HP EliteBook 2740p Base Model Tablet PC User Manual

HP ProtectToolsUser Guide

HP ProtectTools featuresThe following table details the key features of HP ProtectTools modules.Module Key featuresCredential Manager for HP ProtectTo

opening 42Privacy ManagerCertificate 42security login methods 41setup procedures 42system requirements 41protecting assets from automaticshredding 66R

Achieving key security objectivesThe HP ProtectTools modules can work together to provide solutions for a variety of security issues,including the fol

●Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeabledevices so sensitive information cannot be copied from th

Additional security elementsAssigning security rolesIn managing computer security (particularly for large organizations), one important practice is to

HP ProtectTools password Set in this HP ProtectToolsmoduleFunctionComputer Setup utility and to the computercontents.Authenticates users of Drive Encr

Creating a secure passwordWhen creating passwords, you must first follow any specifications that are set by the program. Ingeneral, however, consider

2 Getting startedNOTE: Administration of HP ProtectTools requires administrative privileges.The HP ProtectTools Setup Wizard guides you through settin

Opening HP ProtectTools Administrative ConsoleFor administrative tasks, such as setting system policies or configuring software, open the console asfo

Enabling security featuresThe Setup Wizard will ask you to verify your identity.1. Read the “Welcome” screen, and then click Next.2. Verify your ident

Enrolling your fingerprintsIf you have selected "Fingerprint" and if your computer has a fingerprint reader built in or connected,you will b

© Copyright 2009 Hewlett-PackardDevelopment Company, L.P.Bluetooth is a trademark owned by itsproprietor and used by Hewlett-PackardCompany under lice

Setting up a smart cardIf you have selected "Smart card" and if a smart card reader is built in or connected to your computer,the HP Protect

Using Administrative ConsoleHP ProtectTools Administrative Console is the central location for administering HP ProtectToolsSecurity Manager features

3 Configuring your systemThe System group is accessed from the Tools menu panel on the left side of the HP ProtectToolsAdministrative Console screen.

Setting up authentication for your computerWithin the Authentication application, you can select which security features should be implemented onthis

SettingsYou can allow one or more of the following security settings:●Allow One Step logon—Allows users of this computer to skip Windows logon if auth

Managing usersWithin the Users application, you can monitor and manage this computer's HP ProtectTools users.All HP ProtectTools users are listed

Specifying device settingsWithin the Device application, you can specify settings available for any built-in or attached securitydevices recognized by

4 Configuring your applicationsThe Applications group is accessed from the Security Applications menu panel on the left side of HPProtectTools Adminis

General tabThe following settings are available on the General tab:▲Do not automatically launch the Setup Wizard for administrators—Select this option

Applications tabThe settings displayed here can change when new applications are added to Security Manager. Theminimal settings shown by default are a

Table of contents1 Introduction to securityHP ProtectTools features ...

5 Adding management toolsAdditional applications may be available for adding new management tools to Security Manager. Theadministrator of this comput

6 HP ProtectTools Security ManagerHP ProtectTools Security Manager allows you to significantly increase the security of your computer.You can use prel

Setup proceduresGetting startedThe HP ProtectTools Setup Wizard is displayed automatically as the default page in HP ProtectToolsSecurity Manager unti

5. You must enroll at least two fingers; index or middle fingers are preferable. Repeat steps 3 and 4for another finger.6. Click Next.NOTE: When enrol

●Administration—Opens the HP ProtectTools Administrative Console.●Help button—Displays information about the current screen.●Advanced—Allows you to ac

General tasksThe applications included in this group assist you in managing various aspects of your digital identity.●Security Manager—Creates and man

●Add a New Account—Allows you to add an account to a logon.●Open Password Manager—Launches the Password Manager application.●Help—Displays Password Ma

Editing logonsTo edit a logon, follow these steps:1. Open the logon screen for a Web site or program.2. To display a dialog box where you can edit you

To add a logon to a category:1. Place your mouse pointer over the desired logon.2. Press and hold the left mouse button.3. Drag the logon into the lis

Click the icon arrow, and then click Icon Settings to customize how Password Manager handlespossible logon sites.●Prompt to add logons for logon scree

5 Adding management tools6 HP ProtectTools Security ManagerSetup procedures ...

Your personal ID cardYour ID card uniquely identifies you as the owner of this Windows account, showing your name and apicture of your choice. It is p

Fingerprint Scan Feedback—Displays only when a fingerprint reader is available. Use this setting toadjust the feedback that occurs when you scan your

Adding applicationsAdditional applications that provide new features for this program may be available.From the Security Manager dashboard, click [+]

7 Drive Encryption for HP ProtectTools(select models only)CAUTION: If you decide to uninstall the Drive Encryption module, you must first decrypt all

Setup proceduresOpening Drive Encryption1. Click Start, click All Programs, click HP, and then click HP ProtectTools AdministrativeConsole.2. In the l

General tasksActivating Drive EncryptionUse the HP ProtectTools Setup Wizard to activate Drive Encryption.NOTE: This wizard is also used to add and re

NOTE: If the Windows administrator has enabled Pre-boot Security in the HP ProtectTools SecurityManager, you will log in to the computer immediately a

Advanced tasksManaging Drive Encryption (administrator task)The ”Encryption Management” page allows administrators to view and change the status of Dr

CAUTION: Be sure to keep the storage device containing the backup key in a safe place, because ifyou forget your password or lose your Java Card, this

8 Privacy Manager for HP ProtectTools(select models only)Privacy Manager for HP ProtectTools enables you to use advanced security login (authenticatio

Creating backup keys ... 39Performing a recovery ...

Setup proceduresOpening Privacy ManagerTo open Privacy Manager:1. Click Start, click All Programs, click HP, and then click HP ProtectTools Security M

Requesting a Privacy Manager Certificate1. Open Privacy Manager, and click Certificates.2. Click Request a Privacy Manager certificate.3. On the “Welc

If you click Cancel, refer to for Adding a Trusted Contact on page 46 information on adding aTrusted Contact at a later time.Viewing Privacy Manager C

3. Click Delete.4. When the confirmation dialog box opens, click Yes.5. Click Close, and then click Apply.Restoring a Privacy Manager CertificateDurin

Trusted Contacts Manager allows you to perform the following tasks:●View Trusted Contact details●Delete Trusted Contacts●Check revocation status for T

8. When you receive an e-mail response from a recipient accepting the invitation to become a TrustedContact, click Accept in the lower-right corner of

Deleting a Trusted Contact1. Open Privacy Manager, and click Trusted Contacts.2. Click the Trusted Contact you want to delete.3. Click Delete contact.

General tasksYou can use Privacy Manager with the following Microsoft products:●Microsoft Outlook●Microsoft Office●Windows Live MessengerUsing Privacy

3. Click the down arrow next to Send Securely (Privacy in Outlook 2003), and then click Sign andSend.4. Authenticate using your chosen security login

Configuring Privacy Manager for Microsoft Office1. Open Privacy Manager, click Settings, and then click the Documents tab.– or –On the toolbar of a Mi

Starting a Privacy Manager Chat session ... 54Configuring Privacy Manager for Windows Live Messe

To add a suggested signer to a Microsoft Word or Microsoft Excel document:1. In Microsoft Word or Microsoft Excel, create and save a document.2. Click

NOTE: To select multiple Trusted Contact names, hold down the ctrl key and click the individualnames.5. Click OK.If you later decide to edit the docum

Viewing an encrypted Microsoft Office documentTo view an encrypted Microsoft Office document from another computer, Privacy Manager must beinstalled o

– or –a. Right-click the ProtectTools icon in the notification area, click Privacy Manager for HPProtectTools, and then select Start Chat.b. In Live M

●Send—Click this button to send an encrypted message to your contact.●Send signed—Select this check box to electronically sign and encrypt your messag

Reveal sessions for a specific accountRevealing a session displays the decrypted Contact Screen Name for the currently selected session.To reveal a sp

Add or remove columnsBy default, the 3 most used columns are displayed in the Live Messenger History Viewer. You can addadditional columns to the disp

Advanced tasksMigrating Privacy Manager Certificates and Trusted Contacts to a differentcomputerYou can securely migrate your Privacy Manager Certific

Central administration of Privacy ManagerYour installation of Privacy Manager may be part of a centralized installation, that has been customizedby yo

9 File Sanitizer for HP ProtectToolsFile Sanitizer is a tool that allows you to securely shred assets (personal information or files, historicalor Web

Device administrators group ... 71Simple Configuration ...

ShreddingShredding is different than a standard Windows® delete (also known as a simple delete in File Sanitizer)in that when you shred an asset using

Free space bleachingDeleting an asset in Windows does not completely remove the contents of the asset from your harddrive. Windows only deletes the re

Setup proceduresOpening File SanitizerTo open File Sanitizer:1. Click Start, click All Programs, click HP, and then click HP ProtectTools Security Man

To set a free space bleaching schedule:1. Open File Sanitizer, and click Free Space Bleaching.2. Select the Activate Scheduler check box, enter your W

NOTE: To remove an asset from the available shred options, click the asset, and then clickDelete.4. Under Shred the following, select the check box ne

General tasksYou can use File Sanitizer to perform the following tasks:●Use a key sequence to initiate shredding—This feature allows you to create a k

Using the File Sanitizer iconCAUTION: Shredded assets cannot be recovered. Carefully consider which items you select formanual shredding.1. Navigate t

– or –1. Open File Sanitizer, and click Shred.2. Click the Shred now button.3. When the confirmation dialog box opens, click Yes.Manually activating f

10 Device Access Manager for HPProtectTools (select models only)Windows® operating system administrators use Device Access Manager for HP ProtectTools

Setup ProceduresOpening Device Access ManagerTo open Device Access Manager, follow these steps:1. Click Start, click All Programs, click HP, and then

viii

NOTE: In order to use this view to read device access information, the user or group must be granted"read" access in the User Access Setting

Stopping the Device Locking/Auditing service does not stop the device locking. Two componentsenforce device locking:●Device Locking/Auditing service●D

The same user, the same group, or a member of the same group can be denied write accessor read+write access only for the same device or a device below

Allowing access for a user or a groupTo grant permission for a user or a group to access a device or a class of devices, follow these steps:1. In the

Allowing access to a class of devices for one user of a groupTo allow a user to access a class of devices while denying access to all other members of

To reset the configuration settings to the factory values, follow these steps:1. In the left pane of HP ProtectTools Administrative Console, click Dev

Advanced tasksControlling access to the configuration settingsIn the User Access Settings view, administrators specify the groups or users who are all

Denying access to an existing group or userTo deny permission for an existing group or user to view or change the configuration settings, followthese

11 LoJack Pro for HP ProtectToolsComputrace LoJack Pro, powered by Absolute Software (purchased separately), addresses the growingproblem of computers

12 TroubleshootingHP ProtectTools Security ManagerShort description Details SolutionSmart cards and USBtokens are not available inSecurity Manager ifi

1 Introduction to securityHP ProtectTools Security Manager software provides security features that help protect againstunauthorized access to the com

Short description Details SolutionPassword Manager doesnot recognize theConnect button onscreen.If the Single Sign On credentials forRemote Desktop Co

Device Access Manager for HP ProtectToolsUsers have been denied access to devices within Device Access Manager, but the devices arestill accessible.●E

◦One workaround is to deny the Users group at the DVD/CD-ROM Drives level and to allowthe Administrators group at the level below DVD/CD-ROM Drives.◦A

MiscellaneousSoftware Impacted—Short descriptionDetails SolutionSecurity Manager—Warning received: Thesecurity application cannot be installed until t

Glossaryactivation The task that must be completed before any of the Drive Encryption features are accessible. DriveEncryption is activated using the

decryption Procedure used in cryptography to convert encrypted data into plain text.device access control policy The list of devices for which a user

Live Messenger History Viewer A Privacy Manager Chat component that allows you to search for and viewencrypted chat history sessions.logon An object w

simple delete Deletion of the Windows reference to an asset. The asset content remains on the hard drive untilobscuring data is written over it by fre

IndexAaborting a shred or bleachoperation 69accessallowing 75controlling 70denying 74denying to existing groups orusers 79granting to existing groups

managing Drive Encryption 39opening 36Ee-mail messageSealing for TrustedContacts 50signing 49viewing a sealed message 50e-mailing an encrypted Microso