Hardware & Infrastructure
News
10/17/2007
02:55 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

HP Secure Print Advantage Protects Printers From Hackers

HP Secure Print Advantage consists of software and hardware designed to harden organizations' printing infrastructure against attacks and to protect potentially sensitive information.

Hewlett-Packard on Wednesday plans to announce a new initiative to make networked printers more secure.

HP Secure Print Advantage, part of the HP Secure Advantage portfolio, consists of software and hardware designed to harden organizations' printing infrastructure against attacks and to protect potentially sensitive information.

"Printers have been turned into computers over the years and people have learned how to hack them," said Chris Whitener, chief strategist of HP Secure Advantage.

This isn't exactly a new problem. In a presentation at the 2000 Cert Conference, for example, computer security researcher Steve Nugen provided information about one incident in which a Space and Naval Warfare Systems Command printer was hacked, allowing the attacker to reprogram routing tables on other network equipment to copy print jobs to a server in Russia.

Today, many corporate printers have large hard drives, over 50 Gbytes, which may store months of valuable, possibly sensitive, print jobs. "They're often a repository for more interesting information than most people realize," said Whitener.

HP also plans to announce the HP Secure Advantage Alliance Program to provide a broad range of security offerings to companies that include products and services from HP's security partners, including Crossroads Systems, Ingrian, and SenSage.

HP Secure Print Advantage allows IT managers to enforce policies across the network and protect against malicious attacks. It meets both FIPS 140-2 Level 4 and Common Criteria EAL 4+ standards required by government customers.

The system sends encrypted print jobs to a secure document server, where the print jobs are decrypted and scanned for malware. If malware is found, the job is terminated and the incident is logged. If not, the print job is re-encrypted and sent to the printer.

Once there, the protected print job waits until credentials are presented before emerging as a printed document. This is to avoid what Mike Howard, HP's manager of worldwide security solutions, calls "print and sprint" -- a mad dash to the printer to prevent prying eyes from seeing something sensitive.

Howard recounted how one organization, which he declined to name, printed a document about planned layoffs, which was seen by employees before the staff reduction was announced. "You can imagine the effect on morale," he said.

"If you stand next to a printer long enough, you'll get some confidential information at a company," said Howard.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.