Yet HP explained just how easy it would be for a hacker to do what is described above. First, using software which can readily be purchased on the Internet, they would search for and identify hundreds of network printers and their IP addresses, in organisations all around the world. Then, they would select a networked device (could be from any manufacturer) in an organisation that they wanted to target. HP explained how, with a few mouse clicks, using a default password, the hacker would be able to get access to the printer, and potentially control it. The staff at the target organisation would not even be aware that someone from outside had gained access to the device on their network.
Most of us in the room would not have believed this was possible, until we were told how easily it could be done. The point which HP are making here is just how vulnerable printers are to hacking, and the danger this represents, not only in terms of access to the data passing through the printer, but also as a potential gateway to the rest of the network. In addition, some hackers have used access to print malicious spam messages on an organisation’s printers, which opens up all kind of other issues, including the risk of being sued for spreading defamatory or threatening material. Most organisations go to great lengths to protect their network with a firewall and multiple layers of security, and are well versed in the need for anti-virus and anti-malware protection of PCs and servers. However, they overlook the humble printer as a potential security weak point.
So, what should organisations do to address this threat? HP is taking the lead among printer manufacturers, with a comprehensive range of security features and services, to help clients minimise the vulnerability of their printers to hacking. Most manufacturers have recognised the need for some printer security for a number of years, but this has tended to focus on the physical aspects of hardware, including features such as hard disc encryption and secure disposal, and locking down of vulnerable ports.
Now, with the latest announcements, HP have added a lot more, to provide multi-layer security with a comprehensive set of features and services. This starts with making the printer itself as secure as it can be, and moves out through device and data hardening, threat monitoring, access controls, to add custom requirements (e.g. to address specific customer workflows), and ultimately aims to secure all printers within the organisation’s own network security or firewall.
This starts with the addition of an in-depth print security assessment (which typically takes three days, with a team of specially trained security experts), and leads to recommendations for a customised security plan. Other new services include management and reporting on security controls, and remote management to automate maintenance of critical security controls. To these are added new implementation services, to ensure deployment meets industry best practice, and active monitoring and reporting, to ensure ongoing compliance.
This article was written on 08 Dec 2016, and is filled under Business Forecast.
complete service, firewall, HP, HP Sure Start, kacking, network, printer, security