Achieving key security objectives
The HP ProtectTools modules can work together to provide solutions for a variety of security issues,
including the following key security objectives:
●
Protecting against targeted theft
●
Restricting access to sensitive data
●
Preventing unauthorized access from internal or external locations
●
Creating strong password policies
●
Addressing regulatory security mandates
Protecting against targeted theft
An example of this type of incident would be the targeted theft of a computer containing confidential
data and customer information at an airport security checkpoint. The following features help protect
against targeted theft:
●
The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See
the following procedures:
◦
Credential Manager
◦
Embedded Security
◦
Drive Encryption
●
DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and
installed into an unsecured system.
●
The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools
module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See
the following procedures:
◦
Embedded Security
◦
"Using the Personal Secure Drive on page
Restricting access to sensitive data
Suppose a contract auditor is working onsite and has been given computer access to review sensitive
financial data; you do not want the auditor to be able to print the files or save them to a writeable device
such as a CD. The following features help restrict access to data:
●
Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable
devices so sensitive information cannot be printed or copied from the hard drive onto removable
media. See
●
DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and
installed into an unsecured system.
Preventing unauthorized access from internal or external locations
Unauthorized access to an unsecured business PC presents a very tangible risk to corporate network
resources such as information from financial services, an executive, or R&D team, and to private
6
Chapter 1 Introduction to security
"Setup procedures on page
"Device class configuration (advanced) on page
68"
71"
79."