HP Slate 2 Tablet PC Base Model Guia de Início Rápido

HP ProtectToolsGetting Started

HP ProtectTools featuresThe following table details the key features of HP ProtectTools modules.Module Key featuresHP ProtectTools Administrative Cons

9Theft recoveryComputrace for HP ProtectTools (purchased separately) allows you to remotely monitor, manage,and track your computer.Once activated, Co

10 Embedded Security for HPProtectTools (select models only)NOTE: The integrated Trusted Platform Module (TPM) embedded security chip must be installe

Setup proceduresCAUTION: To reduce security risk, it is highly recommended that your IT administrator immediatelyinitialize the embedded security chip

Initializing the embedded security chipIn the initialization process for Embedded Security, you will perform the following tasks:● Set an owner passwo

Setting up the basic user accountSetting up a basic user account in Embedded Security accomplishes the following tasks:● Produces a Basic User Key tha

General tasksAfter the basic user account is set up, you can perform the following tasks:●Encrypting files and folders●Sending and receiving encrypted

Changing the Basic User Key passwordTo change the Basic User Key password:1. Click Start, click All Programs, click HP, and then click HP ProtectTools

Advanced tasksAdministrators can perform the following tasks in Embedded Security:●Backing up and restoring Embedded Security credentials, Embedded Se

Changing the owner passwordAdministrators can change the owner password:1. Click Start, click All Programs, click HP, and then click HP ProtectTools A

Migrating keys with the Migration WizardMigration is an advanced administrator task that allows the management, restoration, and transfer ofkeys and c

Module Key featuresPrivacy Manager for HP ProtectTools (select modelsonly)●Used to obtain Certificates of Authority, which verify the source,integrity

11 Localized password exceptionsAt the Preboot Security level and the HP Drive Encryption level, password localization support islimited, as described

Password changes using keyboard layout that is alsosupportedIf the password is initially set with one keyboard layout, such as U.S. English (409), and

Special key handling●Chinese, Slovakian, Canadian French and CzechWhen a user selects one of the preceding keyboard layouts and then enters a password

Language Windows BIOS Drive EncryptionCzech◦The ğ key is rejected.◦ The į key is rejected.◦The ų key is rejected.◦The ė, ı, and ż keysare rejected.◦ T

What to do when a password is rejectedPasswords can be rejected for the following reasons:●A user is using an IME that is not supported. This is a com

GlossaryactivationThe task that must be completed before any of the Drive Encryption features are accessible. Drive Encryption isactivated using the H

The means by which a user proves eligibility for a particular task in the authentication process.cryptographic service provider (CSP)A provider or lib

Encryption File System (EFS)A system that encrypts all files and subfolders within the selected folder.fingerprintA digital extraction of your fingerp

Personal secure drive, which provides a protected storage area for sensitive information.rebootThe process of restarting the computer.restoreA process

suggested signerA user who is designated by the owner of a Microsoft Word or Microsoft Excel document to add a signature lineto the document.tokenSee

HP ProtectTools security product description andcommon use examplesMost of the HP ProtectTools security products have both user authentication (usuall

IndexAaborting a shred or bleachoperation 78accesscontrolling 79preventing unauthorized 8account, basic user 96activatingDrive Encryption for self-enc

revoking 56setting a default 55setting up 54viewing details 55Drive Encryption for HPProtectToolsactivating 44backup and recovery 50deactivating 44dec

Microsoft Word, adding signatureline 62Oobjectives, security 8openingDevice Access Manager for HPProtectTools 80File Sanitizer for HPProtectTools 71op

Ttheft recovery 92theft, protecting against 8third-party certificate, importing54TPM chipenabling 94initializing 95Trusted Contactsadding 57backing up

Both Embedded Security for HP ProtectTools and Drive Encryption for HP ProtectTools do not allowaccess to the encrypted data even when the drive is re

Privacy Manager for HP ProtectToolsPrivacy Manager for HP ProtectTools is used when Internet e-mail communications need to besecured. The user can cre

resist password attacks where someone would attempt to guess the decryption password. EmbeddedSecurity can also encrypt the entire drive and e-mail.Ex

Achieving key security objectivesThe HP ProtectTools modules can work together to provide solutions for a variety of security issues,including the fol

private information such as patient records or personal financial records. The following features helpprevent unauthorized access:●The pre-boot authen

Additional security elementsAssigning security rolesIn managing computer security (particularly for large organizations), one important practice is to

HP ProtectTools password Set in the followingmoduleFunctionOwner password Embedded Security, by ITadministratorProtects the system and the TPM chip fr

© Copyright 2011 Hewlett-PackardDevelopment Company, L.P.Bluetooth is a trademark owned by itsproprietor and used by Hewlett-PackardCompany under lice

Creating a secure passwordWhen creating passwords, you must first follow any specifications that are set by the program. Ingeneral, however, consider

2 Getting started with the Setup WizardThe Security Manager Setup Wizard guides you through enabling available security features that areapplied to al

– or –Click Start, click All Programs, click HP, and then click HP ProtectTools AdministrativeConsole. In the left pane, click Setup Wizard.2. Read th

3 HP ProtectTools Security ManagerAdministrative ConsoleHP ProtectTools Security Manager software provides security features that help protect against

Opening HP ProtectTools Administrative ConsoleFor administrative tasks, such as setting system policies or configuring software, open the console asfo

Using Administrative ConsoleHP ProtectTools Administrative Console is the central location for administering HP ProtectToolsSecurity Manager features

Configuring your systemThe System group is accessed from the menu panel on the left side of HP ProtectToolsAdministrative Console. You can use the app

Session PolicyTo define policies governing the credentials required to access HP ProtectTools applications during aWindows session:1. In the left pane

CredentialsWithin the Credentials application, you can specify settings available for any built-in or attachedsecurity devices recognized by HP Protec

Smart cardIf a smart card reader is installed or connected to the computer, the Smart card page has two tabs:●Settings—Configure the computer to autom

Table of contents1 Introduction to security ...

Configuring your applicationsYou can use Settings to customize the behavior of currently installed HP ProtectTools SecurityManager applications.To edi

4 HP ProtectTools Security ManagerHP ProtectTools Security Manager allows you to significantly increase the security of your computer.You can use prel

Opening Security ManagerYou can open Security Manager in any of the following ways:●Click Start, click All Programs, click HP, and then click HP Prote

Using the Security Manager dashboardThe Security Manager dashboard is the central location for easy access to Security Managerfeatures, applications,

Security Applications StatusYou can view the status of your installed security applications in two locations:●HP ProtectTools desktop gadgetThe banner

My LogonsThe applications included in this group assist you in managing various aspects of your digital identity.●Password Manager—Creates and manages

For Web pages or programs where a logon has already been createdThe following options are displayed on the context menu:●Fill in logon data—Places you

The plus sign is removed from the Password Manager icon to notify you that the logon hasbeen created.f. If Password Manager does not detect the logon

●To view the password for this logon, click Show password.●To have the logon fields filled in, but not submitted, clear the Automatically submit logon

Your logons are listed on the Manage tab. If multiple logons have been created for the same Website, each logon is then listed under the Web site name

Managing users ... 19Credentials ...

To add a logon for a screen that has been previously excluded:◦While the previously excluded Web site logon or the program page is displayed, openthe

To register a VeriSign VIP token for a Web site:1. Log on to a VeriSign VIP-enabled Web site manually or with a Password Manager logon.2. Click the di

To change your Windows password, follow these steps:1. From the Security Manager dashboard, click Credential Manager, and then click Password.2. Enter

Setting up a smart cardAdministrators must initialize and register the smart card before it can be used for authentication.Initializing the smart card

Configuring the smart cardIf a smart card reader is installed or connected to the computer, the Smart card page has two tabs:● Settings—Configure the

5. Click the Camera icon, and then follow the on-screen instructions to enroll your scene.Follow the on-screen instructions, and be sure to look at yo

Once a PIN is created, you can select from the following options: Change, Reset,or Remove a PIN.●Use Bluetooth for additional security—Select this opt

Your personal ID cardYour ID card uniquely identifies you as the owner of this Windows account, showing your name and apicture of your choice. It is p

NOTE: The Fingerprint tab is available only if the computer has a fingerprint reader and the correctdriver is installed.●Quick Actions—Use Quick Actio

To restore your data:1. Open the Security Manager dashboard. For more information, refer to Opening SecurityManager on page 24.2. In the left panel of

5 Drive Encryption for HP ProtectTools (select models only) ... 42Opening Drive Enc

5 Drive Encryption for HP ProtectTools(select models only)Drive Encryption for HP ProtectTools provides complete data protection by encrypting your co

Opening Drive EncryptionAdministrators can access Drive Encryption from HP ProtectTools Administrative Console.1. Click Start, click All Programs, cli

General tasksActivating Drive Encryption for standard hard drivesStandard hard drives are encrypted using software encryption. Follow these steps to a

NOTE: If your computer does not have a self-encrypting drive meeting Trusted Computing Group'sOPAL specification for self-encrypting drive manage

5. Be sure that the Use hardware drive encryption check box is selected at the bottom of thescreen.6. Under Drives to be encrypted, select the check b

NOTE: In a hardware encryption scenario, be sure that the computer is turned off. If the computer isnot turned off and then restarted, the Drive Encry

Protect your data by encrypting your hard driveIt is highly recommended that you use the HP ProtectTools Security Manager Setup Wizard to protectyour

Advanced tasksManaging Drive Encryption (administrator task)Administrators can use the Settings page under Drive Encryption to view and change the sta

NOTE: Dynamic partitions are not supported. If a partition is displayed as available, but it cannot beencrypted when selected, the partition is dynami

6 Privacy Manager for HP ProtectTools(select models only)Privacy Manager for HP ProtectTools enables you to use advanced security login (authenticatio

Sealing and sending an e-mail message ... 61Viewing a sealed e-mail message ...

Opening Privacy ManagerTo open Privacy Manager:●To access Outlook-specific features in Microsoft Outlook, click Send Securely in the Privacygroup on t

Setup proceduresManaging Privacy Manager CertificatesPrivacy Manager Certificates protect data and messages using a cryptographic technology calledpub

Obtaining a preassigned Corporate Privacy Manager Certificate1. In Outlook, open the e-mail that you received indicating that a Corporate Certificate

3. Choose whether to import a certificate already installed on this computer or a certificate storedas a PFX (Personal Information Exchange/PKCS#12) f

NOTE: You are not required to use your default Privacy Manager Certificate. From within thevarious Privacy Manager functions, you can select any of yo

5. Authenticate using your chosen security login method.6. Follow the on-screen instructions.Managing Trusted ContactsTrusted Contacts are users with

NOTE: If you have not obtained a Privacy Manager Certificate, a message informs you thatyou must have a Privacy Manager Certificate in order to send a

Viewing Trusted Contact details1. Open Privacy Manager, and then click Trusted Contacts.2. Click a Trusted Contact.3. Click Contact details.4. When yo

General tasksYou can use Privacy Manager with the following Microsoft products:●Microsoft Outlook●Microsoft OfficeUsing Privacy Manager in Microsoft O

3. Click the down arrow next to Send Securely (Privacy in Outlook 2003), and then click Sign andSend.4. Authenticate using your chosen security login

8 Device Access Manager for HP ProtectTools (select models only) ... 79Opening Device Access Ma

Configuring Privacy Manager for Microsoft Office1. Open Privacy Manager, click Settings, and then click the Documents tab.– or –On the toolbar of a Mi

To add a suggested signer to a Microsoft Word or Microsoft Excel document:1. In Microsoft Word or Microsoft Excel, create and save a document.2. Click

4. Click the name of a Trusted Contact who will be able to open the document and view itscontents.NOTE: To select multiple Trusted Contact names, hold

When a signed Microsoft Office document is opened, a Digital Signatures icon is displayed in thestatus bar at the bottom of the document window.1. Cli

Advanced tasksMigrating Privacy Manager Certificates and Trusted Contacts to a differentcomputerYou can securely migrate your Privacy Manager Certific

Central administration of Privacy ManagerYour installation of Privacy Manager may be part of a centralized installation that has beencustomized by you

7 File Sanitizer for HP ProtectToolsFile Sanitizer allows you to securely shred assets (for example: personal information or files, historicalor Web-r

ShreddingShredding is different than a standard Windows® delete (also known as a simple delete in FileSanitizer). When you shred an asset using File S

Free space bleachingDeleting an asset in Windows does not completely remove the contents of the asset from your harddrive. Windows only deletes the re

Opening File Sanitizer1. Click Start, click All Programs, click HP, and then click HP ProtectTools Security Manager.2. Click File Sanitizer.– or –▲Dou

Migrating keys with the Migration Wizard ... 10111 Localized password exceptions

Setup proceduresSetting a shred scheduleYou can select a predefined shred profile or create your own shred profile. For more information, referto Sele

Selecting or creating a shred profileYou can specify an erasure method and select the assets to shred by selecting a predefined profile orby creating

To remove an asset from the available shred options, click the asset, and then click Delete.4. Selected items will be shredded, and a confirmation mes

4. To protect assets from automatic deleting:a. Under Do not delete the following, click Add, and then browse or type the path to the fileor folder.b.

General tasksYou can use File Sanitizer to perform the following tasks:●Use a key sequence to initiate shredding—This feature allows you to create a k

Using the File Sanitizer iconCAUTION: Shredded assets cannot be recovered. Carefully consider which items you select formanual shredding.1. Navigate t

– or –1. Open File Sanitizer, and then click Shred.2. Click the Shred now button.3. When the confirmation dialog box opens, click Yes.Manually activat

8 Device Access Manager for HPProtectTools (select models only)HP ProtectTools Device Access Manager controls access to data by disabling data transfe

Opening Device Access Manager1. Log in as an administrator.2. Click Start, click All Programs, click HP, and then click HP ProtectTools Administrative

Setup ProceduresConfiguring device accessHP ProtectTools Device Access Manager offers four views:● Simple Configuration—Allow or deny access to classe

1 Introduction to securityHP ProtectTools Security Manager software provides security features that help protect againstunauthorized access to the com

Starting the background serviceThe first time a new policy is defined and applied, the HP ProtectTools Device Locking/Auditingbackground service start

The Device Class Configuration view has the following sections:●Device List—Shows all the device classes and devices that are installed on the system

The same user, the same group, or a member of the same group can be denied writeaccess or read+write access only for the same device or a device below

Allowing access to a class of devices for one user of a groupTo allow a user to access a class of devices while denying access to all other members of

Removing settings for a user or a groupTo remove permission for a user or a group to access a device or a class of devices, follow thesesteps:1. In th

The JITA period can also be extended, if configured to do so. In this scenario, 1 minute before theJITA period is about to expire, users can click the

Disabling a JITA for a user or groupAdministrators can disable user or group access to devices using just-in-time authentication.1. In the left pane o

Advanced SettingsAdvanced Settings provides the following functions:●Management of the Device Administrators group●Management of drive letters to whic

3. Click OK.4. Click Apply.Alternative methods for managing membership of this group include:●For Windows 7 Professional or Windows Vista, users can b

◦Hard disk controller (HDC)◦Human interface device (HID) class●Power◦Battery◦Advanced power management (APM) support●Miscellaneous◦Computer◦Decoder◦Di