Protect your Data
In today’s high-risk security climate, every organization must continually refine its security strategy to address evolving threats. Your print environment should be part of your organization’s security strategy and a standard part of your processes and procedures.
Here, we describe various types of attacks that exist within a printing context, and how HP JetAdvantage Secure Print addresses these threats
General malicious attack
Such an event could include an attempt to intercept data in transmission, denial of service, or the attempted altering or disabling of established security measures such as logins or encrypted communication. HP JetAdvantage Secure Print encrypts all external connections using TLS at the highest level supported by the connecting browser or service. All application components are isolated by function; only necessary traffic can pass between components.
Malicious attack of print data
Such an event could include an attempt by a third party to intercept company print data. To prevent this, HP JetAdvantage Secure Print employs one of two kinds of encryption, based on where the document is stored at rest. Configurations in which the document is held at rest on the client side will use a Zero Knowledge Encryption scheme. Documents stored in the cloud are protected by Amazon S3 KMS encryption.
Machine or technological failure
Such an event could include power loss, network connectivity loss, or data storage failure. HP JetAdvantage Secure Print uses a cloud infrastructure with a minimum of three geographic zones. This cloud infrastructure can detect a variety of fault conditions and remove or fix defective components with no interruption of service.
Passive data loss or corruption
Such losses could be caused by software defects, incompatibilities between software components, or data storage loss. The HP JetAdvantage Secure Print infrastructure mitigates these risks through a formal software quality assurance methodology. In the event of a data corruption problem, the system maintains pre-state backups to roll back any data-altering changes. The system also uses segregation of duties and least privilege principles to restrict the level of access employees have, to include only that which is required to perform their job function. Access levels are periodically reviewed and adjusted as business needs or job roles change.