Manualshelf

HP Enterprise printers and scanners - Imaging and Printing Security Best Practices (white paper)

ManualsBrandsHP ManualsDesktopsHP LaserJet Managed Flow MFP E72525-E72535z - Base Product 25-35 ppm
57585960616263646566
This overall configuration provides a high level of network security for HP MFPs. At the same time, it introduces some limitations to
the conveniences designed into the MFPs. Here are some known effects of this overall configuration:
Extra steps to use MFPs: Users will be required to provide usernames and passwords at the control panels before they can
use the MFPs.
The MFPs will not allow a user to cancel the print jobs of other users. The user would have to go to the person who
submitted the job and ask that person to cancel it.
Extra steps for printing faxes: A user will be required to provide a fax PIN before printing a fax.
No Embedded Web Servers: Disabling EWS Config disables the entire EWS feature.
No way to change the From Address on email send jobs: Depending on the capabilities of your network, the MFPs will place
either a default from address or the user's email address of the user who logged into the MFP. It will provide no method to
change it.
Physical Security
Many of the most notable features of HP MFPs involve hard copy documents. MFPs can print them, scan them, send them to email,
send them to network folders, send them to other printers, and fax them. Handling hardcopy documents can involve a variety of
activities that can lead to compromise of data security:
Leaving documents in the printer output trays exposed to possible unauthorized viewers.
Leaving documents in Automatic Document Feeder (ADF) or on the flatbed scanner exposed to possible unauthorized
view.
These are common-sense security risks. Use PIN printing and PIN fax printing to ensure that authorized users are present during
printing. Stay with the MFP while using the ADF or the flat-bed scanners. Keep the MFP in an enclosed room to allow for controlled
access for sensitive printing or scanning.
Physical security also involves access to the location where an MFP is installed. Limiting physical access to an MFP can easily
prevent many security risks from unauthorized users. Such risks include the following:
Access to configurations on the control panel
Access to power cycle the MFP, to initiate cold resets, and to change other configurations
Access to removable storage devices such as hard drives and memory cards
Access to input trays, output trays, and automatic document feeder trays where hardcopy documents may be left after
processing
Access to network cables and phone lines connected to the MFP
Access to digital sending services and features
Access to stored print jobs (depending on settings)
Access to copy features (unauthorized overuse of resources such as toner and paper)
You can help minimize all of these risks by placing the MFPs in access-controlled locations.
You can control access to the MFP internal hardware (hard drives, Compact Flash cards, and formatter board) using hardware locks.
Use a lock, such as a Kensington Lock, as recommended in the MFP User Guide.
If you have purchased the EIO version of the HP Secure Hard Disk (J8019A), you can also use a Kensington style lock (cabled or
cable-less) to protect the disk from being unscrewed and removed from the device. If you use a cabled Kensington lock, you can
even secure the device to a stationary object to avoid someone from stealing the MFP.