Manualshelf

HP ProtectTools security software 2011 - Technical white paper

ManualsBrandsHP ManualsDesktopsHP ProBook 6460b Notebook PC
11121314151617181920
Drive Encryption for HP ProtectTools
Drive Encryption is a full volume encryption (FVE) solution that encodes all information on the hard
drive volume so it becomes unreadable to an unauthorized person. FVE is currently the preferred
way to protect data on a hard drive. With Drive Encryption, you can encrypt or decrypt individual
drives, create backup keys, and perform a recovery (Figure 10).
Figure 10. Drive Encryption for HP ProtectTools
Drive Encryption for ProtectTools is based on McAfee endpoint protection technology. McAfee is a
leading provider of powerful encryption and strong access control software that seamlessly integrates
with existing standards-based enterprise systems.
The hard drive on a new HP Business notebook is unencrypted. The encryption process can be
activated by launching HP ProtectTools Security Manager and selecting Drive Encryption for HP
ProtectTools. Drive encryption is supported on SATA disk drives in the internal drive bay or docking
station. Drive encryption is also supported on external SATA and eSATA drives. Self-encrypting drives
(SEDs) meeting Trusted Computing Group’s (TCG) OPAL specification for self-encrypting drive
management can be encrypted using either software encryption with HP Drive Encryption, or
hardware encryption using the SED self-encryption function. Only one encryption method can be
selected for the drive.
Before a hard drive can be encrypted, Drive Encryption for HP ProtectTools requires that the
encryption key be backed up. This is a quick and simple process, and only requires access to a USB
flash drive. The key backup ensures that if the password is ever forgotten, it can be reset using the
backed-up key on the USB flash drive.
The hard drive encryption process is transparent and works in the background. The time it takes to
encrypt the entire drive will depend on the size of the partition and how the notebook is being
used. However, while the drive is being encrypted, the user can continue to work normally. If the
notebook is shutdown during encryption, encryption will continue upon system restart.