HP ProtectTools security software 2011 - Technical white paper
Feature
Benefit
ProtectTools uses it to further secure the encryption keys that encrypt
sensitive user credentials such as website passwords or network logon
credentials.
Designed to the TCG standard
As a standards-based technology, embedded security chips are
designed to work with a growing number of third party software
solutions while providing a platform to support future hardware and
operating system architectures.
Supports Microsoft CAPI and
PKCS#11 cryptographic
software interfaces
Enables the embedded security chip to enhance a broad range of
existing applications and solutions that take advantage of these
interfaces (for example, Microsoft Outlook
®
, Netscape Navigator, RSA
SecurID and public key infrastructure solutions from leaders like
Microsoft, Verisign and Entrust)
Enhanced Microsoft EFS
Helps protect sensitive user data stored locally on a PC, where access
to Microsoft EFS encrypted files are protected by the embedded
security chip, providing a higher degree of hardware-based protection
Enhanced Personal Secure Drive
(PSD)
Personal Secure Drive (PSD) is an encrypted mountable volume. In
Embedded Security for HP ProtectTools version 4.0 and later, PSD has
been enhanced with a significantly larger size limit. The PSD can now
occupy the entire hard drive (minus 5GB for system files). PSD size
therefore is now only limited by the hard drive size. PSD can now also
be created on removable storage devices such as USB hard drives, and
USB flash drives.
Support for TPM v.1.2
Embedded Security for HP ProtectTools versions 4.0 or later support the
latest TPM v1.2 as well as the previous TPM v1.1.
Password Reset
Allows administrators to reset a lost user password
Automatic Backup
Allows automatic backups of TPM Embedded Security Credentials,
Settings and Personal Secure Drive (PSD). Backups can be created on
local drives as well as network drives. This ensures that TPM protected
user data can be recovered in case of a service event.
For more information on trusted computing solutions from HP, including more information on the
embedded security chip solution for HP business desktop, notebook and workstation PCs, visit
www.hp.com/go/security.
File Sanitizer for HP ProtectTools
Files dropped into the recycle bin can easily be recovered. The recovery process is as simple as
opening the recycle bin, and restoring the files. Even once the recycle bin is emptied, the files remain
on the hard drive and can be recovered using disk utilities available online.
When you delete a file, it is removed from the hard drive directory. The process is quick and requires
the same amount of time regardless of the size of the file. Removing the link to the file from the
directory makes the space occupied by the file available to new files. The deleted file however,
continues to reside on the hard drive and can be recovered until it is overwritten by another file.
Normal file deletion process, while fast and convenient, also poses a security threat because deleted
information could be recovered by an unauthorized person.
File sanitization, also referred to as shredding, is a process where the data designated to be erased is
overwritten multiple times with meaningless bits in order to ensure that it cannot be recovered. File
sanitization is an intensive process and makes the erased data unrecoverable.
Bleaching is a process where previously used space on a hard drive is overwritten to ensure no
deleted data can be recovered.
File Sanitizer for HP ProtectTools starts by placing an icon on the desktop. You can then shred files by
simply dragging and dropping onto the File Sanitizer icon. You can also define files and folders that