8 Embedded Security for
HP ProtectTools
NOTE: The integrated Trusted Platform Module (TPM) embedded security chip must be installed in
your computer to use Embedded Security for HP ProtectTools. Most HP commercial desktop
computers include the Infineon TPM, which is the only common criteria certified chip to meet TCG
specifications.
Embedded Security for HP ProtectTools protects against unauthorized access to user data or
credentials. This software module provides the following security features:
●
Enhanced Microsoft Encryption File System (EFS) file and folder encryption (EFS is not
available on Windows Home versions)
●
Creation of a personal secure drive (PSD) for protecting user data
●
Data management functions, such as backing up and restoring the key hierarchy
● Support for third-party applications (such as Microsoft Outlook and Internet Explorer) for
protected digital certificate operations when using the Embedded Security software
The TPM embedded security chip enhances and enables other HP ProtectTools Security Manager
security features. For example, Drive Encryption for HP ProtectTools can use the embedded chip as
an authentication factor when the user logs on to Windows.
Setup procedures
CAUTION: To reduce security risk, it is highly recommended that your IT administrator immediately
initialize the embedded security chip. Failure to initialize the embedded security chip could result in an
unauthorized user, a computer worm, or a virus taking ownership of the computer and gaining control
over the owner tasks, such as handling the emergency recovery archive, and configuring user access
settings.
Follow the steps in the following 2 sections to enable and initialize the embedded security chip.
Installing Embedded Security for HP ProtectTools (if necessary)
To install Embedded Security for HP ProtectTools:
1. Click Start, click All Programs, and click Install Embedded Security for HP ProtectTools.
2. Accept the UAC warning.
3. Click Next, then enter User Name & Organization name if appropriate.
4. Click Next, click Install, and click Finish when complete.
5. Select Yes or No for the reboot request.
Enabling the embedded security chip in Computer Setup
The embedded security chip can be enabled in the Quick Initialization Wizard or in the Computer
Setup utility as described below.
ENWW Setup procedures 49