1. Reinventing PC Security
Rick Griencewic
Senior Manager, Security
HP Personal Systems US Category

2. New malware emerged every 4.2 seconds
2017 IN REVIEW
Shamoon 2 reappears in Saudi Arabia as destructive attack on industry
Virgin America Login credentials stolen from 3k employees
WannaCry ransomware features stolen NSA exploit
Equifax discovers they have been attacked. Financial data on 143M people stolen
YAHOO! uncoverrd earlier hack affected all 3 billion addresses
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Dun & Bradstreet database of 33.7M addresses & contact info leaked
Anthem employee s 18.5k medical records to his personal account
NotPetya launches destructive attack in Ukraine - age of cyber-warfare?
Etherium suffers heists of $7.4M & $32M weeks apart
Uber breach of 57M customers & drivers personal info breached
Deloitte attack reveals client confidential s of blue- chip clients
LEGAL APPROVED INSIGHT:
2B records stolen in the first 6 months. 164% increase vs. same period in 2016*
SOURCE: CBR, "1.9 Billion records lost to cyber-attacks in 2017 so far - beating last year's total number", 2017
SPEAKER NOTES:
WannaCry – Ransomware took over infected computers and encrypted the contents of their hard drives, then demanded a payment in Bitcoin in order to decrypt them. The malware took particular root in computers at facilities run by the United Kingdom's NHS. WannaCry exploited a vulnerability using code that had been secretly developed by the United States National Security Agency. Called EternalBlue, the exploit had been stolen and leaked.
NotPetya - abruptly in June of 2017, a much more virulent version of the Petya malware started spreading. It originally propagated via compromised Ukrainian accounting software and spread via the same EternalBlue exploit that WannaCry used. NotPetya is widely believed to be a cyberattack from Russia against Ukraine, though Russia denies it, opening up a possible era of states using weaponized malware.
Yahoo – Attack occurred in 2013, but it was only in 2017 that it was discovered that all 3B yahoo accounts were affected
Deloitte Attack -Deloitte provides auditing, tax consultancy and high-end cybersecurity advice to some of the world’s biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies. The hacker compromised the firm’s global server through an “administrator’s account” that gave them privileged, unrestricted “access to all areas”. The account required only a single password and did not have “two- step“ verification.
New malware emerged every 4.2 seconds
GData, Malware Trends 2017

3. IN 2017, IT GOT PERSONAL Protected by HP Sure Start
Dear Richard Griencewic,
We are writing to inform you of a data security incident experienced by Ambassador Title Service (“ATS”) that may have resulted in the exposure of your name and Social Security number….
We value and respect the privacy of your information, and sincerely apologize for any concern or inconvenience this may cause you…
Subject: Contact requested about possible identity theft
Dear Richard Griencewic,
We’re writing to let you know you may be a victim of identity theft, according to information provided by VFD – Account Takeover.
Protected by HP Sure Start

4. Every PC Purchase Decision is a Security Decision
HP Confidential. For use with HP customers under HP CDA only

5. THE WORLD’S MOST SECURE & MANAGEABLE PCs, WORKSTATIONS & PRINTERS
SPEAKER NOTES:
DISCLAIMERS:
1. Based on HP’s unique and comprehensive security capabilities at no additional cost and HP Manageability Integration Kit’s management of every aspect of a PC including hardware, BIOS and software management using Microsoft System Center Configuration Manager among vendors with >1M unit annual sales as of November 2016 on HP Elite PCs with 7th Gen and higher Intel® Core® Processors, Intel® integrated graphics, and Intel® WLAN.
Restricted Claim Use Guidance:
EMEA:
France – Yes, but must publish substantiation report, translated if required locally; should have local country url leading to the posted report added to the disclaimer
Germany - Yes, but must publish substantiation report, translated if required locally; should have local country url leading to the posted report added to the disclaimer
Rest of EU countries, MEMA, Netherlands, Serbia, Switzerland, Israel – Yes
Romania, CIS Countries, Turkmenistan, Russia, Turkey, UAE, Saudi Arabia-No
APJ:
China, Indonesia, Vietnam – No
Rest of APJ- Yes
LAR:
Argentina, Chile, Costa Rica, Ecuador, Colombia, Peru– Yes
Chile, Brazil – No

6. Self-Defending Devices Video with Jonathan “The Fixer” Banks
2018 HP Security
Self-Defending Devices Video
with
Jonathan “The Fixer” Banks

7. A LAYERED APPROACH TO SECURITY HARDWARE IS THE LEAST VULNERABLE TO ATTACK
ABOVE THE OS
Manageability Infrastructure, Visual Hackers
OPEN DOORS
Security tools are useless unless policies enforced. Manageability is required to make security effective !
IN THE OS
Operating System, Software, Downloads
COMMON TARGET
Unpatched software vulnerabilities are easy to exploit. Malicious websites, infected downloads !
SPEAKER NOTES:
Let’s take a closer look at the concept of designing from the hardware up, and why HP think’s it’s important to consider security below, at, and above the OS.
Let’s start of by putting ourselves in the shoes of a hacker.
Hackers are creative. They are looking for any way to get into your PC and get what they want – which means that they will target any level of the system they can get access to.
Above the OS: From a hacker’s standpoint, this is about looking for open doors. What are the easiest ways in? Are there PCs that are unprotected, and therefore easy targets? PCs without the latest security patches? Is somebody sharing important information in plain view, where it’s easy to visually hack?
In the OS: This is the majority of your software sits, which is where hackers most commonly target. Why? Because software offers a huge attack surface, and every line of code is an opportunity to find a vulnerability they can exploit. Software is more exposed and less secure than hardware, which is why most malware targets it.
Below the OS: Underneath your OS are your systems actual hardware, and the code that sits on that hardware (the firmware).
Firmware is less exposed to attacks – but as malware becomes more and more sophisticated, firmware is increasingly under attack. While firmware like the BIOS is a complex target, it has a lot of benefits to a hacker: it is difficult to detect, difficult to get rid of, and offers a high level of privilege that enables them to open up doors to access almost anything on the PC that they want. This makes it an ideal target, well worth the effort of a more complex attack.
Luckily, the hardware itself is extremely secure, and is very difficult for hackers to penetrate.
When we take the hackers point of view, the importance of secure hardware becomes clear. Hardware gives us the best place to build our foundation of security.
Because HARDWARE IS LEAST VULNERABLE TO ATTACK, it can serve as a trusted starting point from which to build up your defenses.
BELOW THE OS
Firmware (BIOS, etc.)
IDEAL TARGET
Complex target. Successful attacks mean persistence, stealth, and access to almost anything they want
!!!
MOST SECURE
Extremely difficult to penetrate
HARDWARE

8. HP Endpoint Security Controller
2018 HP SECURITY FRAMEWORK
DEVICE
IDENTITY
DATA
ABOVE THE OS
HP Camera Privacy Shutter
Mechanical webcam cover
HP Sure View Gen2 7
Built-in privacy screen
HP Work Wise11
Proximity-based authentication
HP Sure Click 8
Browsing security solution IN
THE OS
HP Sure Recover 4
Automated network-based image recovery
MANAGEABILITY
HP Client Security Mgr Gen4
HP Sure Run 3
Protection for critical applications
Centralized security management
HP MIK Gen2 6
Image creation and testing
HP Image Assistant Gen3
HP Multi-Factor Authenticate Gen2 5
Harden MFA policies, 3-factors
SPEAKER NOTES:
In 2018, we are building on our legacy of PC security innovation, with new features and massive upgrades across our security stack. The stack represents our key PC security offerings, solutions designed to protect our customer’s Devices, Identities, and Data, below, in and above the operating system.
It’s critical that we consider security at every level. It is no longer just a software challenge. This is what “Built in, not bolted on” means.
To be truly secure, devices and organizations much start with security that’s anchored in the hardware of each endpoint device – and carry that mindset all the way through to the manageability tools that help secure the entire organization. In other words, you can’t have security without manageability.
Not only have we made major updates to a number of our key security features, we’ve also introduced two new features – HP Sure Run and HP Sure Recover, which are based in HP’s unique hardware.
Sure Run protects critical security processes from malware that tries to shut them down - enabled locally in HP Client Security Manager
Sure Recover and Sure Recover with Embedded Reimaging lets you reimage automatically, anywhere. no need for a network connection.
HP EliteBook 800 G5 features HP Sure Recover
HP EliteBook 1030 G5 features new HP Sure Recover with Embedded Reimaging option
DISCLAIMERS (2018):
2. HP Sure Start Gen4 is available on HP Elite and HP Pro 600 products equipped with 8th generation Intel® or AMD processors.
3. HP Sure Run is available on HP Elite products equipped with Intel® or AMD® 8th generation processors.
4. HP Sure Recover is available on HP Elite PCs with 8th generation Intel® or AMD processors and requires an open, wired network connection. You must back up important files, data, photos, videos, etc. before using HP Sure Recover to avoid loss of data.
5. HP Multi Factor Authenticate Gen2 requires 7th or 8th Generation Intel® Core™ processor, Intel® integrated graphics, and Intel® WLAN. Microsoft® System Center Configuration Manager is required for deployment.  Three authentication factors requires an Intel® vPro™ processor.
6. HP Manageability Integration Kit can be downloaded from
7. HP Sure View integrated privacy screen is an optional feature that must be configured at purchase
8. HP Sure Click is available on select HP platforms and supports Microsoft® Internet Explorer and Chromium™. Check ENW for all compatible platforms as they become available.
9. For the methods outlined in the National Institute of Standards and Technology Special Publication Supported on Elite platforms with BIOS version F.03 or higher
10. HP BIOSphere Gen4 requires Intel® or AMD 8th generation processors.
11. HP Work Wise smartphone app is available as a free download on Google Play.
HP Sure Start Gen4 2
Self-healing BIOS with Runtime Intrusion Detection
HP Secure Erase 9
Permanent data removal on HDD/SSD
SpareKey
Self-service password recovery
HP Device Access Manager
JIT access to ports and devices
BELOW
THE OS
Certified Self-Encrypting Drives
Hardware data encryption
HP BIOSphere Gen4 10
Comprehensive BIOS management
HP Endpoint Security Controller

9. HP ENDPOINT SECURITY CONTROLLER
GROUNDED IN HARDWARE, ENABLES SOLUTIONS THAT ARE
Hardware Enforced
Self-Healing
Manageable
SPEAKER NOTES:
The HP’s Endpoint Security controller enables us to deliver security solutions that are hardware-enforced, self-healing, and manageable.
Hardware-enforced: as we discussed, anchoring security in the hardware makes it less vulnerable, and more trustworthy.
Self-healing: Because it is able to monitor the health of the system from its separate hardware (the “watchtower”), the HP ESC enables us to create self-healing solutions. A self-healing system is one that is able to identify changes in itself and recover from them automatically – making them resilient against malware attacks, even if they are attacks that have never been seen before. This is critical in order for PCs to protect themselves against the malware of the future. Our latest security features continue the legacy of self-healing solutions that make Elite PCs resilient; enabling them to protect against, detect, and recover from known and unknown attacks.
Manageable: In order to turn a secure endpoint into secure organizations, IT needs to be able to enforce their security policies and make sure all PCs remain in compliance at scale. Whenever HP designs for security, we do so with manageability in mind.
This approach is something unique to HP, and it is the strategy that is enabling us to break away from the competition when it comes to security.
to create a cyber resilient system that protects against of unexpected of today and the future

10. Jonathan “The Fixer” Banks
COMPANY CONFIDENTIAL—INFORMATION SUBJECT TO NDA C
2018 HP Sure Start
with
Jonathan “The Fixer” Banks
and
Philip

11. HP SURE START GEN4 DEFENDS AGAINST DEVASTATING FIRMWARE ATTACKS
is the first and only self-healing BIOS
Hardware-enforced protection
Continually monitors and automatically recovers BIOS and critical firmware
SPEAKER NOTES:
Let’s take a look at HP Sure Start Gen4, the latest generation of HP’s unique self-healing BIOS.
What is the BIOS, and why are we so interested in protecting it?
The BIOS is the first million lines of code that run when you turn your PC on. It is responsible for checking the integrity of your hardware, finding the OS, and passing control to it. The BIOS also copies some of its code into your memory so it’s available while the system runs (SMM), to make sure that the OS is able to communicate back to the hardware as needed.
Why is this so important?
The BIOS plays a critical role in your PCs security. Because it runs below the OS, your software-based antivirus, anti-malware, and OS firewalls are not able to actively monitor it’s health. As a result, if malware – a rootkit, for example – is able to infect the BIOS, hackers “own” your PC. These attacks are extremely difficult to detect; they’re persistent, and will stick around even if you reimage your machine or reformat or replace the hard drive; and they offer hackers nearly unlimited control of your PC.
These attacks are not theoretical, either. We’ve seen attacks like Shamoon2 do major damage in 2017 by attacking the BIOS. These firmware attacks can have devastating consequences for businesses, large and small. (Note: HP BIOSphere and HP Sure Start protect the MBR and GPT from corruption or deletion, which was the attack method used by Shamoon2).
In an industry where competition moves fast, HP is STILL the only one in the industry with a self-healing BIOS.
HP Sure Start guards the BIOS - on boot up and while you’re running – and automatically self-heals from attacks or corruption.
Starting in its third generation, in 2017, HP Sure Start protected both the BIOS itself and the copy of the BIOS running in the system memory (SMM).
Now with it’s fourth generation – we’re making HP Sure Start even better with:
Enhanced encryption for better protection of the secrets stored in the HP Endpoint Security Controller
Enhanced resilience and event logging for key 3rd party firmware (Intel ME)
And, most importantly, we’re building on this technology with the creation of 2 new features: HP Sure Run and HP Sure Recover.
DISCLAIMERS:
2. HP Sure Start Gen4 is available on HP Elite and HP Pro 600 products equipped with 8th generation Intel® or AMD processors.
Protects against today’s malware threats and future threats as well

12. HP SURE RUN SECURING KEY PROCESSES THAT SECURE YOUR PC
Extends healing protection of HP’s Endpoint Security Controller into the OS
Monitors key processes including anti-virus software and firewall
Alerts immediately of any changes
Automatically restarts PC if malware detected
Windows 10
Designed to be the Most Secure Windows Ever
OS Processes
3rd Party Processes
OS Processes
3rd Party Processes
HP Products & Processes
SPEAKER NOTES:
HP Sure Run uses the HP Endpoint Security Controller to extend self-healing protection into the OS, where it is able to guard critical processes and applications that you want to keep up and running.
Why we did this:
While you work, you have lots of agents watching and monitoring your PCs activity - software security processes that help keep your PC safe.
For example:
Antivirus in Windows Security Center stays on the lookout to protect against known malware
Firewall helps protect against attacks coming through the network
Cryptographic services keep your secrets secured
Naturally, malware wants to turn these protections off so that it can gain greater access to your PC. So, how can you make sure these protections stay up and running?
HP Sure Run helps guard the processes that are guarding your PC. It will monitor key processes, alert users and IT if it sees a change – for example, if malware turns of your antivirus software – and will restart those processes automatically if they’re stopped.
In turn, HP Sure Run itself is monitored and enforced by the HP Endpoint Security Controller hardware: this enables it to provide hardware-enforced protection for your software security processes.
Additional Details:
Sure Run must be turned on in HP CSM by the user in order to activate it. So, it is not running “by default” like Sure Start.
DISCLAIMERS:
3. HP Sure Run is available on HP Elite products equipped with Intel® or AMD® 8th generation processors.
HP Sure Run
HP Sure Start
HP Endpoint Security Controller enables hardware-enforced application persistence

13. HP SURE RECOVER4 SECURE, AUTOMATED, NETWORK OS IMAGE RECOVERY
Leverages HP’s Endpoint Security Controller
Executed through BIOS to protect OS from malware
Provides fast, secure, image restoration automatically1 from the system board or with a simple wired network connection2
Minimizes user downtime and IT effort
Easily manageable with HP Client Security Manager or HP MIK Gen2 plug-in for SCCM  !
SPEAKER NOTES:
HP Sure Recover enables secure, automated, network-based image recovery to make the entire process faster and easier for ITDMs and end users.
Additional notes:
How is it secure? HP Sure Recover uses a cryptographically signed image, to ensure that the image installed is authentic.
SMB or Enterprise: By default, HP Sure Recover will reimage using the latest image available from hp.com. For customers with their own corporate image, PCs can be provisioned using the HP MIK to pull the latest corporate image from wherever it is hosted (on the internet or intranet)
Network based: HP Sure Recover currently requires a physical network connection (not wireless).
Hardware endforced: HP Sure Recover is hardware based, so that you can reimage a PC even from a bare hard drive.
DISCLAIMER:
4. HP Sure Recover is available on HP Elite PCs with 8th generation Intel® or AMD processors and requires an open, wired network connection. You must back up important files, data, photos, videos, etc. before using HP Sure Recover to avoid loss of data.
Proactive reimaging is an excellent way to make sure that malware doesn’t remain on devices for long periods of time. We know that in some industries, endpoint devices are naturally more exposed. One example is the hospitality industry – where POS attacks are “absolutely rampant” according to Verizon’s 2017 Data Breach Investigations Report – and where time-to-discovery takes months.
With HP Sure Recover, IT can schedule routine reimaging for the entire fleet, so that PCs get a “fresh start” on a regular basis and any malware in the OS won’t have a chance to stick around.
We are also using the HP Endpoint Security Controller to make reimaging easier.
Having a fast, efficient way to reimage machines is important – because reimaging can be a painful process, costing end users and ITDMs hours of lost productivity.
Let’s look at two different customers scenarios: (NOTE: Presenters can choose whichever scenario is most appropriate for their audience)
Some major attacks can make reimaging extremely painful. After the 2017 Petya/NotPetya attacks, restoring the corporate image to affected machines required an INDIVIDUAL TOUCH for each unit – causing costly losses in productivity. In fact, some companies affected by NotPetya experienced impacts of 4-7% of their pre-tax income (based on financial statements from 4 major corporations).
Consider/ask your customers: what would an attack like this mean for your fleet? How many PCs to you manage? If your IT resources had to manually reimage each one personally, how would that impact your productivity?
Because HP Sure Recover is based in hardware, it can reimage a PC even from a bare hard drive. And, it will automatically prompt end users to reimage if no OS is found, saving IT substantial time getting end users back up and running.
Use Cases:
User Initiated:
END USERS can quickly and easily reimage their own machines without IT support. All they have to do is enter the BIOS menu and select “Recover from Network”
AUTOMATED RECOVERY: if no OS is found, the PC will automatically present the user the option to reimage
IT Scheduled:
FRESH START: IT can schedule routine reimaging for the entire fleet, so malware doesn’t have a chance to linger.
Ideal for Hospitality, Retail, Healthcare, Education, et c.
Because HP Sure Recover4 is based in hardware, you can reimage a PC, even from a blank or wiped hard drive
1 Only available on new HP EliteBook x G3
2 Available on new HP EliteBook 800/700 G5 series

14. CLICK WITH CONFIDENCE SECURE BROWSING COMING SOON! FILE PROTECTION
Open attachments and work online with HP Sure Click79
SECURE BROWSING
Stay protected from bad websites - just close the tab, and the malware is gone.
COMING SOON! FILE PROTECTION
Protects against malware lurking in common files. HP Sure Click now protect users viewing Word, Excel, and PowerPoint files in read-only mode
COMPLIMENTS MICROSOFT EDGE
While Microsoft continues to enhance the security of its Edge browser, HP Sure Click covers Internet Explorer users
NEW!
[TALK TRACK]
We’re also excited to announce some new features launching for HP Sure Click.
HP Sure Click – our hardware enforced, secure browsing solution - isolates malware trying to use the browser as a way in, to protect your PC against infection. If you encounter malware when browsing with HP Sure Click, you just close the tab, and the malware is gone!
Earlier this year, we announced that HP Sure Click will also offer protection against PDF attacks when viewed in the browser.
Today, we’re announcing a further expansion into the realm of file protection: HP Sure Click will soon be able to expand protection to common office files – specifically, HP Sure Click now protect users viewing Word, Excel, and PowerPoint files in read-only mode. This is a major win, especially when you consider how much malware enters PCs in small business and corporate environments hidden inside of this type of file.
[DISCLAIMER]
79. HP Sure Click is available on select HP platforms and supports Microsoft® Internet Explorer, Google Chrome, and Chromium™. Supported attachments include Microsoft Office (Word, Excel, PowerPoint) and PDF files in read only mode. Check  AA7-0922ENW for all compatible platforms as they become available.
Young businesses have to be open to every new opportunity - which exposes them to a lot of potentially malicious files
HP Confidential. For use with HP or partner with customers under HP CDA only

15. HP Sure Click “The Test” Video

16. PROTECT YOUR PRIVATE INFO FROM PRYING EYES
The world’s ONLY PCs with integrated privacy screens42
HP SURE VIEW GEN232
protects against visual hacking with the press of a button
[Talking track]
As our offices become more open, and more employees are working in public places like airports, coffee shops, and shared workspaces, the risk of visual hacking increases. Visual hacking is not only simple, it’s also highly effective – 9 out of 10 visual hacking attempts are successful.40
To help protect our customers, HP has introduced HP Sure View Gen2, the world’s only integrated privacy screen.
Now in its second generation, HP Sure View Gen2 offers a better visual experience in both light and dark environments.
(Note: In its first generation, HP Sure View hid the screen by darkening it; with Sure View Gen2, the screen is hidden by lightening it.)
DISCLAIMERS:
32. HP Sure View integrated privacy screen is an optional feature that must be configured at purchase and is designed to function in landscape orientation.
42. Based on currently available, in-market PCs, as of August 1, 2016 having physically embedded, hardware-based privacy screen. Available on select HP EliteBooks only
40. Average based on global trials conducted by Ponemon Institute during the “Visual Hacking Experiment,” 2015, and the “Global Visual Hacking Experiment,” 2016, both sponsored by 3M
RESTRICTED USE GUIDELINES
EMEA:
-Restricted use claims may be used in EU
-DO NOT use in Romania, Slovakia, Turkey, UAE, Russia, CIS countries (Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine, and Uzbekistan
APJ:
-DO NOT use in China, Indonesia, Thailand, Vietnam, Philippines; High risk use in Japan, Korea, Taiwan,
LAR:
DO NOT use in Brazil and Mexico
SECOND GENERATION
Provides a better visual experience in light OR dark environments – from the plane to the café
HP Confidential. For use under Confidential Disclosure Agreement only. © Copyright 2017 HP Development Company, L.P. The information contained herein is subject to change without notice.
HP Confidential. For use with HP customers under HP CDA only

17. Jack Vale Visual Hacking
HP Sure View Video
Jack Vale Visual Hacking

18. HP WEBCAM PRIVACY COVER NO MORE POST-IT-NOTES, ELECTRICAL TAPE OR CHEAP STICK-ON SLIDERS
Protects webcam from attack
Mechanical “hack proof” design
Simple yet elegant
Camera LED always visible
Trusted
40. Average based on global trials conducted by Ponemon Institute during the “Visual Hacking Experiment,” 2015, and the “Global Visual Hacking Experiment,” 2016, both sponsored by 3M.
41. Based on notebooks with an integrated camera with a built-in mechanism for mechanically blocking the camera and having preinstalled encryption, authentication, malware protection and BIOS- level protection, passing MIL-STD 810G tests with optional docking incorporating power delivery and as of January ____, 2018.
42. Based on currently available, in-market PC's, as of August 1, 2016 having physically embedded, hardware-based privacy screen. Available on select HP EliteBooks only.
HP EMEA claims use:
France – Yes, but must publish substantiation report, translated if required locally; should have local country url leading to the posted report added to the disclaimer;
Germany - Yes, but must publish substantiation report, translated if required locally; should have local country url leading to the posted report added to the disclaimer;
Rest of EU countries – Yes. No report required to be posted. Do not post substantiation reports.
Netherlands, Serbia, Switzerland, Israel, MEMA- Yes; no reports required to be published;
MEMA countries: Yes, may use claims with caution. Do NOT publish substantiation reports containing competitor names in MEMA countries;
Romania, CIS Countries, Turkmenistan, Russia, Turkey, UAE, Saudi Arabia-No
HP APJ Region superlative claims use:
Australia Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in Australia and research remains current
China No, superlative claims are expressly prohibited in China
Hong Kong       Yes, Provided the claims have objective justification to show they are not
misleading, and are applicable and valid in Hong Kong
India Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in India, and research remains current
Indonesia No.
Japan Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in Japan, and research remains current
Malaysia  Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in Malaysia, and research remains current
New Zealand Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in New Zealand, and research remains current
Philippines Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in the Philippines, and research remains current
Singapore Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in Singapore, and research remains current
Taiwan Yes, Provided claims have objective research to show they’re not misleading, are
applicable & valid in Taiwan, and research remains current
Thailand Yes, Provided the claims are able to be proven true, and are applicable and valid in
Thailand
Vietnam No.
LAR Region superlative claims use:
Argentina –Yes.
Chile – Yes
Costa Rica – Yes
Brazil – No because superlative
Mexico – No because superlative
Ecuador – Yes
Colombia - Yes.
Peru - Yes
AVAILABLE NOW
HP EliteBook 800 G5 series
and HP ZBook 14/15u models
HP Confidential. For use under Confidential Disclosure Agreement only. © Copyright 2017 HP Development Company, L.P. The information contained herein is subject to change without notice.

19. New 2018 HP
Webcam Privacy
Video

20. HP MANAGEMENT INTEGRATION KIT GEN2
THE FIRST AND ONLY MICROSOFT-CERTIFIED PLUG-IN FOR SCCM
MANAGE MORE HP SECURITY, MORE HP FEATURES
Manage new HP security features including:
HP Sure Run3
HP Sure Recover4
SPEAKER NOTES:
Even the world’s best security system is no good if it’s turned off.
68% of organizations don’t reliably apply or audit their security policies.70 That’s just like having a high end home security system, but not checking that the door is locked when you leave the house. These unenforced security policies leave a company open to attacks on devices that are out of compliance – which can put the entire company at risk.
Security that’s not manageable isn’t truly secure. That’s why HP designs our security features with manageability in mind.
The HP Manageability Kit is a great example of this – it is the first and only Microsoft-certified plug-in for Microsoft® System Center Configuration Manager. The HP MIK makes it easy for IT to implement HP’s security features across their organization.
And, with second generation of the HP MIK, customers can do even more, and manage even more features:
HP MIK will support both HP Sure Run and HP Sure Recover.
The new features found in the latest generation of HP Sure Start, HP Multi-Factor Authenticate (based on Intel Authenticate), and HP Client Security Manager will get manageability support in HP MIK.
HP Sure View: There are some mobile workers who spend a significant amount of time in public spaces and they work on highly confidential documents. HP MIK is adding support for IT admins to define a policy to require HP Sure View to always be enabled.
The overall User Interface for HP MIK is updated to make it easier for IT admins to create and manage policies.
DISCLAIMERS:
3. HP Sure Run is available on HP Elite products equipped with Intel® or AMD® 8th generation processors.
4. HP Sure Recover is available on HP Elite PCs with 8th generation Intel® or AMD processors and requires an open, wired network connection. You must back up important files, data, photos, videos, etc. before using HP Sure Recover to avoid loss of data.
5. HP Multi Factor Authenticate requires 7th or 8th Generation Intel® Core™ processor, Intel® integrated graphics, and Intel® WLAN. Microsoft® System Center Configuration Manager is required for deployment.  Three authentication factors requires an Intel® vPro™ processor.
6. HP Manageability Integration Kit can be downloaded from
7. HP Sure View integrated privacy screen is an optional feature that must be configured at purchase
Restricted Claim Use Guidance:
EMEA:
France – Yes, but must publish substantiation report, translated if required locally; should have local country url leading to the posted report added to the disclaimer
Germany - Yes, but must publish substantiation report, translated if required locally; should have local country url leading to the posted report added to the disclaimer
Rest of EU countries, MEMA, Netherlands, Serbia, Switzerland, Israel – Yes
Romania, CIS Countries, Turkmenistan, Russia, Turkey, UAE, Saudi Arabia-No
APJ:
China, Indonesia, Vietnam – No
Rest of APJ- Yes
LAR:
Argentina, Chile, Costa Rica, Ecuador, Colombia, Peru– Yes
Chile, Brazil – No
HP’s strategy to Design for Manageability continues with the new security features HP is announcing. HP MIK will support both HP Sure Run and HP Sure Recover. Further, new software features also get support. Both HP PhoneWise and HP Power Manager will have manageability features. In HP Power Manager, IT admins can define schedules for when PCs should run from the battery, avoiding higher electrical rates during peak hours.
There are some mobile workers who spend a significant amount of time in public spaces and they work on highly confidential documents. HP MIK is adding support for IT admins to define a policy to require HP Sure View to always be enabled.
HP MIK also receives significant enhancements to manage features like HP Velocity, HP Audio, as well as setting the preferred conferencing client (e.g. Microsoft Skype, Cisco WebEx/Jabber) for the HP Conferencing Keyboard.
Manage policies for up to three factors or VPN credentials in HP Multi-Factor Authenticate5
Set policies for HP Sure View7 integrated privacy screen
and HP software
All-new UI makes it even easier for ITDMs to create and manage policies

21. HP SECURITY & MANAGEABILTY
5 Take-Aways
Every PC decision is a security decision
HP makes the world’s most secure and manageable PCs
Layered, cyber-resilient, hardware-enforced approach protects below, in and above the OS
HP Endpoint Security Controller is the bedrock of HP’s unique, hardware-based security solutions
“Built in, not bolted on” and the HP value proposition

22. Break Away

23. Q. What is the unique foundation of HP’s hardware-enforced security solutions that allows us to break away from the competition?

24. A. HP Endpoint Security Controller

25. Q. What are the three layers HP’s security strategy protects?

26. Below the OS. In the OS. Above the OS.

27. Q. What layer is the ideal target for attackers and why?

28. Below the OS. If an attacker is able to infiltrate the BIOS firmware, you will never know they are there.

29. Q. What is HP Sure Run?

30. HP Sure Run protects critical security processes from malware that tries to shut them down – for example, anti-virus software and firewall. It uses the HP Endpoint Security Controller to extend self-healing protection to the OS.

31. Q. What is the difference between HP Sure Recover and optional HP Sure Recover with Embedded Reimaging?

32. HP Sure Recover requires a wired network connection to restore the OS, while Sure Recover with Embedded Reimaging stores a copy of the OS on the motherboard for automatic OS restoration.  No cable required.

33. Q. What is the first laptop in HP’s product line to feature HP Sure Recover with Embedded Reimaging?

34. HP EliteBook x G3

35. Q. What is the name of the actor who is known as “The Fixer”?

36. Jonathan Banks

37. Q. What is the name of the only Microsoft-certified plug-in for SCCM?

38. HP Manageability Integration Kit Gen2

39. Q. What is Rick’s height?

40.    6’-7”