With so much effort put into securing networks, devices and IT systems, printers and other seemingly innocent office devices are often overlooked. None more so than the humble office printer, which believe it or not can be subject to more vulnerabilities than anyone could ever guess, due to inadequate firewall protection.
We spoke to Grant Hopkins, HP New Zealand’s managing director about secure printing, managed print services and The Wolf web series.
HP has been one of the first vendors to realise that traditional printers and their ports can be in serious danger from attacks.
“Protecting against security breaches is one of the biggest challenges our customers face. HP is helping customers secure their devices, documents and data by defending our enterprise printers with the strongest protection in the industry,” Hopkins says.
Hopkins cites a Spiceworks report titled Unlocked doors: Research shows printers are being left vulnerable to cyberattacks, found only 16% of respondents thought printers are at high risk of a breach; 43% ignore printers in endpoint security.
Another report by Quocirca, titled Managed Print Services Landscape, 2016, found that 61% of respondents experienced at least one print-related data breach in the last year.
HP has developed solutions to tackle printer vulnerabilities, and those solutions cover everything from detection and recovery right through to whitelisting and intrusion detection.
HP Sure Start is the company’s BIOS security protection; whitelisting makes sure only legitimate firmware can be loaded; and Run-time Intrusion Detection is in-device memory monitoring specifically for malicious attacks. Run-time Intrusion Detection is now in new HP enterprise printers and can be added to most printers developed in 2010 through the FutureSmart firmware update.
Hopkins says that HP Labs focuses on a ‘Blended Reality’ future that includes immersive experiences, ambient computing, 3D transformation and security.
“The security lab is somewhat unique in that it conducts R&D for security innovation generally but also focuses on the unique security implications of all the other labs’ innovations,” he says.
A good thing when the world is becoming ever more connected.
IDC’s Robert Palmer has also explicitly named HP as one of the companies that is taking an active approach to addressing problems in the print and document space.
Looking at what HP is doing in the space, Hopkins says that distributed devices and the convergance of the physical and digital world means a new approach to security.
To do that, he says HP is focused on creating the most secure devices, empowering customers to use HP Managed Print Services for confident and secure computing, as well as pushing the industry forward.
“Since security is mission-critical, HP Secure Managed Print Services (MPS) provides customers with advanced protections along with the most comprehensive device, data and document security. In addition, HP provides the expertise to help customers develop and deploy their print security strategy and then maintain their print environment over time,” he says.
Those services include tools that protect and monitor HP printer fleets, data and documents with visibility. JetAdvantage Security Manager can remediate devices to comform with an enterprise’s printing policies and also provides proof-of-compliance reporting.
“HP’s security consultants work with customers to assess their print security vulnerabilities; build a comprehensive security policy based on business needs and best practices; and, identify and implement solution recommendations to achieve and maintain improved security,” Hopkins says.
HP’s role as a managed print service provider comes with a number of benefits, he says.
- HP Print Security Advisory Services can help assess customer risks, develop a custom print security policy
- HP Print Security Implementation Services can help deploy security settings, add security enhancements like device certificates, and integrate printers into SIEM tools
- HP Print Security Advisory Retainer Service provides on-going access to advisors to evaluate customer security plans on a regular basis
- HP Print Security Governance and Compliance Service provides trained experts to monitor and manage print security compliance.
Moving on to print security awareness, HP recently launched a global web series called ‘The Wolf’, starring award-winning actor Christian Slater. It’s not only doing well globally, but is also being well received in New Zealand.
Hopkins explains that the series shows how easy it is for hackers to get into corporate networks.
“In the short film, Slater systematically hacks a company entirely through real vulnerabilities in unprotected printers and PCs—starting in the mailroom and moving up to the executive boardroom,”
“The Wolf is the first of a series of global initiatives aimed at building awareness and creating a sense of urgency around the security vulnerabilities of endpoint devices, like printers and PCs in the office, and help them learn how to close these gaps in their security,” he continues.
He says security is not just about the network or perimeter, but everything and everyone connected to it - including devices. HP believes security is paramount across all devices.
“By integrating security into every part of our systems, HP is not simply protecting devices and vital data, we are reinventing security from protection to resilience, so people and companies can constantly stay a step ahead of the constantly evolving and always disruptive world of attacks,” Hopkins concludes.