HP Client Security Commercial Managed IT Software

ManualsBrandsHP ManualsDesktopsHP ProBook 650 G1 Notebook PC

5. For the use cases outlined in the DOD 5220.22-M Supplement. Traditional hard drives supported.

6. Windows required. When included, HP Trust Circles Standard allows up to 5 Trust Circles with up to 5 contacts in each Trust Circle.

HP Trust Circles Pro required for unrestricted number of Trust Circles and contacts. HP Trust Circles Reader is available to allow a

contact to participate in an invited Trust Circle. Available at http://hptc.cryptomill.com.

7. Requires initial setup and Microsoft Outlook and Microsoft Office. One year of service included. For users without HP Privacy

Manager, DigitalPersona Privacy Manager is required for sharing encrypted files and emails, and six months of service is included.

Users can use their own compatible digital certificate instead of offered service. No longer supported or provided on Business PCs

launched after September 2013.

8. For the methods outlined in the National Institute of Standards and Technology Special Publication 800-88. ElitePad 900 G1

support with BIOS F.03 and higher.

Table 2 Device Protection Security Features

Layer Device protection Description

BIOSphere HP Sure Start

HP Sure Start is the first and only self-healing technology solution

created to protect against Malware and Security attacks aimed at

the BIOS, developed in collaboration with HP Labs. Sure Start is a

hardware based solution that protects and recovers the BIOS Boot

Block regardless of the cause of corruption or compromise

assuring a virtually un-interrupted boot. Sure Start is independent

of CPU such that any virus or malware is not aware of Sure Start or

any of its components making this a technology not easily

susceptible to attacks.

HP BIOS Protection

Developed according to NIST SP 800-147 security guidelines, this

feature protects the BIOS from attacks. All BIOS updates are

checked for a proper cryptographic signature. If this check fails,

the platform will refuse the update.

• If malware is able to circumvent this process, and malicious

code is detected, the BIOS repairs itself using a verified BIOS

copy that is stored in the system flash memory or in the

HP_Tools partition. Otherwise, the system does not boot

and emits a particular LED code. Users can recover manually

by flashing the BIOS from a USB storage device.

Pre-boot Security Built-in security features such as BIOS security, port control,

communications device control, boot options, and Absolute

Persistence module.

Absolute Persistence

(See Absolute Data Protect

(ADP) on page 31)

Once subscribed and activated to supported Absolute services

(purchased separately), the Persistence Module ensures that

activated Absolute software services, like Computrace have their

agent replaced in Windows, if it is ever removed. For more

information visit http://www.absolute.com/ .

Master Boot Record Security Backup and then restore your MBR if it gets compromised.

Business Desktops BIOS can additionally lock the MBR so that it

cannot be written to while locked.

Software-based HP Device Access Manager

with Just in Time

Authentication

(See HP Device Access

Manager (HPDAM) on page

19)

Provides advanced security options to selectively block ports,

connections, and storage devices that can compromise the

security of your PC or your network.

• Allows an Administrator to define which users or groups

have access to which devices that are connected to or

integrated into the PC.

• Prevents someone from walking up to your unlocked PC and

taking data off your computer onto a USB Drive

• Just In Time Authentication allows data transfer to

Removable Storage (ex. USB Drives) or Optical Disk Drives

for a brief period of time only after the user validates their

identity.

Absolute Data Protect

Enables you to manage your PC remotely with remote Find, Lock,

or file Erase.