- October 29, 2020
Cybercriminals attack where an organization is most vulnerable, and for many companies, printers are a weak spot. As machines that process and store highly sensitive data, they are ideal targets for cybercriminals who can also use them as an entry point to access the rest of the network. In spite of these risks, 43% of companies ignore printers in their security strategies. Partnering with a company that offers the world’s most secure printers is the best way to protect your organization from printer-related exploits.
Printers are becoming more like PCs, so they deserve the same level of protection. As a PC and printer manufacturer, HP implements more robust security features than other print manufacturers. It is the only print manufacturer with four comprehensive device-level security features on all its enterprise printers: Sure Start, Whitelisting, Runtime Intrusion Detection, and HP Connection Inspector.
Enterprise-class Printer & MFP Comparison
| Category | Description | HP | Xerox | Lexmark | Ricoh | Konica Minolta | Kyocera | Canon | Brother |
|---|---|---|---|---|---|---|---|---|---|
| Device Security | Sure Start (BIOS protection with self-healing) | Y | N | P | P | P | N | N | N |
| Whitelisting | Y | Y | Y | Y | Y | N | N | N | |
| Run-time intrusion detection (self-healing) | Y | N | N | N | N | N | N | N | |
| Network anomaly detection (self-healing) | Y | N | N | N | N | N | N | N | |
| Security policy deployment and remediation | Y | N | N | N | N | N | N | N | |
| Integration with Microsoft SCCM | Y | N | N | N | N | N | N | N | |
| Data Protection | Access control | Y | Y | Y | Y | Y | Y | Y | Y |
| Encrypted communications | Y | Y | Y | Y | Y | Y | Y | Y | |
| TPM availability | Y | N | N | Y | Y | N | Y | N | |
| Integrated encrypted hard drives with secured storage erase | Y | Y | Y | O | Y | Y | Y | N | |
| Document Security | Pull-PIN print solutions | Y | Y | Y | Y | Y | Y | Y | N |
| Counterfeit and fraud deterrent | Y | Y | Y | Y | Y | Y | Y | N |
| LEGEND | Y = Yes | N = No | O = Optional | P = Partial |
Sure Start
Basic Input/Output System (BIOS) is a set of instructions that run every time a device starts. It also oversees the data flowing between the device’s operating system and external devices. Most antivirus, anti-malware, and OS firewalls will not detect an infected BIOS, so protecting it is crucial. Sure Start works in the background, ensuring BIOS integrity each time the print device is turned on. When it discovers something unusual, Sure Start will notify the user on the display pad, reboot the device using a safe golden copy of the BIOS, and alert IT.
Whitelisting
Firmware determines how a device’s internal hardware communicates. Compromised firmware could allow an attacker into your entire network. Whitelisting embeds a digital signature on the original firmware and validates it each time the device starts. The whitelisting feature alerts users to any abnormalities via the device’s display pad, and the device will reboot securely offline while notifying IT.
Runtime Intrusion Detection
Where Sure Start and Whitelisting protect the printer as it powers on, Runtime Intrusion Detection protects the device while it is running and connected to the network. It continuously reviews firmware and memory operations. If it finds an anomaly, it immediately stops the intrusion, reboots the device, and alerts IT. Head here for a live demo of HP’s Runtime Intrusion Detection.
HP Connection Inspector
When malware infects a device, it can sometimes contact a remote command and control (C&C) server to retrieve instructions or upload stolen data. HP Connection Inspector monitors outgoing network connections to identify routine requests, stop any suspicious activity, and activate a self-healing reboot when required. Head here for a live demo of HP Connection Inspector.
Document and data-level Security
Not every printer security breach is malicious. Sometimes, human error is the cause. Of the organizations surveyed by HP, 85% don’t enable print logs to track login attempts and user access, 60% fail to apply user password policies on their printers, and 59% reported a printer-related data loss incident in 2019.
HP Access Control Secure Authentication is part of HP’s JetAdvantage Solution that prevents printed documents from falling into the wrong hands. It enables secure pull printing, which protects unclaimed prints by storing them on a network for secure retrieval. Users can access their documents using authentication options including proximity card readers, personal identification codes or numbers (PIC, PIN), and smartcards. Secure pull printing prevents unauthorized access to printers from anywhere via mobile devices.
Security Information and Event Management
HP’s enterprise printer security features work best when integrated with security information and event management (SIEM) software. SIEM is a critical element in any security strategy, enabling IT providers to analyse the data captured during a cybersecurity incident. They can use these insights to introduce new policies and features that prevent future attacks.
Seamless printing is crucial for most businesses, yet printers often slip through the security net. Compared to other printer companies, HP offers more security features in its devices, protecting them from start up to shut down. These features minimize the need for IT intervention, keeping organizations more productive without compromising security. When choosing a printer for your organization, HP is a safe bet, offering the most secure out-of-the-box enterprise printer options currently on the market.
