Logging device activity
Logging device activities ensures compliance to security and access policies. HP DSS, Capella,
SafeCom, and Ringdale each allow device activity, including user, document, and destination, to be
monitored. Logging functions can also include configuration and management actions.
Common Criteria Certification
HP is currently in process of receiving Common Criteria Certification for Disk Erase and analog fax
capabilities for the HP LaserJet 4345mfp, 4730mfp.
HP supports the IEEE p2600's development of an imaging and printing security standard that will
allow credible industry-wide Common Criteria Certification and expects to certify products to the
standard when available.
The future of imaging and printing security
Document security and Digital Rights Management
Document security is evolving. Driven by Digital Rights Management, developers are focusing on the
security of the content, rather than the security of the application that transports it. Current,
rudimentary, examples include document password protection by application (e.g., Excel
spreadsheets and Word documents). Passwords provide basic, limited capabilities.
Adobe® Systems (PDF) and Microsoft (Metro) have both introduced content protection capabilities in
their respective document formats, allowing control over individual access to documents, limits on
document redistribution, and automatic expiration of content after a defined date.
As content protection evolves, the enforcement of controls will move from PC-based applications that
render documents for devices, to the devices themselves. Likewise, content originating at a device
(e.g., scanned documents) will immediately receive content protections, rather than rely on attached
PC-devices to provide it.
Trusted Computing Group
The Trusted Computing Group (TCG, www.trustedcomputinggroup.org) is a standards organization
with over 100 member companies developing standards to enhance the trustworthiness of computing
equipment. HP chairs the Hardcopy Work Group, which is responsible for standards related to imaging
and printing devices. Trusted Computing will ensure devices operate with a greater level of integrity.
Trusted imaging and printing platforms will allow both IT administrators and users to validate the
trustworthiness of a device prior to its use. Such trusted capabilities could ensure that only authorized
MFPs are allowed access to the network, that designated MFPs are the actual originators of documents,
and that printers cannot replicate print jobs without user permission.