Printers, an Often Overlooked Component of IT Security

Guest blogger Shivaun Albright, on IT security and the new HP LaserJets. 

 

HP Color LaserJet Flow MFP M577z.jpg

 

Today I attended an HP launch event in Barcelona where we introduced the new HP LaserJet Enterprise printers to over 600 partners and customers. This is an important launch because the new printers represent a significant advancement in printer security. As the Distinguished Technologist who led the development of the new embedded printer security features, the issue of printer security is near and dear to my heart. It is also a topic of vital importance to businesses and other large organizations, even if they don’t know it yet.

 

For business and IT leaders alike, security is one of the most pressing concerns of the day. Barely a week goes by when we don’t hear news of another organization that has been breached, rendering them and their partners and customers vulnerable. And the cost of these breaches is staggering. According to the Ponemon Institute, the average cost of a data breach is $3.79 million.1 Yet, we see time and time again when IT organizations put together a strategy to defend their networks from attack, they overlook an important endpoint, their printers.

 

According to the Ponemon Institute, only 53 percent of IT Managers realize that printers are vulnerable to cybercrime and a full 56 percent of companies ignore printers in their endpoint security strategy.2 Yet when you think about it, printers share many characteristics with PCs and servers – they have an operating system, and sometimes a keyboard or touch screen, and they receive and store files. In short they are a potential source of vulnerability that needs to be protected.

 

At HP, we are thinking broadly about how to provide the deepest security across PCs and printers by protecting devices, documents and data. We have been focused on delivering industry leading printer security for over two decades and we will continue to innovate and find new ways to help customers protect their print environment.

 

We are proud to call the HP LaserJet Enterprise 500-series printers we are launching today the world’s most secure printers because they not only support a robust, baseline of security features and settings, but also come with some innovative embedded security capabilities that are unparalleled in the industry.3 These include:

 

  • HP Sure Start: To prevent an attack at the point of start-up, HP is implementing BIOS-level security with HP Sure Start. This is the same BIOS security protecting HP’s Elite line of PCs since 2013 to new HP LaserJet Enterprise printers. In the event of a compromised BIOS, a hardware protected “golden copy” of the BIOS is loaded to self-heal the device to a secure state.  
  • Whitelisting ensures that only HP authentic code can be installed and loaded onto our devices. We do this using a White list where only known good code can be loaded into memory.  To clarify the terminology, a blacklist is used by anti-virus scanners today which rely on identifying finger prints of known malware. The problem with a blacklist is that it typically takes about 4 days to isolate a virus during a zero-day attack and publish an update. Embedded devices have the luxury of knowing the code that should be loaded and only allowing “known good files” to execute on a system.
  • Run-time Intrusion Detection protects the printer by continuously monitoring memory to identify, detect and highlight potential attacks to Security Information and Event Management (SIEM) tools like ArcSight. The device will automatically reboot flushing memory and bringing it back to a safe state.  This technology was developed in partnership with Red Balloon Security, an embedded device security company started by researchers from Columbia University.

And for customers who have purchased HP LaserJet Enterprise printers in recent years, you can benefit from at least some of these security innovations as well. With a firmware update, all three features can be enabled on the HP LaserJet Enterprise printers delivered since April 2015. For HP LaserJet Enterprise printers launched since 2011, two of the features, whitelisting and Run-time Intrusion Detection, can be enabled through an HP FutureSmart service pack update.

 

In addition to building these new self-protecting features into the printers themselves, HP is also making it easier for organizations to manage the security of their printer fleet as a whole. HP JetAdvantage Security Manager, the industry’s only policy-based printer security compliance solution, lets IT establish and maintain security settings such as closing ports, disabling access protocols, auto-erase files and more.4 When a reboot occurs, the HP Instant-On Security feature of this solution will check and reset any impacted settings automatically to bring devices into compliance with the organization’s policy. Over time, HP continues to update and add capabilities to this important security management tool.

 

At HP, we understand what it takes to help customers ensure that their printers are as secure as any other device on the network. We are delivering those capabilities through a comprehensive approach that includes technology, solutions and services.

 

If you would like to learn more about how HP can help you secure your print environment, please visit hp.com/go/PrintersThatProtect, or talk to your HP account manager or reseller.

 

 

  1. Ponemon Institute, “2015 Global Cost of a Data Breach Study”, May 2015.
  2. Source: Ponemon Institute, "Annual Global IT Security Benchmark Tracking Study", March 2015
  3. The world’s most secure printers and unparalleled in the industry: Based on HP review of 2015 published embedded security features of competitive in-class printers. Only HP offers a combination of security features for integrity checking down to the BIOS with self-healing capabilities.  Available on the HP LaserJet M527, M506, M577 and as an upgrade on the M552, M553, M604, M605, and M606. Some features will be made available as a HP FutureSmart service pack update on selected existing Enterprise printer models. 
  4. Based on HP Internal secured data (Device Security Comparison, January 2015), and Solutions Report on HP JetAdvantage Security Manager 2.1 from Buyers Laboratory LLC, February 2015

 

 

Comments
by PamelaSeymour
‎07-19-2016 11:47 PM - edited ‎07-19-2016 11:48 PM

Well written article about printers..A fantastic piece of work ... It has relevant information. Thanks for posting this.I just loved your way of presentation.. Thanks for sharing

Thesis writing service

by thomas95wil
on ‎10-02-2016 09:56 AM

There's noticeably a bundle to understand relating to this. I presume you made certain nice points in attributes also. lords mobile hack no survey

by JaniceJorda
on ‎12-04-2016 08:32 AM

thanks for your sharing, I appreciate this. keep http://awriter.org/ up the good work

by shivangi2016tri
April

nice unique article on printers and very well connected in terms of security. 

UPS Customer Service Centre
Search 367 Addison Avenue
Showing results for 
Search instead for 
Do you mean 
About the Author
Labels