HP Client Security Getting Started
User view
When Device Permissions is selected, the User view is displayed. Depending on the policy,
standard users and administrators can view their own access for device classes or individual devices
on this computer.
●
Current user—The name of the user who is currently logged on is displayed.
●
Device Class—The types of devices are displayed.
●
Access—Your currently configured access to types of devices or specific devices is displayed.
●
Duration—The time limit for your access to CD/DVD-ROM drives or removable disk drives is
displayed.
●
Settings—Administrators can change which drives have access controlled by Device Access
Manager.
System view
On the System view, administrators can allow or deny access to devices on this computer for the
Users group or the Administrators group.
▲
Administrators can access the System view by clicking or tapping Change, entering an
Administrator password, and then selecting from the following options:
● Device Access Manager—To turn HP Device Access Manager with Just In Time Authentication
on or off, click or tap On or Off.
●
Users and groups on this PC—Displays the Users Group or Administrators group that are
allowed or denied access to the selected device classes.
●
Device Class—Displays the device classes and devices that are installed on the system or that
may have been installed on the system previously. To expand the list, click the + icon. All
devices connected to the computer are shown, and the Administrators and Users group are
expanded to show their membership. To refresh the list of devices, click the round arrow
(refresh) icon.
◦ Protection is usually applied for a device class. If access is set to Allow, the selected user
or group will be able to access any device in the device class.
◦
Protection can also be applied to specific devices.
◦ Configure Just In Time authentication (JITA), allowing selected users access to DVD/CD-
ROM drives or removable disk drives by authenticating themselves. For more information,
see
JITA configuration on page 42.
◦
Allow or deny access to other device classes, such as removable media (such as USB
flash drives), serial and parallel ports, Bluetooth® devices, modem devices, PCMCIA/
ExpressCard devices, 1394 devices, fingerprint reader, and smart card reader. If fingerprint
reader and smart card reader are denied, they can be used as authentication credentials,
but they cannot be used at Session policy level.
NOTE: If Bluetooth devices are used as authentication credentials, Bluetooth device
access should not be restricted in the Device Access Manager policy.
◦
When you select a setting at the Group or Device Class level, and you are asked whether
to apply the setting to the child objects:
Yes—The setting will propagate.
Opening Device Access Manager 41