Manualshelf

A.05.80 HP Insight Remote Support Advanced and Remote Device Access Security Overview (October 2012)

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Advanced Software
11121314151617181920
Security Overview
Chapter 2: HP Insight Remote Support Advanced
HP Data Storage and Retention Policy
Customer data is stored in a physically secure data center located in Austin Texas, Houston Texas, or
Atlanta Georgia (USA). The data is stored across encrypted and unencrypted databases. Physical and
logical access to the systems hosting these databases is restricted to HP IT data center personnel and
HP Support teams.
Logical access to the above customer data is provided via a Web User Interface called the Application
Management Console (AMC), as well as HP’s Electronic Site Management Guide and the Internal HP
Storage Environment System. HP Support personnel request management approval to access this data
and are authenticated using their HP domain account (Domain\username & password) or their HP issued
X.509 digital certificate. The type of authentication required is determined by the type and classification of
the data held in the database. The database underlying the AMC UI application is encrypted.
The AMC and Storage Portal are available only within HP's intranet. The Electronic Site Management
Guide (eSMG) has both an internal (HP) and an external (Customer) user interface. Access within eSMG
is constrained by a unique customer identifier . This insures that information is only available to authorized
(and authenticated) users.
Data is kept for varying lengths of time: Mission Critical server data is kept for 6 months, warranty data is
kept for 1 week, SAN configuration information and event data is kept for 6 months. Hardware event
details are kept for 6 months.
Data Privacy
HP respects customer privacy and is committed to ensuring that all customer information is protected.
The personal information provided in the HP SIM and Insight Remote Support Advanced user interface
and any data collected by this tool or other associated tools and utilities will not be shared with third
parties. It may be shared with other HP entities or authorized support providers who provide support
services described in the Insight Remote Support documentation and who may be located in other
countries. HP entities and authorized support providers are required to keep confidential the information
received on behalf of HP and may not use it for any purpose other than to carry out the services they are
performing for HP. Our privacy practices are designed to provide protection for your personal information,
all over the world. See the HP Worldwide Privacy Statement at
http://welcome.hp.com/country/us/en/privacy/worldwide_privacy.html.
Communication Protocols
Secured Communication
These protocols are used either inside the customer’s intranet or over the Internet between the customer
and HP:
l ESP
Encapsulating Security Payload (ESP), or IP protocol 50, is a protocol header inserted into an IP
datagram to provide data encryption and authentication. Remote Device Access uses ESP in tunnel
mode to establish VPN connectivity.
l HTTPS
HP Insight Remote Support Advanced and Remote Device Access (A.05.80)Page 16 of 97