Hp Compaq dc7900 Small Form Factor PC Manual do Utilizador

HP ProtectToolsUser Guide

x ENWW

MiscellaneousSoftware Impacted—Short descriptionDetails SolutionSecurity Manager—Warning received: Thesecurity application cannot be installed until t

Software Impacted—Short descriptionDetails SolutionHP ProtectTools SecurityManager—Intermittently,an error is returned whenclosing the SecurityManager

Software Impacted—Short descriptionDetails SolutionSecurity Power-OnAuthentication overlapsthe BIOS Password duringboot sequence.Power-On Authenticati

Glossaryactivation. The task that must be completed before any of the Drive Encryption features are accessible. DriveEncryption is activated using the

cryptography. Practice of encrypting and decrypting data so that it can be decoded only by specific individuals.decryption. Procedure used in cryptogr

power-on authentication. Security feature that requires some form of authentication, such as a Java Card,security chip, or password, when the computer

Trusted Contact list. A listing of Trusted Contacts.Trusted Contact recipient. A person who receives an invitation to become a Trusted Contact.Trusted

IndexAaccesscontrolling 78preventing unauthorized 5accessing HP ProtectToolsSecurity 4accountbasic user 73adding users 15administrator tasksCredential

disablingEmbedded Security 76Embedded Security,permanently 76Java Card power-onauthentication 66Drive Encryption forHP ProtectToolsactivating 32activa

Oobjectives, security 4owner passwordchanging 76definition 8setting 73PpasswordBasic User Key 75BIOS administrator 68changing owner 76emergency recove

1 Introduction to securityHP ProtectTools Security Manager for Administrators software provides security features that helpprotect against unauthorize

restore wizard 18restrictingaccess to sensitive data 5device access 78SsecurityBIOS Configuration forHP ProtectTools 69key objectives 4levels 11loggin

HP ProtectTools featuresThe following table details the key features of HP ProtectTools modules:Module Key featuresHP ProtectTools Security Manager fo

Module Key featuresBIOS Configuration for HP ProtectTools●BIOS Configuration provides access to power-on user andadministrator password management.●BI

Accessing HP ProtectTools SecurityTo access HP ProtectTools Security Manager for Administrators from Windows® Control Panel:▲In Windows Vista®, click

Protecting against targeted theftAn example of this type of incident would be the targeted theft of a computer or its confidential data andcustomer in

information such as patient records or personal financial records. The following features help preventunauthorized access:●The pre-boot authentication

Additional security elementsAssigning security rolesIn managing computer security (particularly for large organizations), one important practice is to

HP ProtectTools password Set in this HP ProtectToolsmoduleFunctionNOTE: Also known as:Emergency Recovery Token KeypasswordOwner password Embedded Secu

Creating a secure passwordWhen creating passwords, you must first follow any specifications that are set by the program. Ingeneral, however, consider

© Copyright 2008 Hewlett-PackardDevelopment Company, L.P. Theinformation contained herein is subject tochange without notice.Microsoft, Windows, and W

2 HP ProtectTools Security Manager forAdministratorsAbout HP ProtectTools Security Manager forAdministratorsHP ProtectTools Security Manager for Admin

Getting Started - Configuring HP ProtectTools SecurityManager for AdministratorsThe Getting Started setup wizard allows a Windows administrator to est

5. One or more of the following pages will be displayed, depending on the levels of security you chosein step 4.●Protect your Windows account - The Wi

8. Depending on the security login method(s) you chose in step 6, one or more of the following pageswill be displayed. Follow the on-screen instructio

7. On the “Set Security Login Methods” page, click Next.8. On the “Review and Enable Security Settings” page, click Enable.9. Depending on the securit

Administrator Tools - Managing users (administratortask)Windows administrators can add and remove HP ProtectTools users and view user status using the

4. Select the Administrator or User tab.5. Click the user name for the account you want to remove, and then click Remove.NOTE: You cannot remove an ad

Using the Backup wizard1. In Security Manager, click Backup and Restore, and then click Backup Options to start theBackup wizard.2. Clear the Show Wel

3. Click Remember all passwords and authentication values to configure the system to securelycache (save) passwords, which enables unattended backups.

To select modules to restore:1. Select the check box at the beginning of each row to add the associated module to the restore list.Click the Select Al

About This BookThis guide provides basic information for upgrading this computer model.WARNING! Text set off in this manner indicates that failure to

3 Credential Manager forHP ProtectToolsCredential Manager for HP ProtectTools protects against unauthorized access to your computer usingthe following

Using the Credential Manager Logon WizardTo log on to Credential Manager using the Credential Manager Logon Wizard, use the following steps:1. Open th

Registering a Smart Card or TokenA smart card is a plastic card about the size of a credit card with an embedded microchip that can beloaded with info

General tasksAll users have access to the “My Identity” page in Credential Manager. From the “My Identity” page, youcan perform the following tasks:●C

3. On the Device Type dialog box, click the desired type of device, and then click Next.4. Select the token for which you want to change the PIN, and

5. Select More, and then click Wizard Options.a. If you want this to be the default user name the next time that you log on to the computer,select the

Using manual (drag and drop) registration1. In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then clickServices a

To export an application:1. In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then clickServices and Applications

NOTE: You must authenticate your identity before viewing the password.5. Follow the on-screen instructions.6. Click OK.Using Application ProtectionThi

Changing restriction settings for a protected application1. Click Application Protection, and then click Manage Protected Applications.2. Select a cat

iv About This Book ENWW

4. Click the credential type you want to modify. You can modify the credential using one of thefollowing choices:●To register the credential, click Re

NOTE: Selecting the Use Credential Manager to log on to Windows check box allows you to lockyour computer. See Locking the computer (workstation) on p

4 Drive Encryption for HP ProtectToolsCAUTION: If you decide to uninstall the Drive Encryption module or if you are using a backup andrestore solution

Advanced tasksManaging Drive Encryption (administrator task)The “Encryption Management” page allows Windows administrators to view and change the stat

The encryption key is saved on the storage device you selected.5. Click OK when the confirmation dialog box opens.Registering for online recoveryThe O

Managing an existing online recovery accountAfter you create an online recovery account, you can access the SafeBoot Recovery Service Web siteto recov

NOTE: This section describes how to perform an online recovery when you have access to a differentcomputer with an Internet connection. If you do not

5 Privacy Manager for HP ProtectToolsPrivacy Manager is a tool used to obtain Certificates of Authority, which verify the source, integrity, andsecuri

Setup proceduresManaging Privacy Manager CertificatesManager Certificates protect data and messages using a cryptographic technology called public key

6. Authenticate using your chosen security logon method.7. If you choose to begin the Trusted Contact invitation process, follow the on-screen instruc

Table of contents1 Introduction to securityHP ProtectTools features ...

To delete a Privacy Manager Certificate:1. Open Privacy Manager, and click Certificate Manager.2. Click the Privacy Manager Certificate you want to de

Adding Trusted Contacts1. You send an e-mail invitation to a Trusted Contact recipient.2. The Trusted Contact recipient responds to the e-mail.3. You

Adding Trusted Contacts using your Microsoft Outlook address book1. Open Privacy Manager, click Trusted Contacts Manager, and then click Invite Contac

Checking revocation status for a Trusted Contact1. Open Privacy Manager, and click Trusted Contacts Manager.2. Click a Trusted Contact.3. Click the Ad

Privacy Manager allows you to add a signature line when you sign a Microsoft Word or Microsoft Exceldocument:1. In Microsoft Word or Microsoft Excel c

To sign the document:1. Double-click the appropriate signature line.2. Authenticate using your chosen security logon method.The signature line will be

To send a sealed e-mail with an attached signed and/or encrypted Microsoft Office document, followthese steps:1. In Microsoft Outlook, click New or Re

Signing and sending an e-mail message▲In Microsoft Outlook, click New or Reply.▲Type your e-mail message.▲Click the down arrow next to Send Securely,

NOTE: In order to use Privacy Manager Chat, both parties must have Privacy Manager and a PrivacyManager Certificate installed. For details about insta

●Are you there?–Click this button to request authentication from your contact.●Lock–Click this button to close the Privacy Manager Chat window and ret

Settings ...

Revealing a session displays the decrypted Contact Screen Name for the currently selected session.1. In the Chat History Viewer, right-click any sessi

To remove columns from the display:1. Right-click on any column heading, and then select Add/Remove Columns.2. Select a column heading in the right pa

Advanced tasksMigrating Privacy Manager Certificates and Trusted Contacts to a differentcomputerYou can securely migrate your Privacy Manager Certific

6File Sanitizer for HP ProtectToolsFile Sanitizer is a tool that allows you to securely shred assets (personal information or files, historicalor Web-

Setup proceduresOpening File SanitizerTo open File Sanitizer:1. Click Start, click All Programs, and then click HP ProtectTools Security Manager forAd

4. Under Shred the following, select the check box next to each asset that you want to confirm beforeshredding.5. Click Apply, and then click OK.Custo

NOTE: It is highly recommended that you run free space bleaching regularly if you use the simpledelete option.1. Open File Sanitizer, click Settings,

Setting a free space bleaching scheduleNOTE: Free space bleaching is for those assets that you delete using the Windows Recycle Bin or formanually del

3. Select the assets you want to shred:a. Under Available shred options, click an asset, and then click Add.b. To add a custom asset, click Add Custom

NOTE: Only file extensions can be excluded from deleting. For example, if you add the .BMP fileextension, all files with the .BMP extension will be ex

General tasks ... 32

Manually shredding one assetCAUTION: Shredded assets cannot be recovered. Carefully consider which items you select formanual shredding.1. Right-click

Aborting a shred or free space bleaching operationWhen a shred or free space bleaching operation is in progress, a message above the HP ProtectToolsSe

7 Java Card Security for HP ProtectToolsJava Card Security for HP ProtectTools manages the Java Card setup and configuration for use withthe HP Smart

6. Type a new PIN in the New PIN box, and then type the PIN again in the Confirm New PIN box.7. Click OK.Selecting the card readerBe sure that the cor

Assigning a name to a Java CardYou must assign a name to a Java Card before it can be used for power-on authentication.To assign a name to a Java Card

Enabling Java Card power-on authentication and creating an administrator Java CardTo enable Java Card power-on authentication:1. Select Start > All

Creating a user Java CardNOTE: Power-on authentication and an administrator card must be set up in order to create a userJava Card.To create a user Ja

8 BIOS Configuration forHP ProtectToolsBIOS Configuration for HP ProtectTools provides access to the Computer Setup utility security andconfiguration

General tasksBIOS Configuration allows you to manage various computer settings that would otherwise be accessibleonly by pressing F10 at startup to en

Viewing or changing settingsTo view or change configuration settings:1. Click one of the BIOS Configuration pages.2. Make your changes, and then click

6 File Sanitizer for HP ProtectToolsSetup procedures ...

●DriveLock Security●System Security (some models)●Setup Security LevelNOTE: For more information on Security options, refer to the Computer Setup (F10

9 Embedded Security forHP ProtectToolsNOTE: The integrated Trusted Platform Module (TPM) embedded security chip must be installed inyour computer to u

Setup proceduresCAUTION: To reduce security risk, it is highly recommended that your IT administrator immediatelyinitialize the embedded security chip

Initializing the embedded security chipIn the initialization process for Embedded Security, you will perform the following tasks:●Set an owner passwor

General tasksAfter the basic user account is set up, you can perform the following tasks:●Encrypting files and folders●Sending and receiving encrypted

Changing the Basic User Key passwordTo change the Basic User Key password:1. Click Start, click All Programs, and then click HP ProtectTools Security

Changing the owner passwordTo change the owner password:1. Click Start, click All Programs, and then click HP ProtectTools Security Manager forAdminis

Migrating keys with the Migration WizardMigration is an advanced administrator task that allows the management, restoration, and transfer ofkeys and c

10 Device Access Manager forHP ProtectToolsThis security tool is available to administrators only. Device Access Manager for HP ProtectTools hasthe fo

Device class configuration (advanced)More selections are available to allow specific users or groups of users to be granted or denied accessto types o

Power ...

11 TroubleshootingCredential Manager for HP ProtectToolsShort description Details SolutionUsing the CredentialManager NetworkAccounts option, a userca

Short description Details SolutionWindows password from CredentialManager, the administrator gets an errorlogon failure: User account restriction.loca

Short description Details SolutionHP is investigating resolution options for futurecustomer software releases.The security RestoreIdentity process los

Embedded Security for HP ProtectToolsShort description Details SolutionEncrypting folders,subfolders, and files onPSD causes an errormessage.If the us

Short description Details SolutionErrors occur after a powerloss interrupts EmbeddedSecurity initialization.If there is a power loss during theinitial

Short description Details SolutionAn intermittent encryptand decrypt error occurs:The process cannotaccess the file becauseit is being used byanother

Short description Details SolutionSecure e-mail issupported, even whensecure e-mail is notspecified in the UserInitialization Wizard orwhen secure e-m

Short description Details Solutionand is not accessed by anotherprocess. The user must reboot thesystem in order to delete the PSD and itis not loaded

Short description Details SolutionAutomatic backup doesnot work with the mappeddrive.When an administrator sets upAutomatic Backup in EmbeddedSecurity

Device Access Manager for HP ProtectToolsShort description Details SolutionUsers have been deniedaccess to devices withinDevice Access Manager,but the