Tech giant HP has introduced new printer security features as part of a high-profile HP Work From Home rollout this week, adding remote management and zero-trust capabilities to manage and secure printers and other devices in workers' homes.
The new security features for remote devices revolve around a cloud-based security management function to ensure devices meet corporate policies, zero-trust capabilities to protect endpoints, and a tracking feature that keeps tabs on remote devices. Other features of HP Work From Home include ISO certification to show HP adheres to global life cycle management and supply chain standards and the capability to wipe stolen or lost devices.
Much of the impetus for the security features stem from the reality that as companies move to hybrid working models, they are forced to adapt to an ever-increasing number of potentially vulnerable endpoints. In fact, a recent HP report found that 83% of IT teams believe remote network is a “ticking time bomb” for a network breach.
Robert Palmer, a research vice president who covers imaging, printing, and document solutions at IDC, says many of the new security features are extensions of long-standing HP security features that are now being brought to work-from-home (WFH) environments.
“It’s really not unusual for HP to make announcements on print security; they’ve been a leader in endpoint security for several years,” Palmer said. “So while they were rolling out their subscription-based HP Work From Home print services, it made sense to also cover the security capabilities.”
Printer Security and Zero-Trust
The security functionality in HP’s new program boils down to three areas: zero-trust, cloud security management, and ISO certification that adheres to international standards for printer life cycle management.
Shivaun Albright, HP’s chief technologist of print security, explains that as the lines blurred between work and home, company and personal devices have become comingled. So to protect company devices, each endpoint must have its own set of defenses, Albright says.
“The general assumption in a zero-trust philosophy is that these IoT devices are not secure and that they have already been breached,” Albright says.
To deliver the required level of protection and detection on each company device, Albright says HP’s Wolf Print Security continually validates the firmware and configuration settings. It also monitors the device for potential security events and anomalous behavior, and automatically returns attacked devices to a safe state. Finally, it applies strong authentication on each device.
“In a zero-trust environment you want to require authentication for both admins and users,” Albright said. “What that means is that you need authentication for anybody who configures settings and anyone doing pull-print solutions where the jobs only print when the user is in front of the printer. If there’s a scanner, the user can scan downstream to repositories, authenticate at the device, and send down to OneDrive or DropBox, or whatever the case may be.”
Adding Printers to Cloud Security Management
Cloud security management is essentially an extension of HP Security Manager to a WFH environment, says IDC’s Palmer.
“Before this, Security Manager was only limited to the fleet in an on-campus environment,” Palmer said. “Through cloud software, admins now have the ability to remotely check for the latest configuration settings, make sure firmware is updated, the passwords are updated, and all the devices are in compliance with corporate policies”
Palmer added that HP also has numerous prebuilt security features into its printers. These include secure startup, BIOS protection, runtime intrusion detection, and clean firmware updates.
“All of this protects against malicious attacks and malware, Palmer said. “It’s become increasingly important because these printing devices are not just peripherals anymore. They are endpoint devices that connect to the cloud and have direct access to the rest of the network. Any IoT device is now an endpoint device that represents a high-level threat.”
Albright added that for companies with older systems, HP will support consumer devices up to three years after they shipped and enterprise devices up to five years after they’ve shipped. The program also includes HP Wolf Protect and Trace, a new service that lets IT locate devices and take action to lock or erase those devices in case they are lost or stolen. The service aims to protect company data, track the location of HP devices, and prevent unauthorized users from accessing files on the company’s network.