You can manage security settings as follows:
●
Locally with Computer Setup (F10) Utility
●
Remotely with HP CMS or HP System Software Manager (SSM), which enable the secure, consistent
deployment and control of security settings from a simple command line utility
The following Computer Setup (F10) Utility features let you manage computer security.
Feature
Purpose
Removable Media Boot Control
Prevents booting from removable media drives
Serial, Parallel, USB, or Infrared
Interface Control
Prevents transfer of data through the integrated serial, parallel, USB, or infrared
interface
Power-On Password
Prevents use of the computer until the password is entered (applies to initial system
startup and restarts)
Ddministrator Password
Prevents reconfiguration of the computer (through the Setup utility) until the
password is entered
Network Server Mode
Provides unique security features for computers used as servers
SATA hard drive security
HP computers include the HP DriveLock facility for SATA hard drives to prevent unauthorized access to data.
WARNING!
Enabling DriveLock can render a SATA hard drive permanently inaccessible if the master
password is lost or forgotten. No method exists to recover the password or access the data.
DriveLock has been implemented as an extension to Computer Setup (F10) Utility functions. It is only
available when hard drives that support the ATA security command set are detected. On HP computers, it is
not available when the SATA emulation mode is RAID+AHCI or RAID.
DriveLock is for HP customers for whom data security is a paramount concern. For such customers, the cost
of a hard drive and the loss of the data stored on it is inconsequential when compared to the damage that
could result from unauthorized access to its contents.
To balance this level of security with the need to address the issue of a forgotten password, the HP
implementation of DriveLock employs a two-password security scheme. One password is intended to be set
and used by a system administrator, while the other is typically set and used by the user.
No "back door" can be used to unlock the drive if both passwords are lost. Therefore, DriveLock is most safely
used when the data contained on the hard drive is replicated on a corporate information system or is regularly
backed up.
If both DriveLock passwords are lost, the hard drive is rendered unusable. For users who do not fit the
previously defined customer profile, this might not be acceptable. For users who fit this profile, it might be a
tolerable risk, given the nature of the data stored on the hard drive.
DriveLock applications
The most practical use of DriveLock is in a corporate environment. The system administrator would be
responsible for configuring the hard drive, which involves setting the DriveLock master password and a
temporary user password. If you forget the user password or if the equipment is passed on to another
employee, the master password can be used to reset the user password and regain access to the hard drive.
HP recommends that corporate system administrators who enable DriveLock also establish a corporate policy
for setting and maintaining master passwords. This should be done to prevent a situation where an employee
34
Chapter 2 System management
Summary of Contents for Z240 Small Form Factor
Page 1: ...HP Z240 Workstation Maintenance and Service Guide ...
Page 4: ...iv About this guide ...
Page 10: ...x ...