Achieving key security objectives, Protecting against targeted theft, Restricting access to sensitive data – HP Compaq dc5750 Microtower-PC User Manual

Achieving key security objectives

The HP ProtectTools modules can work together to provide solutions for a variety of security issues,
including the following key security objectives:

●

Protecting against targeted theft

●

Restricting access to sensitive data

●

Preventing unauthorized access from internal or external locations

●

Creating strong password policies

Protecting against targeted theft

An example of this type of incident would be the targeted theft of a computer containing confidential
data and customer information in a cubicle or open environment. The following features help protect
against targeted theft:

●

The pre-boot authentication feature, if enabled, helps prevent access to the operating system. See
the following procedures:

◦

“

Enabling and disabling smart card power-on authentication support on page 46

”

◦

“

Enabling and disabling power-on authentication support for Embedded Security

on page 47

”

◦

“

Assigning a name to a Java Card on page 39

”

◦

“

Drive Encryption for HP ProtectTools on page 52

”

●

DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and
installed into an unsecured system. See “

Enabling and disabling DriveLock hard drive protection

on page 48

.”

●

The Personal Secure Drive feature, provided by the Embedded Security for HP ProtectTools
module, encrypts sensitive data to help ensure it cannot be accessed without authentication. See
the following procedures:

◦

Embedded Security “

Setup procedures on page 28

”

◦

“

Using the Personal Secure Drive on page 31

”

Restricting access to sensitive data

Suppose a contract auditor is working onsite and has been given computer access to review sensitive
financial data; you do not want the auditor to be able to print the files or save them to a writeable device
such as a CD. The following feature helps restrict access to data:

●

The DriveLock helps ensure that data cannot be accessed even if the hard drive is removed and
installed into an unsecured system. See “

Enabling and disabling DriveLock hard drive protection

on page 48

.”

Preventing unauthorized access from internal or external locations

If a PC containing confidential data and customer information is accessed from an internal or external
location, unauthorized users may be able to gain entry to corporate network resources or data from

4

Chapter 1 Introduction to security

ENWW