In the enterprise space, many of the free vendor tools simply don’t scale and address the wide range of security issues around printing. Enterprises have to deal with compliance and regulations, the potential for audits, and most nagging is finding the time to address printing security. While the security of the PC, servers, networking, and storage are the forefront of the security strategy in enterprise environments, printing is not one that typically has human capital and attention allocated.
Enterprise customers facing the task of securing, particularly without additional staffing, must turn to automation to solve the problem. While ignorance is bliss, now that you’re aware of the significantly lacking security of your printing fleet, you have to do something to shore things up. Fortuntely, HP has a solid set of offerings for its print customers – a set of offerings that really sets it apart from its competition.
HP uses the JetAdvantage Security Solutions suite as branding for its solutions that address many of the pain points for enterprises looking to manage printer fleets on large scale. Inside of the suite, there are three major components that help enterprise lock down their original IoT devices — printers.
- HP Access Control
- HP JetAdvantage Security Manager
- HP JetAdvantage Secure Print
- HP JetAdvantage Private Print
The first step is knowing who… HP Access Control is foundation of enhanced security, when looking at data security. At its core, it is about establishing authentication at the device for users and so it is the foundational product of the suite. With authentication, you tie a user interaction at the device to print jobs. This should eliminate misprints and secure documents being routed or left on a printer by accident.
Access Control also solves the problem of the “print and sprint” – running to a shared printer to retrieve a sensitive document.Most company acknowledge that it is far more cost effective to buy bigger and more capable printers and share them across a wider pool of users. But shared printing leave the doorway open for a paystub or customer data being left in the print tray where it can be picked up by an unauthorized user. Once authentication is established, you can leverage Access Control to setup release printing or pull printing – where the job doesn’t actually print until a user releases it at the printer. This is a walk-up technology that allows better data security.
It prevents the absent minded user from leaving data lying around the office. It can be leveraged to add and address scanning and routing and by adding the aptly named Capture and Route product from HP, you can use the known user to intelligently send documents to locations, shortcutting manual steps and routing by the user.
While much of the configuration management that the JetAdvantage Security Suite can be accomplished with HP’s free Web Jetadmin tool, this tool falls short of reporting and ensuring compliance of desired configurations.
HP JetAdvantage Security Manager fills in the next layer of config management for your HP printers. It is best described as a tool like System Center Configuration Manager for your printer fleet. Like SCCM, it not only allows you to deploy configuration, but also audit and report on the system configuration to demonstrate compliance. The tool goes out and helps you to discover and then apply a baseline profile to each printing device, but to do that you must first find your printers. Security Manager is able to run discoveries against your environment and collection a list of devices and their current state. From there, it can make recommendations in the assess-only mode and for companies that want a white-glove service, Security Manager can also remediate any of the printers that do not match their baseline or recommendations. Like any good config management tool, it is packaged with reports and dashboards to give a quick look into the fleet and the current running state of the printing environment.
One of the other big features for Security Manager is the ability to administer certificates. Most administrators are accustomed to the untrusted certificates that come pre-installed and simply clicking through the browser prompts. Security Manager can workflow and handle the deployment and upkeep of trusted certificates across your printing fleet, making sure that anyone tampering with software would not pass the muster if they tampered with a device. Certificate management on printers is generally cumbersome and time consuming, taking 10 to 15 minutes per device for experienced admins. Security Manager can automate that process quickly and completely.
HP has been working hard to bring print capabilities to the cloud and to its devices. It has developed HP JetAdvantage On Demand as an app store, of sorts, to enable new applications on your HP printers. These apps are cloud-based, so there is nothing that you need to install or maintain on-premises. These solutions are great for small to medium businesses.
HP JetAdvantage Secure Print is essentially HP Access Control running from the cloud. It is a fee-based SaaS solution to enable pull printing in your environment. With Secure Print, you have a cloud queue or a local workstation queue where jobs are held until you walk up to a printer and release them. The primary difference between Secure Print and Access Control is the location where it is installed and who maintains it. With Secure Print, HP maintains the software and you simply consume it.
Secure Print supports for both HP and non-HP printers. HP printers offer more integration and possibilities, but any third party can be enabled with a simple QR code and mobile app to enable job releases at a particular device.
HP JetAdvantage Private Print is a free service, with features much like Secure Print, except it is only for HP devices. While the free service does not have feature parity with Secure Print, it does offer a lot of capabilities and puts secure printing within reach for many SMB customers.
Also within the data security segment, JetAdvantage Insights offers analytics and insight to your printing environment. You get all the basics you would expect from printing analytics – who printed, how often, page counts, which printers have heavier load, etc. Insights can be deployed with agents on each workstation and at each printer in order to gain full visibility of the print landscape. Once deployed, administrators can monitor for attacks, monitor for device failures and watch passive data loss and corruption.
HP is also busy bringing other apps into its JetAdvantage On Demand portfolio, so keep you eye them for more capabilities in the coming months.
Disclaimer: HP, Inc., invited me to their Palo Alto headquarters and paid all expenses associated with this educational trip. This blog post is a result of that trip and the information shared, however, the information I have written in this post is solely written by me without any editorial input from HP.