adding Management Tools
Adding management tools Additional applications may be available for adding new management tools to Security Manager. The administrator of this computer may disable this feature through the Settings application. To add additional management tools, click [+] Management tools. You can access the DigitalPersona Web site to check for new applications, or you can set up a schedule for automatic updates. -
Page 31: Hp Protecttools Security Manager
HP ProtectTools Security Manager HP ProtectTools Security Manager allows you to significantly increase the security of your computer. You can use preloaded Security Manager applications, as well as additional applications available for immediate download from the Web: ● Manage your logon and passwords ●... -
Page 32: Setup Procedures
Setup procedures Getting started The HP ProtectTools Setup Wizard is displayed automatically as the default page in HP ProtectTools Security Manager until setup has been completed. To set up Security Manager, follow these steps: NOTE: If neither a fingerprint reader nor a smart card is available, perform only steps 1, 5, and 6. On the “Welcome”... -
Page 33: Changing Your Windows Password
You must enroll at least two fingers; index or middle fingers are preferable. Repeat steps 3 and 4 for another finger. Click Next. NOTE: When enrolling fingerprints through the Getting Started process, fingerprint information is not saved until you click Next. If you leave the computer inactive for a while, or close the dashboard, the changes you made are not saved. -
Page 34: Opening Hp Protecttools Security Manager
● Administration—Opens the HP ProtectTools Administrative Console. ● Help button—Displays information about the current screen. ● Advanced—Allows you to access the following options: ◦ Preferences—Allows you to personalize Security Manager settings. ◦ Backup and Restore—Allows you to back up or restore data. ◦... -
Page 35: General Tasks
General tasks The applications included in this group assist you in managing various aspects of your digital identity. ● Security Manager—Creates and manages Quick Links, which allow you to launch and log on to Web sites and programs by authenticating with your Windows password, your fingerprint, or a smart card. -
Page 36: Adding Logons
● Add a New Account—Allows you to add an account to a logon. ● Open Password Manager—Launches the Password Manager application. ● Help—Displays Password Manager software help. NOTE: The administrator of this computer may have set up Security Manager to require more than one credential when verifying your identity. -
Page 37: Editing Logons
Editing logons To edit a logon, follow these steps: Open the logon screen for a Web site or program. To display a dialog box where you can edit your logon information, click the arrow on the Password Manager icon, and then click Edit logon. Logon fields on the screen, and their corresponding fields on the dialog box, are identified with a bold orange border. -
Page 38: Managing Your Logons
To add a logon to a category: Place your mouse pointer over the desired logon. Press and hold the left mouse button. Drag the logon into the list of categories. Categories will be highlighted as you move your mouse over them. Release the mouse button when the desired category is highlighted. -
Page 39: Settings
Click the icon arrow, and then click Icon Settings to customize how Password Manager handles possible logon sites. ● Prompt to add logons for logon screens—Click this option to have Password Manager prompt you to add a logon when a logon screen displays that does not already have a logon set up. ●... -
Page 40: Your Personal Id Card
Your personal ID card Your ID card uniquely identifies you as the owner of this Windows account, showing your name and a picture of your choice. It is prominently displayed in the upper-left corner of Security Manager pages, and as a Windows Sidebar gadget. Clicking your ID Card in the Windows Sidebar is one of the many ways to get quick access to Security Manager. -
Page 41: Backing Up And Restoring Your Data
Fingerprint Scan Feedback—Displays only when a fingerprint reader is available. Use this setting to adjust the feedback that occurs when you scan your fingerprint. ● Enable sound feedback—Security Manager gives you audio feedback when a fingerprint has been scanned, playing different sounds for specific program events. You may assign new sounds to these events through the Sounds tab in the Windows Control Panel, or disable sound feedback by clearing this option. -
Page 42: Adding Applications
Adding applications Additional applications that provide new features for this program may be available. From the Security Manager dashboard, click [+] Discover more to browse additional applications. NOTE: If there is no [+] Discover more link in the lower-left portion of the dashboard, it has been disabled by the administrator of this computer. -
Page 43: Drive Encryption For Hp Protecttools (Select Models Only)
Drive Encryption for HP ProtectTools (select models only) CAUTION: If you decide to uninstall the Drive Encryption module, you must first decrypt all encrypted drives. If you do not, you will not be able to access the data on encrypted drives unless you have registered with the Drive Encryption recovery service. -
Page 44: Setup Procedures
Setup procedures Opening Drive Encryption Click Start, click All Programs, click HP, and then click HP ProtectTools Administrative Console. In the left pane, click Drive Encryption. Chapter 7 Drive Encryption for HP ProtectTools (select models only) -
Page 45: General Tasks
General tasks Activating Drive Encryption Use the HP ProtectTools Setup Wizard to activate Drive Encryption. NOTE: This wizard is also used to add and remove users. – or – Click Start, click All Programs, click HP, and then click HP ProtectTools Administrative Console. -
Page 46: Protect Your Data By Encrypting Your Hard Drive
NOTE: If the Windows administrator has enabled Pre-boot Security in the HP ProtectTools Security Manager, you will log in to the computer immediately after the computer is turned on, rather than at the Drive Encryption login screen. Click your user name, and then type your Windows password or Java™ Card PIN, or swipe a registered finger. -
Page 47: Advanced Tasks
Advanced tasks Managing Drive Encryption (administrator task) The ”Encryption Management” page allows administrators to view and change the status of Drive Encryption (active or inactive) and to view the encryption status of all of the hard drives on the computer. ●... -
Page 48: Performing A Recovery
CAUTION: Be sure to keep the storage device containing the backup key in a safe place, because if you forget your password or lose your Java Card, this device provides your only access to your hard drive. Open HP ProtectTools Administrative Console, click Drive Encryption, and then click Recovery. -
Page 49: Privacy Manager For Hp Protecttools (Select Models Only)
Privacy Manager for HP ProtectTools (select models only) Privacy Manager for HP ProtectTools enables you to use advanced security login (authentication) methods to verify the source, integrity, and security of communication when using e-mail, Microsoft® Office documents, or instant messaging (IM). Privacy Manager leverages the security infrastructure provided by HP ProtectTools Security Manager, which includes the following security login methods: ●... -
Page 50: Setup Procedures
Setup procedures Opening Privacy Manager To open Privacy Manager: Click Start, click All Programs, click HP, and then click HP ProtectTools Security Manager. Click Privacy Manager. – or – Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click Privacy Manager, and then click Configuration. -
Page 51: Requesting A Privacy Manager Certificate
Requesting a Privacy Manager Certificate Open Privacy Manager, and click Certificates. Click Request a Privacy Manager certificate. On the “Welcome” page, read the text, and then click Next. On the “License Agreement” page, read the license agreement. Be sure that the check box next to Check here to accept the terms of this license agreement is selected, and then click Next. -
Page 52: Viewing Privacy Manager Certificate Details
If you click Cancel, refer to for Adding a Trusted Contact on page 46 information on adding a Trusted Contact at a later time. Viewing Privacy Manager Certificate details Open Privacy Manager, and click Certificates. Click a Privacy Manager Certificate. Click Certificate details. -
Page 53: Restoring A Privacy Manager Certificate
Click Delete. When the confirmation dialog box opens, click Yes. Click Close, and then click Apply. Restoring a Privacy Manager Certificate During installation of your Privacy Manager certificate, you are required to create a backup copy of the certificate. You may also create a backup copy from the Migration page. This backup copy can be used when migrating to another computer or to restore a certificate to the same computer. -
Page 54: Adding Trusted Contacts
Trusted Contacts Manager allows you to perform the following tasks: ● View Trusted Contact details ● Delete Trusted Contacts ● Check revocation status for Trusted Contacts (advanced) Adding Trusted Contacts Adding Trusted Contacts is a 3-step process: You send an e-mail invitation to a Trusted Contact recipient. The Trusted Contact recipient responds to the e-mail. -
Page 55: Adding Trusted Contacts Using Microsoft Outlook Contacts
When you receive an e-mail response from a recipient accepting the invitation to become a Trusted Contact, click Accept in the lower-right corner of the e-mail. A dialog box opens, confirming that the recipient has been successfully added to your Trusted Contacts list. -
Page 56: Deleting A Trusted Contact
Deleting a Trusted Contact Open Privacy Manager, and click Trusted Contacts. Click the Trusted Contact you want to delete. Click Delete contact. When the confirmation dialog box opens, click Yes. Checking revocation status for a Trusted Contact To see if a Trusted Contact has revoked their Privacy Manager Certificate: Open Privacy Manager, and click Trusted Contacts. -
Page 57: General Tasks
General tasks You can use Privacy Manager with the following Microsoft products: ● Microsoft Outlook ● Microsoft Office ● Windows Live Messenger Using Privacy Manager in Microsoft Outlook When Privacy Manager in installed, a Privacy button is displayed on the Microsoft Outlook toolbar, and a Send Securely button is displayed on the toolbar of each Microsoft Outlook e-mail message. -
Page 58: Sealing And Sending An E-Mail Message
Click the down arrow next to Send Securely (Privacy in Outlook 2003), and then click Sign and Send. Authenticate using your chosen security login method. Sealing and sending an e-mail message Sealed e-mail messages that are digitally signed and sealed (encrypted) can only be viewed by people you choose from your Trusted Contacts list. -
Page 59: Configuring Privacy Manager For Microsoft Office
Configuring Privacy Manager for Microsoft Office Open Privacy Manager, click Settings, and then click the Documents tab. – or – On the toolbar of a Microsoft Office document, click the down arrow next to Sign and Encrypt, and then click Settings. Select the actions you want to configure, and then click OK. -
Page 60: Adding A Suggested Signer's Signature Line
To add a suggested signer to a Microsoft Word or Microsoft Excel document: In Microsoft Word or Microsoft Excel, create and save a document. Click the Insert menu. In the Text group on the toolbar, click the arrow next to Signature Line, and then click Privacy Manager Signature Provider. -
Page 61: Removing Encryption From A Microsoft Office Document
NOTE: To select multiple Trusted Contact names, hold down the ctrl key and click the individual names. Click OK. If you later decide to edit the document, follow the steps in Removing encryption from a Microsoft Office document on page 53. -
Page 62: Viewing An Encrypted Microsoft Office Document
Viewing an encrypted Microsoft Office document To view an encrypted Microsoft Office document from another computer, Privacy Manager must be installed on that computer. In addition, you must restore the Privacy Manager Certificate that was used to encrypt the file. A Trusted Contact wanting to view an encrypted Microsoft Office document must have a Privacy Manager Certificate, and Privacy Manager must be installed on his or her computer. -
Page 63: Configuring Privacy Manager For Windows Live Messenger
– or – Right-click the ProtectTools icon in the notification area, click Privacy Manager for HP ProtectTools, and then select Start Chat. In Live Messenger, click Actions: Start an Activity, and then select Privacy Manager Chat. NOTE: Each user must be online in Live Messenger, and the users must be displayed in each other's Live Messenger online window. -
Page 64: Viewing Chat History
● Send—Click this button to send an encrypted message to your contact. ● Send signed—Select this check box to electronically sign and encrypt your messages. Then, if the message is tampered with, it will be marked as invalid when the recipient receives it. You must authenticate each time you send a signed message. -
Page 65: Reveal Sessions For A Specific Account
Reveal sessions for a specific account Revealing a session displays the decrypted Contact Screen Name for the currently selected session. To reveal a specific chat history session: In the Live Messenger History Viewer, right-click any session, and then select Reveal Session. Authenticate using your chosen security login method. -
Page 66: Add Or Remove Columns
Add or remove columns By default, the 3 most used columns are displayed in the Live Messenger History Viewer. You can add additional columns to the display, or you can remove columns from the display. To add columns to the display: Right-click on any column heading, and then select Add/Remove Columns. -
Page 67: Advanced Tasks
Advanced tasks Migrating Privacy Manager Certificates and Trusted Contacts to a different computer You can securely migrate your Privacy Manager Certificates and Trusted Contacts to another computer, or back up your data for safekeeping. To do this, back up the data as a password-protected file to a network location or any removable storage device, and then restore the file to the new computer. -
Page 68: Central Administration Of Privacy Manager
Central administration of Privacy Manager Your installation of Privacy Manager may be part of a centralized installation, that has been customized by your administrator. One or more of the following features may be either enabled or disabled: ● Certificate use policy—You may be restricted to the use of Privacy Manager certificates issued by Comodo, or you may be allowed to use digital certificates issued by other certificate authorities. -
Page 69: File Sanitizer For Hp Protecttools
File Sanitizer for HP ProtectTools File Sanitizer is a tool that allows you to securely shred assets (personal information or files, historical or Web-related data, or other data components) on your computer and to periodically bleach your hard drive. NOTE: This version of File Sanitizer supports the system hard drive only. -
Page 70: Shredding
Shredding Shredding is different than a standard Windows® delete (also known as a simple delete in File Sanitizer) in that when you shred an asset using File Sanitizer, an algorithm that obscures the data is invoked, which makes it virtually impossible to retrieve the original asset. A Windows simple delete may leave the file (or asset) intact on the hard drive or in a state where forensic methods could be used to recover the file (or asset). -
Page 71: Free Space Bleaching
Free space bleaching Deleting an asset in Windows does not completely remove the contents of the asset from your hard drive. Windows only deletes the reference to the asset. The content of the asset still remains on the hard drive until another asset overwrites that same area on the hard drive with new information. Free space bleaching allows you to securely write random data over deleted assets, preventing users from viewing the original contents of the deleted asset. -
Page 72: Setup Procedures
Setup procedures Opening File Sanitizer To open File Sanitizer: Click Start, click All Programs, click HP, and then click HP ProtectTools Security Manager. Click File Sanitizer. – or – Double-click the File Sanitizer icon located on your desktop. ▲ – or – Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click ▲... -
Page 73: Selecting Or Creating A Shred Profile
To set a free space bleaching schedule: Open File Sanitizer, and click Free Space Bleaching. Select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to bleach your hard drive. Click Apply, and then click OK. NOTE: The free space bleaching operation can take a long time. -
Page 74: Customizing A Simple Delete Profile
NOTE: To remove an asset from the available shred options, click the asset, and then click Delete. Under Shred the following, select the check box next to each asset that you want to confirm before shredding NOTE: To remove an asset from the shred list, click the asset, and then click Remove. To protect files or folders from automatic shredding, under Do not shred the following, click Add and then browse or type the path to the file name or folder. -
Page 75: General Tasks
General tasks You can use File Sanitizer to perform the following tasks: ● Use a key sequence to initiate shredding—This feature allows you to create a key sequence (for example, ctrl+alt+s) to initiate shredding. For details, refer to Using a key sequence to initiate shredding on page ●... -
Page 76: Using The File Sanitizer Icon
Using the File Sanitizer icon CAUTION: Shredded assets cannot be recovered. Carefully consider which items you select for manual shredding. Navigate to the document or folder you want to shred. Drag the asset to the File Sanitizer icon on the desktop. When the confirmation dialog box opens, click Yes. -
Page 77: Manually Activating Free Space Bleaching
Files that are successfully shredded or bleached do not appear in the log files. One log file is created for shred operations, and another log file is created for free space bleaching operations. Both log files are located on the hard drive at: ● C:\Program Files\Hewlett-Packard\File Sanitizer\[Username]_ShredderLog.txt ● C:\Program Files\Hewlett-Packard\File Sanitizer\[Username]_DiskBleachLog.txt General tasks... -
Page 78: Device Access Manager For Hp Protecttools (Select Models Only)
10 Device Access Manager for HP ProtectTools (select models only) Windows® operating system administrators use Device Access Manager for HP ProtectTools to control access to the devices on a system and to protect against unauthorized access: ● Device profiles are created for each user to define the devices that they are allowed or denied permission to access. -
Page 79: Setup Procedures
Setup Procedures Opening Device Access Manager To open Device Access Manager, follow these steps: Click Start, click All Programs, click HP, and then click HP ProtectTools Administrative Console. In the left pane, click Device Access Manager. Configuring device access Device Access Manager for HP ProtectTools offers three views: ●... -
Page 80: Starting Background Service
NOTE: In order to use this view to read device access information, the user or group must be granted "read" access in the User Access Settings view. In order to use this view to modify device access information, the user or group must be granted "change" access in the User Access Settings view. ●... -
Page 81: Device Class Configuration
Stopping the Device Locking/Auditing service does not stop the device locking. Two components enforce device locking: ● Device Locking/Auditing service ● DAMDrv.sys driver Starting the service starts the device driver, but stopping the service does not stop the driver. To determine whether the background service is running, open a command prompt window, and then type sc query flcdlock. -
Page 82: Denying Access To A User Or Group
The same user, the same group, or a member of the same group can be denied write access or read+write access only for the same device or a device below this device in the device hierarchy. Example 3—If a user or group is allowed read access for a device or class of devices: The same user, the same group, or a member of the same group can be denied read access or read+write access only for the same device or a device below this device in the device hierarchy. -
Page 83: Allowing Access For A User Or A Group
Allowing access for a user or a group To grant permission for a user or a group to access a device or a class of devices, follow these steps: In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and then click Device Class Configuration. -
Page 84: Allowing Access To A Class Of Devices For One User Of A Group
Allowing access to a class of devices for one user of a group To allow a user to access a class of devices while denying access to all other members of that user's group, follow these steps: In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and then click Device Class Configuration. - Page 85 To reset the configuration settings to the factory values, follow these steps: In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and then click Device Class Configuration. Click the Reset button. Click Yes to confirm. Click the Save icon. Setup Procedures...
-
Page 86: Advanced Tasks
Advanced tasks Controlling access to the configuration settings In the User Access Settings view, administrators specify the groups or users who are allowed to use the Simple Configuration and the Device Class Configuration pages. NOTE: A user or group must have "Full User Administrator rights" in order to modify the settings in the User Access Settings view. -
Page 87: Denying Access To An Existing Group Or User
Denying access to an existing group or user To deny permission for an existing group or user to view or change the configuration settings, follow these steps: In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and then click User Access Settings. -
Page 88: 11 Lojack Pro For Hp Protecttools
11 LoJack Pro for HP ProtectTools Computrace LoJack Pro, powered by Absolute Software (purchased separately), addresses the growing problem of computers that are lost or stolen. Activating this software enables the Computrace agent, which remains active in your computer even if the hard drive is reformatted or replaced. -
Page 89: 12 Troubleshooting
12 Troubleshooting HP ProtectTools Security Manager Short description Details Solution Smart cards and USB In order to use smart cards or USB Log on to Password Manager. tokens are not available in tokens in Secuirty Manager, the In HP ProtectTools Security Manager, click Password Security Manager if supporting software (drivers, PKCS#11 Manager, click Credentials, and then click Smart Card... - Page 90 Short description Details Solution Password Manager does If the Single Sign On credentials for HP is researching a workaround for future product not recognize the Remote Desktop Connection (RDP) are enhancements. Connect button on set to Connect, when Single Sign On is screen.
-
Page 91: Device Access Manager For Hp Protecttools
Device Access Manager for HP ProtectTools Users have been denied access to devices within Device Access Manager, but the devices are still accessible. ● Explanation—Simple Configuration and/or Device Class Configuration have been used within Device Access Manager to deny users access to devices. Despite being denied access, users can still access the devices. - Page 92 ◦ One workaround is to deny the Users group at the DVD/CD-ROM Drives level and to allow the Administrators group at the level below DVD/CD-ROM Drives. ◦ An alternate workaround is to create specific Windows groups, one for allowing access to DVD/CD and one for denying access to DVD/CD.
-
Page 93: Miscellaneous
Miscellaneous Software Impacted— Details Solution Short description Security Manager— All security applications such as Java The Security Manager software must be installed Warning received: The Card Security and biometrics are before installing any security plug-in. security application can extendable plug-ins for the Security not be installed until the Manager interface. -
Page 94: Glossary
Glossary activation The task that must be completed before any of the Drive Encryption features are accessible. Drive Encryption is activated using the HP ProtectTools Setup Wizard. Only an administrator can activate Drive Encryption. The activation process consists of activating the software, encrypting the drive, creating a user account, and creating the initial backup encryption key on a removable storage device. - Page 95 decryption Procedure used in cryptography to convert encrypted data into plain text. device access control policy The list of devices for which a user is allowed or denied access. device class All devices of a particular type, such as drives. digital certificate Electronic credentials that confirm the identity of an individual or a company by binding the identity of the digital certificate owner to a pair of electronic keys that are used to sign digital information.
- Page 96 Live Messenger History Viewer A Privacy Manager Chat component that allows you to search for and view encrypted chat history sessions. logon An object within Security Manager that consists of a user name and password (and possibly other selected information) that can be used to log on to Web sites or other programs. manual shred Immediate shredding of an asset or selected assets, which bypasses the automatic shred schedule.
- Page 97 simple delete Deletion of the Windows reference to an asset. The asset content remains on the hard drive until obscuring data is written over it by free space bleaching. Single Sign On Feature that stores authentication information and allows you to use the Security Manager to access Internet and Windows applications that require password authentication.
-
Page 98: Index
Index chat history, viewing 56 defining aborting a shred or bleach chatting in the Communications which assets to confirm before operation 69 window 55 deleting 66 access configuration which assets to confirm before allowing 75 controlling access 78 shredding 66 controlling 70 device class 73 denying access 74... - Page 99 managing Drive Encryption 39 Drive Encryption for HP opening 36 ID card 32 ProtectTools 36 File Sanitizer for HP ProtectTools 64 e-mail message Java Card Security for HP HP ProtectTools Administrative Sealing for Trusted ProtectTools, PIN 5 Console 9 Contacts 50 HP ProtectTools Security signing 49 Manager 26...
- Page 100 opening 42 General tab 20 Privacy Manager icon 30 Windows Live Messenger, Certificate 42 Setup Wizard 8, 24 chatting 55 security login methods 41 shred cycle 65 Windows Logon password 6 setup procedures 42 signing Wizard system requirements 41 e-mail message 49 HP ProtectTools Setup 8 protecting assets from automatic Microsoft Office document 51...