HP ProtectTools security software 2011 - Technical white paper

 Scenario 1 – In a call center environment, call takers have full access to sensitive product and

pricing information. The company wants to protect this data and ensure that it is not removed from

the premises. This can be accomplished by creating a Device Access Manager policy that prevents

removable storage devices such as USB keys and writeable optical drives from being used by

unauthorized users.

 Scenario 2 – A company is making sensitive financial information available to an auditor and

wants to protect this information from being copied or removed from the notebook. Device Access

Manager can allow a policy where this user is denied access to any removable storage devices.

JITA Configuration

JITA Configuration allows the administrator to view and modify lists of users and groups that are

allowed to access devices using just-in-time authentication. JITA-enabled users will be able to access

some devices for which policies created in the Device Class Configuration or Simple Configuration

view have been restricted.

The JITA period can be authorized for a set number of minutes or 0 minutes. A JITA period of 0

minutes will not expire. Users will have access to the device from the time they authenticate until the

time they log off the system. The JITA period can also be extended, if configured to do so. In this

scenario, 1 minute before the JITA period is about to expire, users can click the prompt to extend their

access without having to re-authenticate. Whether the user is given a limited or unlimited JITA period,

as soon as the user logs off the system or another user logs in, the JITA period expires. The next time

the user logs in and attempts to access a JITA-enabled device, a prompt to enter credentials is

displayed.

JITA is available for DVD/CD-ROM drives and removable media.