Page 7 - THE Journal, May/June 2018
P. 7
SPONSORED REPORT | |
#296e92 r: 41
g: 110
b: 146
DON’T LET YOUR PRINTER BE A VULNERABILITY
Every classroom needs its own printer, but make sure it’s secure before you connect it to Wi-Fi.
be a starting point to escalate access to the network, giving criminals access to school servers and personally identifiable information.
Secure Printing
Anybody who thinks printers are
out of date in a world of one- to-one and tablet carts hasn’t been to DonorsChoose lately. The donation site for classroom technology and other resources currently includes 1,150 projects that seek funding specifically for printers. Teachers’ comments support the need for printers so that students are able to print individual and group projects, add color to their work and handle “all types of creative and educational” activities.
What schools need are smart printers designed with security features that prevent hackers from gaining entry. Some models can also “self-heal” in the event of an attack or some other anomaly.
Enterprise and Pro 400/500 printers feature firmware integrity validation, which confirms the firmware code to
be digitally signed by HP. Without that validation, the printers reboot to a safe recovery mode and await a valid firmware update (displayed on the control panel).
While many of these printers will be added to the network to simplify access for students and teachers, doing so presents a security conundrum. That ease of access also positions the printer as a potential security vulnerability and prime target for hackers.
If any alteration occurs in the memory, the printer detects the intrusion and automatically restarts and loads the authentic HP firmware code.
A bored high schooler in the United Kingdom proved that last year when
he sent the owners of 150,000 printers
a warning message displaying ASCII robots and recommending they tighten up their network security. The year before,
Security settings are maintained for HP’s PageWide Enterprise models through a “self-healing” capability if the school is running HP’s JetAdvantage Security Manager. Security Manager assesses and remediates security settings to comply with policies established by the school or district’s IT team.
a cybercriminal hijacked thousands of printers and used them to print out white supremacy fliers.
Another important security aspect
is the printer firmware that drives the operating system, which coordinates hardware functions, runs the control panel, determines what features are available when printing, scanning, or emailing, and providing network security. The PageWide
Finally, HP’s Connection Inspector
in the PageWide Enterprise models will prevent malware from sharing data and rooting around inside the network by evaluating outgoing network connections to determine what’s normal, what’s suspicious and needs to be stopped, and whether a self-healing reboot is required.
Hackers that gain control of a printer can steal personal data from its memory, deface printouts, or set the printer into an infinite loop and render it useless. More dangerously, printer control can also
These built-in security features surfacing in the newest generation of color printers help teachers give their students safe access to printing functions. They
can continue to print while ensuring the network remains protected from breaches.
That’s the idea behind a new set of technologies built into both the PageWide Pro 400/500 printers and PageWide Enterprise printers from HP. In both sets of PageWide printers, a secure boot process runs at startup to validate the integrity of the printer’s BIOS. On the PageWide Pro printers, if the code has been compromised, the device is placed in a recovery mode with limited functionality until “HP genuine code” is reinstalled. On the PageWide Enterprise printers if compromised code is discovered, the device restarts using a safe “golden copy” of its BIOS and self-heals behind the scenes.
HP’s runtime intrusion detection helps protect printers while they are powered on and connected to the network which prevents hackers from adding malware into active memory during operations.
For more information, please visit
www.cdw.com/hppagewide