Genesis is recognized as an HP Partner First Platinum for superior customer expertise.
Critical gaps may exist in your imaging and printing environment. Find secure business solutions to address these risks. Avoid network hacks that steal consumer data using your printer. Prioritize secure business solutions to prevent a patient network breach. Only HP Enterprise printers can detect and self-heal from malware.1 And because they have the industry’s only upgradeable firmware, new security features can be added over time.2 1HP’s most advanced embedded device security features are available on HP Enterprise-class devices with FutureSmart firmware 4.5 or above and is based on HP review of 2018 published embedded security features of competitive in-class printers. Only HP printer security offers a combination of device security features for integrity checking down to the BIOS with self-healing capabilities. For more information visit: hp.com/go/printersecurity claims. 2Some printer security features endabled by future HP FutureSmart firmware upgrades may not be available on older devices, if for example, physical product characteristics limit the functionality of the new feature.
- HP SureStart: validates the integrity of the BIOS (Basic Input/Output System) code
- Whitelisting: validates the integrity of the firmware code
- Run-Time Intrusion Detection: detects changes to the system memory
HP SureStart is a feature that automatically validates the printer’s BIOS. The BIOS is a set of startup instructions used to load fundamental hardware components and initiate the HP FutureSmart firmware for HP LaserJet Enterprise printers.
Every time a printer is turned on or restarts with an error, HP SureStart validates the integrity of the BIOS by implementing a Secure Hash Algorithm (SHA–256) signed with HP’s digital signature to ensure that the printer is safeguarded from malicious attacks. If validation fails, the printer restarts using a safe “Golden Copy” of the BIOS. The “Golden Copy” of the BIOS is stored in an electrically isolated location within the printer and is loaded during manufacturing.
Run-Time Intrusion Detection
The Run-time Intrusion Detection feature detects anomalies in the system memory and protects the printer while it is connected to the network. It detects any malware intrusion attempts during complex firmware and system memory operations, and validates that the memory space is not modified to prevent memory corruption. If an intrusion is detected, the printer waits no more than a minute to cancel pending print jobs, automatically restarts, and then returns the printer to a secure state.
Whitelisting is a feature that uses code-signing to make sure that only known HP firmware versions are loaded. The firmware coordinates hardware functions, runs the control panel, provides network security, and determines what features are available when printing, scanning, or sending emails.
Whitelisting uses an HP digital signature to verify that only authentic HP code, solutions, and 3rd party solution files are authorized to be loaded into memory and operate the printer. If a file without an authentic HP digital signature is detected, the printer will not load the solutions file, will restart the printer, and will display the Preboot menu options on the control panel, thus preventing a potential malware exploit from executing.
Old HP Printers?
If you would like to secure your HP printing fleet but have older printers that cannot be upgraded to take advantage of the HP embedded printer security features listed above, you have two choices:
- Implement HP JetAdvantage Security Manager
- Replace your aging HP printers
We can help you analyze what works best for your organization, but we can't help you if you don't contact us.