User's Manual

ManualsBrandsHP ManualsComputersdc73

Achieving key security objectives

The HP ProtectTools modules can work together to provide solutions for a variety of security issues,

including the following key security objectives:

●

Protecting against targeted theft

●

Restricting access to sensitive data

●

Preventing unauthorized access from internal or external locations

●

Creating strong password policies

Protecting against targeted theft

An example of this type of incident would be the targeted theft of a computer containing confidential

data and customer information in a cubicle or open environment. The following features help protect

against targeted theft:

●

The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See

the following procedures:

◦

“

Enabling and disabling smart card power-on authentication support on page 46”

◦

“

Enabling and disabling power-on authentication support for Embedded Security

on page 47”

◦

“

Assigning a name to a Java Card on page 39”

◦

“

Drive Encryption for HP ProtectTools on page 52”

●

DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and

installed into an unsecured system. See “

Enabling and disabling DriveLock hard drive protection

on page 48.”

●

The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools

module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See

the following procedures:

◦

Embedded Security “

Setup procedures on page 28”

◦

“

Using the Personal Secure Drive on page 31”

Restricting access to sensitive data

Suppose a contract auditor is working onsite and has been given computer access to review sensitive

financial data; you do not want the auditor to be able to print the files or save them to a writeable device

such as a CD. The following feature helps restrict access to data:

●

The DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and

installed into an unsecured system. See “

Enabling and disabling DriveLock hard drive protection

on page 48.”

Preventing unauthorized access from internal or external locations

If a PC containing confidential data and customer information is accessed from an internal or external

location, unauthorized users may be able to gain entry to corporate network resources or data from

4 Chapter 1 Introduction to security ENWW