HP Compaq tc4400 Base Model Tablet PC Manuale Utente

HP ProtectToolsGetting Started

HP ProtectTools password Set in this HP ProtectToolsmoduleFunctionEmergency Recovery TokenpasswordNOTE Also known as:Emergency RecoveryToken Key passw

Creating a secure passwordWhen creating passwords, you must first follow any specifications that are set by the program. Ingeneral, however, consider

2 Smart Card Security for HPProtectToolsSmart Card Security for HP ProtectTools manages the smart card setup and configuration for computersequipped w

Initializing the smart cardYou must initialize the smart card before using it.To initialize the smart card:1. Insert the smart card into the reader.2.

Smart card BIOS security modeWhen enabled, smart card BIOS security mode requires you to use a smart card to start the computer.The process of enablin

Enabling smart card BIOS security mode and setting the smart cardadministrator passwordTo enable smart card BIOS security mode and set the smart card

Changing the smart card administrator passwordThe smart card administrator password is set as part of the process for enabling smart card BIOSsecurity

Setting and changing the smart card user passwordTo set or change the smart card user password:1. Select Start > All Programs > HP ProtectTools

Storing the administrator or user card passwordIf you want to create a backup card and have already set the administrator password, you can store thep

General tasksUpdating BIOS smart card settingsTo require a smart card PIN when you restart the computer:1. Select Start > All Programs > HP Prot

© Copyright 2007 Hewlett-PackardDevelopment Company, L.P.Microsoft and Windows are U.S. registeredtrademarks of Microsoft Corporation. Intel isa trade

Backing up and restoring smart cardsAfter you have initialized a smart card and the card is ready for use, it is highly recommended that youcreate a s

Restoring smart card dataYou can restore the smart card data from the recovery file. This is especially useful if a card was lost orstolen, or if you

Creating a backup smart cardIt is highly recommended that you create duplicate smart cards for backup purposes. Two methods canbe used to create a bac

3 Java Card Security for HP ProtectToolsJava Card Security for HP ProtectTools manages the Java Card setup and configuration for computersequipped wit

General tasksThe “General” page allows you to perform the following tasks:●Change a Java Card PIN●Select the smart card readerNOTE The smart card read

Advanced tasks (administrators only)The “Advanced” page allows you to perform the following tasks:●Assign a Java Card PIN●Assign a name to a Java Card

Assigning a name to a Java CardYou must assign a name to a Java Card before it can be used for power-on authentication.To assign a name to a Java Card

Enabling Java Card power-on authentication and creating an administrator Java CardTo enable Java Card power-on authentication:1. Select Start > All

Creating a user Java CardNOTE Power-on authentication and an administrator card must be set up in order to create auser Java Card.To create a user Jav

Backing up and restoring Java CardsAfter you have assigned power-on authentication identity to a Java Card, it is highly recommended thatyou create a

Table of contents1 IntroductionAccessing the HP ProtectTools Security Manager ...

Restoring Java Card dataYou can restore the Java Card data from the recovery file. This is especially useful if a card was lost orstolen, or if you wa

4 Embedded Security for HPProtectToolsNOTE The integrated Trusted Platform Module (TPM) embedded security chip must beinstalled in your computer to us

Setup proceduresCAUTION To reduce security risk, it is highly recommended that your IT administratorimmediately initialize the embedded security chip.

Initializing the embedded security chipIn the initialization process for Embedded Security, you will●Set an owner password for the embedded security c

Setting up the basic user accountSetting up a basic user account in Embedded Security●Produces a Basic User Key that protects encrypted information, a

General tasksAfter the basic user account is set up, you can perform the following tasks:●Encrypting files and folders●Sending and receiving encrypted

Changing the Basic User Key passwordTo change the Basic User Key password:1. Select Start > All Programs > HP ProtectTools Security Manager.2. I

Advanced tasksBacking up and restoringThe Embedded Security backup feature creates an archive that contains certification information to berestored in

Changing the owner passwordTo change the owner password:1. Select Start > All Programs > HP ProtectTools Security Manager.2. In the left pane, c

Migrating keys with the Migration WizardMigration is an advanced administrator task that allows the management, restoration, and transfer ofkeys and c

Creating a backup Java Card ... 244 Embedded Security for HP ProtectToolsSet

5 BIOS Configuration for HPProtectToolsBIOS Configuration for HP ProtectTools provides access to the Computer Setup utility security andconfiguration

General tasksBIOS Configuration allows you to manage various computer settings that would otherwise be accessibleonly by pressing f10 at startup and e

Enabling and disabling system configuration optionsNOTE Some of the items listed below may not be supported by your computer.To enable or disable devi

●Parallel port mode (standard, bidirectional, EPP, or ECP)●Data Execution Prevention●SATA Native Mode●Dual Core CPU●Automatic Intel® SpeedStep Functio

Advanced tasksManaging HP ProtectTools settingsSome of the features of HP ProtectTools Security Manager can be managed in BIOS Configuration.Enabling

Enabling and disabling power-on authentication support for Embedded SecurityEnabling this option allows the system to use the TPM embedded security ch

Enabling and disabling Automatic DriveLock hard drive protectionWhen this option is enabled, the DriveLock passwords will be automatically generated a

If you have set a setup password, you will be prompted for the password before opening the BIOSConfiguration portion of HP ProtectTools.NOTE After you

Changing the setup passwordTo change the Computer Setup setup password:1. Select Start > All Programs > HP ProtectTools Security Manager.2. In t

3. In the right pane, under Password Options, enable or disable Require password on restart.4. Click Apply, and then click OK in the HP ProtectTools w

Registering credentials ... 46Registering fingerpri

6 Credential Manager for HPProtectToolsCredential Manager for HP ProtectTools has security features that provide protection againstunauthorized access

Setup proceduresLogging on to Credential MangerDepending on the configuration, you can log on to Credential Manager in any of the following ways:●Cred

Logging on for the first timeBefore you begin, you must be logged on to Windows with an administrator account, but not logged onto Credential Manager.

Setting up the fingerprint reader1. After logging on to Credential Manager, swipe your finger across the fingerprint reader. TheCredential Manager Reg

5. Click the authentication method you want to register, and then click Next.6. Follow the on-screen instructions to complete the registration.Registe

General tasksAll users have access to the “My Identity” page in Credential Manager. From the “My Identity” page, youcan perform the following tasks:●C

5. Type your new password in the New password and Confirm password boxes.6. Click Finish.Changing a token PIN1. Select Start > All Programs > HP

Restoring an IdentityTo restore an identity:1. Select Start > All Programs > HP ProtectTools Security Manager.2. In the left pane, click Credent

Locking the computerThis feature is available if you log on to Windows using Credential Manager. To secure your computerwhen you are away from your de

Adding an account1. Select Start > All Programs > HP ProtectTools Security Manager.2. In the left pane, click Credential Manager, and then click

Denying access to a user or group ... 66Allowing access to a device c

Using automatic registration1. Open an application that requires you to log on.2. Click the Credential Manager SSO icon in the program or Web site pas

●Authenticate user before submitting credentials.●Show SSO shortcut for this application.12. Click Yes to complete the registration.Managing applicati

Importing an application1. Select Start > All Programs > HP ProtectTools Security Manager.2. In the left pane, click Credential Manager, and the

Using Application ProtectionThis feature allows you to configure access to applications. You can restrict access based on thefollowing criteria:●Categ

3. In the right pane, under Application Protection, click Manage Protected Applications. TheApplication Protection Service dialog box opens.4. Select

Advanced tasks (administrator only)The “Authentication and Credentials” page and the “Advanced Settings” page of Credential Managerare available only

Configuring custom authentication requirementsIf the set of authentication credentials you want is not listed on the Authentication tab of the“Authent

Configuring Credential Manager settingsFrom the “Settings” page, you can access and modify various settings using the following tabs:●General—Allows y

Example 2—Using the “Advanced Settings” page to require user verification beforeSingle Sign On1. Select Start > All Programs > HP ProtectTools S

7 Device Access Manager for HPProtectToolsThis security tool is available to administrators only. Device Access Manager for HP ProtectTools hassecurit

1 IntroductionHP ProtectTools Security Manager software provides security features that help protect againstunauthorized access to the computer, netwo

Starting background serviceFor device profiles to be applied, the HP ProtectTools Device Locking/Auditing background service mustbe running. When you

Simple configurationThis feature allows you to deny access to the following classes of devices:●USB devices for all non-administrators●All removable m

Device class configuration (advanced)More selections are available to allow specific users or groups of users to be granted or denied accessto types o

4. Under User/Groups, add the group to be denied access.5. Click Deny next to the group to be denied access.6. Navigate to the folder below that of th

GlossaryAuthentication Process of verifying whether a user is authorized to perform a task, for example, accessing acomputer, modifying settings for a

Identity In the HP ProtectTools Credential Manager, a group of credentials and settings that is handled like anaccount or profile for a particular use

IndexAaccessing HP ProtectToolsSecurity Manager 2accountbasic user 28Credential Manager 46administrator tasksCredential Manager 59Java Card 19advanced

SSO application, removing 55SSO applications andcredentials 55SSO automatic registration 54SSO credentials,modifying 56SSO manual registration 54SSO n

Computer Setup,managing 40emergency recovery token 27guidelines 5managing 3owner 27recovery file 14resetting user 32secure, creating 5setting options

Accessing the HP ProtectTools Security ManagerTo access the HP ProtectTools Security Manager from the Windows® Control Panel:▲Select Start > All Pr

Managing HP ProtectTools passwordsMost of the HP ProtectTools Security Manager features are secured by passwords. The following tablelists the commonl