Excerpting their press release:
HP Announces World’s Most Secure Printers: New HP LaserJets include built-in self-healing security features with protection down to the BIOS
HP today announced three new enterprise class LaserJet printers that deliver increased protection against malicious attacks. The stronger security is part of a broader HP strategy to provide the deepest security across PCs and printers. Printer security is a topic of growing importance. According to the Ponemon Institute, 64 percent of IT managers believe their printers are likely infected with malware. At the same time, 56 percent of enterprise companies ignore printers in their endpoint security strategy.(1) To help address this gap, HP is delivering its new HP LaserJet Enterprise printers and multi-function printers (MFPs) with industry-leading security features(2) built in, including:
* HP Sure Start enables detection of and self-healing recovery from malicious BIOS attacks, extending the same BIOS security protecting HP’s Elite line of PCs since 2013 to the new HP LaserJet Enterprise printers.
* Whitelisting ensures only known, good firmware can be loaded and executed on a printer.
* Run-time Intrusion Detection is a new feature providing in-device memory monitoring for malicious attacks. It was developed in partnership with Red Balloon Security, an embedded device security company started by researchers from Columbia University. The company has done extensive research for several government agencies, as well as private sector companies in industries such as telecommunications and controller systems.
These new features will be standard on new HP LaserJet Enterprise printers and OfficeJet Enterprise X printers with HP PageWide Technology going forward. With a firmware update, these three features can also be enabled on several HP LaserJet Enterprise printers available since April. In addition, Whitelisting and Run-time Intrusion Detection can be added to many existing HP LaserJet Enterprise printers and OfficeJet Enterprise X printers launched since 2011 through an HP FutureSmart service pack update. FutureSmart is HP firmware that helps protect customers’ investments in HP Enterprise printers by enabling delivery of new capabilities via updates.
It would be nice to see firmware security as a major feature of all new devices! 🙂
HP printer firmware information page: