Additional security elements, Assigning security roles, Managing hp protecttools passwords – HP Compaq dc5750 Microtower-PC User Manual
Page 12
Additional security elements
Assigning security roles
In managing computer security (particularly for large organizations), one important practice is to divide
responsibilities and rights among various types of administrators and users.
NOTE:
In a small organization or for individual use, these roles may all be held by the same person.
For HP ProtectTools, the security duties and privileges can be divided into the following roles:
●
Security officer—Defines the security level for the company or network and determines the security
features to deploy, such as Java™ Cards, biometric readers, or USB tokens.
NOTE:
Many of the features in HP ProtectTools can be customized by the security officer in
cooperation with HP. For more information, see the HP Web site at
●
IT administrator—Applies and manages the security features defined by the security officer. Can
also enable and disable some features. For example, if the security officer has decided to deploy
Java Cards, the IT administrator can enable Java Card BIOS security mode.
●
User—Uses the security features. For example, if the security officer and IT administrator have
enabled Java Cards for the system, the user can set the Java Card PIN and use the card for
authentication.
Managing HP ProtectTools passwords
Most of the HP ProtectTools Security Manager features are secured by passwords. The following table
lists the commonly used passwords, the software module where the password is set, and the password
function.
The passwords that are set and used by IT administrators only are indicated in this table as well. All
other passwords may be set by regular users or administrators.
HP ProtectTools password
Set in this HP ProtectTools
module
Function
Credential Manager logon
password
Credential Manager
This password offers 2 options:
●
It can be used in a separate logon to
access Credential Manager after
logging on to Windows.
●
It can be used in place of the Windows
logon process, allowing access to
Windows and Credential Manager
simultaneously.
Credential Manager recovery file
password
Credential Manager, by IT
administrator
Protects access to the Credential Manager
recovery file.
Basic User Key password
NOTE:
Also known as:
Embedded Security password
Embedded Security
Used to access Embedded Security
features, such as secure e-mail, file, and
folder encryption. When used for power-on
authentication, also protects access to the
computer contents when the computer is
turned on, restarted, or restored from
hibernation.
Emergency Recovery Token
password
NOTE:
Also known as:
Emergency Recovery Token Key
password
Embedded Security, by IT
administrator
Protects access to the Emergency Recovery
Token, which is a backup file for the
embedded security chip.
6
Chapter 1 Introduction to security
ENWW