TotalPrint USA Blog

Danger in Plain Site Part 4 - The Cure

Written by Bruce Rushton | Sep 5, 2018 12:41:18 AM

It's time to take some medicine. In the previous three parts of this series of five articles, we talked about the danger lurking inside of our networks, how it goes undefended and how the risks manifest. In this article, we’re ready to discuss the solutions.

There are indeed many fine and reputable enterprise-grade printers and manufacturers on the market today (many of which my company represents). However, there is only one option that provides a complete security solution that can protect all of the critical aspects of your printers, copiers, and MFP's.

HP Inc's enterprise line of MFPs and printers has a holistic security stack that protects device, data, and documents. Using some of the information we learned in the previous articles, I want to highlight a few of the critical security features that are embedded within the hardware and how they provide protection.

Eliminate the B.I.O.S. threat with HP Sure Start

One of the nastiest bugs we've shared with you is the malware that infects down to the B.I.O.S. level and how not only is it hard to detect it can also be very hard to remove.  Fortunately, HP is well aware of this emerging threat; they’ve developed the necessary cure.

HP Sure Start is an entirely self-healing B.I.O.S. that can detect any changes made to it and quickly reboot the device and flash the B.I.O.S. from an isolated hidden chip on the motherboard which contains a clean "Golden Image" of the true B.I.O.S and do it in just minutes with no I.T. intervention required. It should be noted that you would still be notified that it happened, you just don't have to be the one to fix it. 

Unlike traditional anti-virus software, HP Sure Start doesn't rely on a database that requires continual updates. Since HP designs, develops, and manufactures their own B.I.O.S, they know precisely what should be there and what shouldn't. Any changes— whether they’re good, bad, or indifferent— will be quickly detected and eliminated.

Detecting membership in a botnet

Being part of a team or establishing yourself as a member of an exclusive club can be great. What's not nearly as fun is having one of your devices being a member of a botnet which assists in causing havoc and destruction across the internet. With HP Connection Inspector, your device will continuously monitor all outbound connections looking for out of the ordinary or suspicious looking outbound traffic.

Multiple outbound connections to an external IP address is usually a classic sign of your device reaching out to a command and control server to receive its marching orders. HP Connection inspector will see this traffic and alert you, in addition to rebooting or shutting down the device until it can be remediated.

Stopping malware in its tracks.

Through HP's Whitelisting any software which isn't explicitly allowed and digitally signed by HP will be prevented from being installed on the device, this includes malware attempting to install itself over the network or through a USB device. 

Speaking of USB

If you would rather not have to worry about USB devices being plugged into your MFP at all Kensington has a line of USB locks that will stop anything from being inserted including the devastating USB Kill device. For more information visit Kensington's website:

Kensington's Website

Eliminate the threat of firmware overwrites.

In part three of this series, we discussed the "document of death." This refers to the process in which an ordinary looking document, once in the print stream, corrupts your firmware during run-time. HP has created Runtime Intrusion Detection for just this type of situation.

With Runtime Intrusion Detection, the printer will notice an attempt to rewrite its firmware and immediately reboot of the device, thus eliminating anything potential issues in runtime or memory. If the infection attempts two more times beyond that, it will then shut down the MFP to allow you to troubleshoot further the offending document and person trying to print it.

Protecting your documents for life.

The life of an enterprise printer will see thousands upon thousands of pages printed over its lifespan. A sizable portion of these documents will likely contain sensitive information. It should come as no surprise by now that many of these documents will have a life far more than the few seconds it took to print out.

As we mentioned in part 1 of this series, printers have hard drives. A copy of every document ever printed could be residing on persistent storage, ripe for the taking. We had better make sure if they are going to get stored that they are stored in the most secure manner possible.

With HP's self-encrypting hard drives, any and all data that lands on a hard disc is automatically encrypted and safe from prying eyes. And because they are self-encrypting, they reduce the risk of configuration or administrator error. This ensures that your documents stay safe for life.

In our final article in the series, we will discuss some next steps you should take to begin opening up the conversation about security, your printers, and keeping your environment safe.

 

 

 

 

About the Author

Bruce Rushton is a Solutions Architect and Printer Security Specialist with over 30 years’ experience in the I.T. space for the last nine years dedicated to providing Managed Print Solutions. At Total Print (TotalprintUSA.com) he helps companies across the United States by providing them with tailored, affordable, cost-cutting, secure printer, copier, and MFP solutions. If you have questions about your print environment or the security of your devices, you can request a free consultation with Bruce at bruce.rushton@totalprintusa.com