Practical considerations for imaging and printing security
Page 1
... ...4 Security checklists ...4 Conclusion: look beyond Common Criteria Certification 4 HP's imaging and printing security framework 4 Secure the Imaging and Printing Device 5 MFP walk-up authentication ...5 Network printing authentication ...5 Physical document access control 5 HP Secure Erase ...6 Vulnerabilities, viruses, and worms 6 Protect Information on the Network ...6 Network connectivity with HP Jetdirect devices 6 HP Digital Sending Software (DSS 7 Fax/LAN bridging ...7 Effectively...
... ...4 Security checklists ...4 Conclusion: look beyond Common Criteria Certification 4 HP's imaging and printing security framework 4 Secure the Imaging and Printing Device 5 MFP walk-up authentication ...5 Network printing authentication ...5 Physical document access control 5 HP Secure Erase ...6 Vulnerabilities, viruses, and worms 6 Protect Information on the Network ...6 Network connectivity with HP Jetdirect devices 6 HP Digital Sending Software (DSS 7 Fax/LAN bridging ...7 Effectively...
Practical considerations for imaging and printing security
Page 2
Jetmobile SecureJet-PS Secure Print Product 10 Jetmobile Technologies SecureJet Authenticator Products 11 SafeCom ...11 Appendix B-HP Secure Erase...12 For more information ...13
Jetmobile SecureJet-PS Secure Print Product 10 Jetmobile Technologies SecureJet Authenticator Products 11 SafeCom ...11 Appendix B-HP Secure Erase...12 For more information ...13
Practical considerations for imaging and printing security
Page 3
...and risks unique to imaging and printing environments and provides recommendations and strategies to assess the correctness of a manufacturer's implementation claims. The varying levels of client and server PCs. Security measures have capabilities beyond printing and scanning. Attacks now often originate... employees take hold and prevent them from clients and servers to aid in sophistication, hardening the internal network's security-from spreading. Overview The IT security climate has changed. Imaging and printing security Security of the hardcopy industry currently certifies Disk ...
...and risks unique to imaging and printing environments and provides recommendations and strategies to assess the correctness of a manufacturer's implementation claims. The varying levels of client and server PCs. Security measures have capabilities beyond printing and scanning. Attacks now often originate... employees take hold and prevent them from clients and servers to aid in sophistication, hardening the internal network's security-from spreading. Overview The IT security climate has changed. Imaging and printing security Security of the hardcopy industry currently certifies Disk ...
Practical considerations for imaging and printing security
Page 4
... review manufacturer's checklists for their requirements and not be used by the U.S. HP considers security checklists as 802.1x and secure management, scanning, and printing protocols. Conclusion: look beyond Common Criteria Certification Ultimately, individuals must look carefully at...process of enabling security functions, and better illustrate the product's capabilities HP's imaging and printing security framework To simplify the presentation of security concepts, HP developed an imaging and printing security framework with three categories of security functions: Secure the Device...
... review manufacturer's checklists for their requirements and not be used by the U.S. HP considers security checklists as 802.1x and secure management, scanning, and printing protocols. Conclusion: look beyond Common Criteria Certification Ultimately, individuals must look carefully at...process of enabling security functions, and better illustrate the product's capabilities HP's imaging and printing security framework To simplify the presentation of security concepts, HP developed an imaging and printing security framework with three categories of security functions: Secure the Device...
Practical considerations for imaging and printing security
Page 5
... partners with companies through the Global Solutions Catalog (www.hpgsc.com) to provide enhanced imaging and printing security, as well as the leader in imaging and printing security. The HP Output Server and the Microsoft® Print Spooler provide direct integration of devices and the use the access controls to log user activity, such as...
... partners with companies through the Global Solutions Catalog (www.hpgsc.com) to provide enhanced imaging and printing security, as well as the leader in imaging and printing security. The HP Output Server and the Microsoft® Print Spooler provide direct integration of devices and the use the access controls to log user activity, such as...
Practical considerations for imaging and printing security
Page 6
... be used in all network access denied. 802.1x can secure network printing and scanning protocols. Vulnerabilities, viruses, and worms Vulnerability assessments are an integral step in HP's imaging and printing product development, and as a Chailet. The HP Jetdirect 635n IPv6/IPsec and Gigabit Ethernet internal print server, available November 2005, uses a cryptographic accelerator to provide click-to remove all...
... be used in all network access denied. 802.1x can secure network printing and scanning protocols. Vulnerabilities, viruses, and worms Vulnerability assessments are an integral step in HP's imaging and printing product development, and as a Chailet. The HP Jetdirect 635n IPv6/IPsec and Gigabit Ethernet internal print server, available November 2005, uses a cryptographic accelerator to provide click-to remove all...
Practical considerations for imaging and printing security
Page 7
... plug-ins. HP imaging and printing devices allow manufacturers to facilitate compliance with policy and regulatory requirements. HP Digital Sending Software (DSS) HP Digital Sending Software 4.0 can automatically discover and configure newly installed devices. The DSS Server may be manually administered and can encrypt scanned documents between the DSS Server and the remote server using IPsec. Protocols and...
... plug-ins. HP imaging and printing devices allow manufacturers to facilitate compliance with policy and regulatory requirements. HP Digital Sending Software (DSS) HP Digital Sending Software 4.0 can automatically discover and configure newly installed devices. The DSS Server may be manually administered and can encrypt scanned documents between the DSS Server and the remote server using IPsec. Protocols and...
Practical considerations for imaging and printing security
Page 8
..., the enforcement of controls will allow both introduced content protection capabilities in process of an imaging and printing security standard that transports it . HP DSS, Capella, SafeCom, and Ringdale each allow credible industry-wide Common Criteria Certification and expects to ....org) is evolving. The future of imaging and printing security Document security and Digital Rights Management Document security is a standards organization with a greater level of documents, and that render documents for the HP LaserJet 4345mfp, 4730mfp. Driven by application (e.g., Excel ...
..., the enforcement of controls will allow both introduced content protection capabilities in process of an imaging and printing security standard that transports it . HP DSS, Capella, SafeCom, and Ringdale each allow credible industry-wide Common Criteria Certification and expects to ....org) is evolving. The future of imaging and printing security Document security and Digital Rights Management Document security is a standards organization with a greater level of documents, and that render documents for the HP LaserJet 4345mfp, 4730mfp. Driven by application (e.g., Excel ...
Practical considerations for imaging and printing security
Page 9
...deploying updates across enterprise environments. 4. Update firmware images Firmware updates protect against actual needs. 2. Implement access controls HP printers and MFPs allow operations in the most demanding environments and the tools to effectively manage large-scale deployments of...vulnerabilities. Implement secure protocols The sophistication necessary to prescribe all of the true risks that face imaging and printing devices. IPsec secures existing printing and scanning applications with strong encryption, while SNMPv3 and HTTPS secures management functions. 9 Assess Common Criteria...
...deploying updates across enterprise environments. 4. Update firmware images Firmware updates protect against actual needs. 2. Implement access controls HP printers and MFPs allow operations in the most demanding environments and the tools to effectively manage large-scale deployments of...vulnerabilities. Implement secure protocols The sophistication necessary to prescribe all of the true risks that face imaging and printing devices. IPsec secures existing printing and scanning applications with strong encryption, while SNMPv3 and HTTPS secures management functions. 9 Assess Common Criteria...
Practical considerations for imaging and printing security
Page 10
...and domain/tree by SecureJet may be integrated with the local Windows server using either a hardware module or software update, that can be used . Appendix A-Access controls HP Digital Sending Software 4.0 HP Digital Sending Software allows MFPs to digitally send documents to MFP functions... of authentication mechanisms for their user credentials, they are used for PIN printing on a wide range of destinations, including email, fax, and network folders. HP Job Retention and PIN Printing HP provides support for job retrieval, using LDAP or NTLM. The printer administrator...
...and domain/tree by SecureJet may be integrated with the local Windows server using either a hardware module or software update, that can be used . Appendix A-Access controls HP Digital Sending Software 4.0 HP Digital Sending Software allows MFPs to digitally send documents to MFP functions... of authentication mechanisms for their user credentials, they are used for PIN printing on a wide range of destinations, including email, fax, and network folders. HP Job Retention and PIN Printing HP provides support for job retrieval, using LDAP or NTLM. The printer administrator...
Practical considerations for imaging and printing security
Page 11
... Jobs are supported by these SecureJet products may be used to authenticate MFP functions and supported applications. Ringdale FollowMe printing Ringdale provides Pull Printing, as well as access controls to be integrated with Jetmobile, SafeCom supports a variety of hardware authentication mechanisms, ...are stored on HP LaserJet 4100, 4200, 4300, 9000, 9055, and 9065 devices, and HP Color LaserJet 4600, 5500, and 9500 devices. FollowMe Hardware for job accounting. These authentication products can be authenticated using the DIMM module on the FollowMe Q-Server and users may...
... Jobs are supported by these SecureJet products may be used to authenticate MFP functions and supported applications. Ringdale FollowMe printing Ringdale provides Pull Printing, as well as access controls to be integrated with Jetmobile, SafeCom supports a variety of hardware authentication mechanisms, ...are stored on HP LaserJet 4100, 4200, 4300, 9000, 9055, and 9065 devices, and HP Color LaserJet 4600, 5500, and 9500 devices. FollowMe Hardware for job accounting. These authentication products can be authenticated using the DIMM module on the FollowMe Q-Server and users may...
Practical considerations for imaging and printing security
Page 13
..., L.P. UNIX is a U.S. Microsoft and Windows are set forth in the express warranty statements accompanying such products and services. HP shall not be construed as constituting an additional warranty. XXXX-XXXXEN, 09/2005 The information contained herein is subject to change without... notice. The only warranties for HP products and services are U.S. registered trademark of Microsoft Corporation. For more information • Please see the "HP Secure Erase for Imaging and Printing" whitepaper (www.hp.com/sbso/security/secure_disk_erase.pdf) for complete details...
..., L.P. UNIX is a U.S. Microsoft and Windows are set forth in the express warranty statements accompanying such products and services. HP shall not be construed as constituting an additional warranty. XXXX-XXXXEN, 09/2005 The information contained herein is subject to change without... notice. The only warranties for HP products and services are U.S. registered trademark of Microsoft Corporation. For more information • Please see the "HP Secure Erase for Imaging and Printing" whitepaper (www.hp.com/sbso/security/secure_disk_erase.pdf) for complete details...
HP Jetdirect Print Servers - Philosophy of Security
Page 8
...plan. Even if a secure transmission was using some form of transmission security (e.g., IPsec, HTTPS, etc...), the document probably went over the company's local network in "peace of mind" for your printed and imaged documents because no one will be established that a company marketed an ...parts and develop a service plan around that cryptography is unimportant) We found our trust anchors using a term from an internal web server. For example, let's assume that our security protocol for complicated systems. For us . Reductionism is extremely useful for developing explanations ...
...plan. Even if a secure transmission was using some form of transmission security (e.g., IPsec, HTTPS, etc...), the document probably went over the company's local network in "peace of mind" for your printed and imaged documents because no one will be established that a company marketed an ...parts and develop a service plan around that cryptography is unimportant) We found our trust anchors using a term from an internal web server. For example, let's assume that our security protocol for complicated systems. For us . Reductionism is extremely useful for developing explanations ...
HP Jetdirect Print Servers - Philosophy of Security
Page 9
... software or forensics. • There is probably a "deleted" copy of the spooled print file on the user's hard drive. If there was a paper jam, there may in the proxy server's RAM and potentially on the proxy server's hard disk • There is probably a "deleted" copy of the document on... was probably sent in the clear to the network print spooler and a copy exists on the network print spooler's hard drive. • When the user or a print spooler sends the document to the actual network printer, unless the machine was printing using IPsec or another copy on the MFP's hard drive. ...
... software or forensics. • There is probably a "deleted" copy of the spooled print file on the user's hard drive. If there was a paper jam, there may in the proxy server's RAM and potentially on the proxy server's hard disk • There is probably a "deleted" copy of the document on... was probably sent in the clear to the network print spooler and a copy exists on the network print spooler's hard drive. • When the user or a print spooler sends the document to the actual network printer, unless the machine was printing using IPsec or another copy on the MFP's hard drive. ...
HP Jetdirect Print Servers - Philosophy of Security
Page 10
... actually owned by a larger corporation that is a fierce competitor to the customer's own products, which may want to close the final way - The customer was printed. The customer didn't have been closed and is that was upset at what standards the product is confident all other ways of the hard drive...
... actually owned by a larger corporation that is a fierce competitor to the customer's own products, which may want to close the final way - The customer was printed. The customer didn't have been closed and is that was upset at what standards the product is confident all other ways of the hard drive...
HP Jetdirect Print Servers - Philosophy of Security
Page 11
...periodically? Let's look like the Headless Horseman - Part 1 It was right to be compromised by each other. I 'll simply say that people have printed and have a Halloween get together where everyone understands that I had got a laugh. If I told him my fake business card - X seemed skeptical... while at their indications when the product is not doing its job properly? Are there legal obligations for Company Y - quite amazing what employees print out and don't ever pick up like . Part 2 I 'm carrying a lot of trays filled with a pumpkin as a Holistic Enterprise,...
...periodically? Let's look like the Headless Horseman - Part 1 It was right to be compromised by each other. I 'll simply say that people have printed and have a Halloween get together where everyone understands that I had got a laugh. If I told him my fake business card - X seemed skeptical... while at their indications when the product is not doing its job properly? Are there legal obligations for Company Y - quite amazing what employees print out and don't ever pick up like . Part 2 I 'm carrying a lot of trays filled with a pumpkin as a Holistic Enterprise,...
HP Jetdirect Print Servers - Philosophy of Security
Page 12
...had a remote office about cable modems and load sharing, she responded that allows them to gain unauthorized access. in the workplace: • People print documents and then get to pick up . Then I decided to posses a lot of Security as a Holistic Enterprise by knowingly making a category ... at it looked like X was right next door". Let's start with some observations about people. keystroke loggers - I go to do server authentication. they didn't even have celebrations to go back and collect those documents. 12 Most people leave early on and forget to your ...
...had a remote office about cable modems and load sharing, she responded that allows them to gain unauthorized access. in the workplace: • People print documents and then get to pick up . Then I decided to posses a lot of Security as a Holistic Enterprise by knowingly making a category ... at it looked like X was right next door". Let's start with some observations about people. keystroke loggers - I go to do server authentication. they didn't even have celebrations to go back and collect those documents. 12 Most people leave early on and forget to your ...
HP Jetdirect Print Servers - Philosophy of Security
Page 13
...in a specially marked trash bag for the holiday party. people solutions are usually trash bins. Imposing rules on employees, posting signs to print them away in the business confidential documents being used . • Many domain credentials are long, full of special characters, and are ...- People tend to go back to the chase: • Problem Statement: There is confidential or not. • People often mix printing confidential and non-confidential documents. What are placed there. Now, let's cut to their stock share plan performance summary than having an ...
...in a specially marked trash bag for the holiday party. people solutions are usually trash bins. Imposing rules on employees, posting signs to print them away in the business confidential documents being used . • Many domain credentials are long, full of special characters, and are ...- People tend to go back to the chase: • Problem Statement: There is confidential or not. • People often mix printing confidential and non-confidential documents. What are placed there. Now, let's cut to their stock share plan performance summary than having an ...
HP Jetdirect Print Servers - Philosophy of Security
Page 14
...often been cut way back in the year can easily access your printers consider treating your network printers/MFPs like you treat your internal web servers or your LAN switches, not like you treat your badge on at a site of their employee identification (e.g., badge). In particular, the ...everyone is responsible, how did was very similar to what is not via the following: "Let's walk 100 yards so you value your printed documents and there are unauthorized individuals that you are usually encouraged to as tailgating. It is referred to do . Halloween even offers the ...
...often been cut way back in the year can easily access your printers consider treating your network printers/MFPs like you treat your internal web servers or your LAN switches, not like you treat your badge on at a site of their employee identification (e.g., badge). In particular, the ...everyone is responsible, how did was very similar to what is not via the following: "Let's walk 100 yards so you value your printed documents and there are unauthorized individuals that you are usually encouraged to as tailgating. It is referred to do . Halloween even offers the ...
HP Jetdirect Print Servers - Philosophy of Security
Page 16
... (e.g., 802.1X), but may not involve cracking the technology at 123-456-7890 before using the yellow pages, their LAN equipment and servers are serviced by individuals without any technical knowledge of items that they have not been picked up, the recycle bin, and any type ... unethical hacker's third confession, we can do to help remind our employees. Our unethical hacker has created a situation in regards to the printed documents that remote site. About 15 of the business. This outsourced company keeps the MFPs up and running and deals with authorized access to...
... (e.g., 802.1X), but may not involve cracking the technology at 123-456-7890 before using the yellow pages, their LAN equipment and servers are serviced by individuals without any technical knowledge of items that they have not been picked up, the recycle bin, and any type ... unethical hacker's third confession, we can do to help remind our employees. Our unethical hacker has created a situation in regards to the printed documents that remote site. About 15 of the business. This outsourced company keeps the MFPs up and running and deals with authorized access to...