Manualshelf

HP LaserJet Managed MFP E72425-E72430, E72525-E72535, E77422-E77428, E77822-E77830, E82540-E82560, E87640-E87660 - Hard disk security (white paper)

ManualsBrandsHP ManualsDesktopsHP LaserJet Managed Flow MFP E72525-E72535z - Base Product 25-35 ppm
12345678910
9
Appendix B: eMMC Security Characteristics
Embedded Multimedia Card (eMMC) Security Overview
Some models of HP printing devices use Embedded Multimedia Card (eMMC) mass storage devices as the system disk (See
Appendix C for these models). SSD and eMMC are mass storage devices that use NAND-based flash memory instead of
spinning disks used in traditional hard disk drives (HDD). These memory based drives appear to the printing device
operating system as a traditional Hard Disk Drive.
eMMCs have operational characteristics that affect some security features available in traditional HDD enabled devices.
For high security environments and security sensitive applications, HP recommends
Selecting models that include a HDD
Adding an optional HDD when supported
Secure Erase Data Overwrite Functionality Not Supported on eMMC
Due to the nature of Flash memory operation, eMMC storage is not able to securely delete files by directly overwriting the
data as can be done with a hard disk drive. The following eMMC read / write characteristics prevent the implementation of
HP’s Secure Erase Data Overwrite feature to securely delete files by overwriting the file data.
eMMC controllers use a technique called “wear leveling” to evenly distribute data across all flash blocks in the storage device. This
causes data previously written to be moved dynamically to different locations when writing new data. The previous data locations
cannot be tracked for overwriting.
eMMC “write amplification” behavior also causes the memory controller to dynamically relocate previously written data. Data is
written to flash locations using 4 to 8 KB pages, but must be erased in blocks of typically 256KB. Existing data is relocated to free
entire blocks for erasure, as flash needs to be erased before it can be written again.
Secure Volatile Storage Feature with eMMC
To protect customer data on devices using eMMC, HP uses firmware encryption to specific areas of the storage device
containing customer job data. All files written to the customer job data disk areas are encrypted using AES-128 encryption.
This can be configured to AES-256 encryption, if desired.
Data stored on the encrypted partition includes: Stored print jobs, temporary print job files, PJL and PostScript filesystem
files including downloaded fonts, and extensibility customer data (if stored there by the extensibility solution).