Manualshelf

HP LaserJet Managed MFP E72425-E72430, E72525-E72535, E77422-E77428, E77822-E77830, E82540-E82560, E87640-E87660 - Hard disk security (white paper)

ManualsBrandsHP ManualsDesktopsHP LaserJet Managed Flow MFP E72525-E72535z - Base Product 25-35 ppm
12345678910
3
Note: See “Appendix C: Formatter and Engine Controller Board Storage Options” for models with eMMC storage.
Additional Data Stored on the Formatter HDD or eMMC
In addition to print job data, the formatter HDD or eMMC also manage the following system data:
Configuration data - Contains administrator and user configured settings and system information.
System data - Contains the HP FutureSmart Firmware operating system code.
Repository - Contains a compressed copy of the device operating system installation code for system recovery.
Engine Controller Board eMMC Module
All HP LaserJet Managed MFP printers with an engine controller board scanning image pipeline include a separate eMMC
module. This device stores the engine controller board firmware which executes from this eMMC.
The eMMC is permanently mounted to the engine controller board and is not removable.
Customer or job data is never stored on the engine controller board eMMC. The engine controller board eMMC is not encrypted.
On a firmware upgrade a signed firmware package is downloaded to the engine controller board eMMC.
The engine controller board firmware executes from this eMMC. The system will come to ready without a functioning engine
controller board HDD, however scanner functions will be disabled in this scenario.
Secure Erase Commands
The secure HDD erase commands are executed by issuing standard ATA interface commands directly to the HDD
embedded controller electronics. All secure erase commands are applied to both the formatter HDD and the engine
controller board HDD when executed.
These erase modes are only accessible from the pre-boot menus. Performing secure HDD erase commands will render the
device inoperable as the operating system will also be erased. A new firmware image must be installed before the device
can be used again.
For both the Secure Erase and Erase/Unlock disk erase commands, the disk forces its encryption keys to be destroyed and
new keys generated. This instantly renders all the encrypted data on the disk unreadable. There is no method to recover
the encryption keys and no method to recover the encrypted data once the keys have been changed.
Secure Erase
This erase command securely erases all data on both the formatter and engine controller board hard disks by issuing the
ATA command “Security Erase Unit” in “Normal” mode. This overwrites the entire HDD with binary 0s and regenerates the
disk encryption key.
Figure 1: Secure Erase in device Pre - boot Menu
Erase / Unlock
This erase command securely erases all data on both the formatter and engine controller board hard disks by issuing the
ATA command “Security Erase Unit” in “Enhanced” mode which regenerates the disk encryption key. This erase also clears
the Disk Lock Key, which pairs the HDD to the printing device preventing reading of the data on another device. Clearing
the Disk Lock Key allows the HDD to be relocated to a different printer.