The sophistication and volume of cyber-attacks and data breaches is growing at an alarming rate. As cybercrime has emerged as a $445 billion problem globally, printers, PCs and other IoT endpoints have become the frontline of this cybersecurity battleground. In fact, Microsoft recently caught state-sponsored hackers using IoT devices, including printers, to breach networks. Once they established access, they were able to uncover other under-secured devices and move across the network seeking higher-value data.
These types of security breaches can be detrimental to a company and its customers. As the President of HP’s Imaging, Printing and Solutions business, it has become my personal mission to ensure our customers are protected from these complicated yet avoidable risks.
Security is at the heart of everything we do at HP. Over the years, we have helped grow the security community by engaging with academics, industry partners and government experts alike. We have brought ex-hackers together to stay one step ahead of the evolving threat landscape. And we have launched programs (e.g., bug bounty programs) to help make meaningful progress in securing the future of computing and printing for our customers.
Today marks another important step in demonstrating our support for the standardization of device testing. We are proud to announce that HP has committed to participate in the Buyers Lab Security Validation Testing program. Buyers Lab (BLI), the testing arm of Keypoint Intelligence, is the first to define a clear set of security standards for connected MFPs and printers and then partner with accredited testing firms to test those standards.
Our decision to engage in this testing program is driven by our desire to help raise the bar for the entire industry. We believe more can and should be done to mitigate security risks. Our customers are navigating a confusing landscape. Without independent standards, our customers are left with the burden of comparing products and deciphering a complex web of security features and software that may or may not suit their unique needs. This is an important step in driving more stringent industry standards for IoT devices, like printers, and pushing our industry to a higher standard.
As an inaugural participant of the BLI Security Validation Testing program, HP has passed the first two rounds of testing and earned the Security Validation Testing seals for Device Penetration and Policy Compliance for its HP FutureSmart v4 Enterprise firmware platform, which is available on HP Enterprise and Managed printers and MFPs. The Policy Compliance test also validated HP’s ability to specify desired device security settings, save settings as a policy, apply the policy across a fleet to help ensure devices comply, and manage compliance and automated remediation of new or misconfigured devices.
Given the current cybersecurity landscape, it’s critical that as an industry we do more. We encourage our industry counterparts to join in this effort. It will give our customers third-party unbiased information about products and help in their challenge to evaluate security features. It will also drive our industry to a higher standard overall, which benefits everyone.
For more information about the Buyers Lab Security Validation Testing program, please see their recent announcement.