Manualshelf

HP PC Commercial BIOS (UEFI) Setup Administration Guide For Commercial Platforms using HP BIOSphere Gen 3-5 2016 -2019 Technical Whitepaper

ManualsBrandsHP ManualsDesktopsHP EliteBook x360 1020 G2
11121314151617181920
HP PC Commercial BIOS (UEFI) Setup
June 2019
919946-004
© Copyright 2016-2019 HP Development Company, L.P.
4 Security Menu 19
Feature
Type
Description
Default
Notes
Secure Platform
Management (SPM)
Menu
Options for managing HP Sure Run and HP Sure
Recover
Physical Presence
Interface
Enable or disable the local prompt to confirm that a
sensitive setting change was requested by the user.
Checked
Smart Cover
Menu
Controls settings for Cover Lock and Cover Sensor on
desktop models.
Desktop
Trusted Execution
Technology (TXT)
Setting
When checked, enables Trusted Execution
Technology on select Intel-based systems.
NOTE: Enabling this feature disables OS management
of Embedded Security Device, prevents a reset of the
Embedded Security Device, and constrains the
configuration of VTx, VTd, and Embedded Security
Device
Unchecked
Intel Only
Reboot
Required
Intel Software Guard
Extensions (SGX)
Setting
Enables Intel Software Guard Extensions. The
following settings are possible:
Disable
Enable
Software control (2016 or later)
Software
control
or
Disable (non-
vPro & 2015)
Intel Only
Hard Drive Utilities
Menu
Utilities to protect private information on individual
hard drives: Drive Lock and Secure Erase.
Absolute Persistence
Module
Label
A subscription service that provides PC theft recovery,
tracking and data delete solutions
Activation Status
Display
Only
The subscription status can be inactive, active, or
permanently disabled.
Inactive
Absolute Persistence
Module Permanent
Disable
Display
Only
Shows current state of the Absolute Persistence
module (Yes = disabled, No = available).
No
System Management
Command
Setting
When checked, allows authorized HP service
personnel in possession of the PC to reset security
settings in case of a customer service event. For
customers that require more BIOS security, uncheck
this to prevent this type of HP service command.
NOTE: If BIOS password is lost and this option is
disabled, HP authorized personnel cannot remove a
lost password.
Checked
Reboot
Required
Restore Security Settings
to Default
Action
Apply factory defaults to all security settings.
NOTE: Escaping (ESC) at the Reset Request screen will
leave settings as they were except for the
Administrator & Power-on passwords which are still
cleared.
Reboot
Required