HP imaging and printing has evolved with enterprise security needs. HP offers imaging and printing
devices with a broad range of security capabilities, including high-security products that allow
operations in the most demanding environments and the tools to effectively manage large-scale
deployments of those devices.
While it would be impossible to prescribe all of the security requirements for an enterprise's imaging
and printing environment, the following recommendations may be used as a starting point for
enabling that security.
1. Assess Common Criteria Certification needs
Today, features being certified by the hardcopy industry are not representative of the true risks that
face imaging and printing devices. It is critical to scrutinize certification and assess the capabilities
of the device against actual needs.
2. Fleet/batch manage using HP Web Jetadmin
HP Web Jetadmin provides consistent management of enterprise-deployed imaging and printing
devices and is critical for maintaining a secure environment. Fleet management aids in the
consistency of policy enforcement and assists in audit and regulatory compliance.
3. Update firmware images
Firmware updates protect against product defects and vulnerabilities. HP provides automated
firmware update notification services, and HP Web Jetadmin aids in deploying updates across
4. Disable unused ports and services
Frequently, imaging and printing devices have unused capabilities that are enabled. In some cases,
these capabilities may enable functionality counter to the intent of the administrator, such as leaving
insecure management protocols accessible, when only encrypted management is desired.
5. Implement access controls
HP printers and MFPs allow a variety of user-level authentication mechanisms, including passwords,
proximity cards, and Smartcards. Access controls can ensure that only authorized users utilize the
imaging and printing infrastructure, while authentication capabilities provide assurances of who is
using the environment, and how they are using it, which aids in audit and regulatory compliance.
6. Implement secure protocols
The sophistication necessary to sniff network traffic has been reduced by the distribution of hacking
tools, as well as by legitimate network analyzers. IPsec secures existing printing and scanning
applications with strong encryption, while SNMPv3 and HTTPS secures management functions.