Calling All Channel Partners! | Subscribe to Quocirca’s’ Research Insights

HP’s Evolving Print Security Journey

HP’s Evolving Print Security Journey

January 20, 2025
Security, Article, Trends

HP is on a relentless pursuit to enhance security across its product portfolio, from personal computers to printing solutions. This commitment stems from a deep understanding of the evolving threat landscape and a dedication to providing customers with robust and comprehensive security measures across the device lifecycle.

At HP’s Security Summit in December 2024, HP highlighted how it is staying ahead of the threat landscape through continuous innovation in hardware and software security, leveraging AI and machine learning to proactively identify and mitigate emerging threats.

The AI-enabled threat landscape

The security environment is changing – rapidly. A few years ago, ‘standard’ security approaches such as challenge/response logins, combined with end-point management and security information and event management (SIEM) systems, were considered enough to provide a secure environment. However, with the explosion of the Internet of Things (IoT), artificial intelligence (AI), and quantum computing, threats to an organisation’s IT platform are becoming more complex.

In 2022, a Chinese research group published findings suggesting that a 372-qubit quantum computer, leveraging Shor’s algorithm, could potentially break RSA encryption within a few thousand computational steps. While this claim was met with scepticism by some in the cybersecurity community, and the likelihood of non-state actors acquiring such powerful quantum computing capabilities remains low, it underscores the urgent need to proactively explore and implement post-quantum cryptography (PQC) solutions. PQC algorithms are designed to be resistant to attacks from both classical and quantum computers, ensuring the long-term security of our digital infrastructure.

Meanwhile, AI is revolutionising cybersecurity, as both a threat and a defence mechanism. Malicious actors leverage AI to automate attacks, analyse vulnerabilities, and create sophisticated phishing campaigns, making it harder to detect and respond to threats. However, AI also provides cybersecurity professionals with advanced threat detection capabilities, enabling them to analyse vast datasets, identify anomalies, and predict potential attacks.

Recognising the need for an integrated approach to security that addresses the evolving threat landscape, HP is implementing a coherent ‘secure-by-design’ philosophy across its entire PC and printer portfolio. This approach emphasises a unified approach that integrates security considerations throughout the entire product lifecycle, from initial design and development to end-of-life or end-of-use.

HP’s deep security heritage

HP boasts a rich history in security, dating back to its pre-split era. Throughout the 1990s and early 2000s, HP acquired several security-focused companies to bolster its security capabilities. However, integrating these acquisitions into a unified and effectively marketed security offering proved challenging. While this period laid the groundwork for strong security foundations across HP’s product lines, these features often were perceived as standard, expected capabilities – ‘table stakes’ – rather than unique differentiators commanding a premium.

Following the 2015 separation of HP into HPE and HP Inc., HP Inc. significantly strengthened its security posture with the acquisition of Bromium in 2019. This acquisition provided a crucial foundation for HP’s current security portfolio, which is now consolidated under the Wolf Security brand.

Advanced print security

Quocirca has long advocated recognising print devices as integral components of the IoT. Networked printers and MFPs are sophisticated connected end-point devices, including a dedicated operating system and a suite of productivity-enhancing applications. Yet the security of these complex devices has been frequently underestimated. Unfortunately, this oversight has made printers attractive targets for malicious actors seeking entry points into an organisation’s broader IT infrastructure.

Recognising this critical security challenge, HP is committed to addressing the inherent vulnerabilities of these complex IoT devices. Beyond basic security measures such as eliminating default credentials (now mandated by regulations in the EU, UK, and US), HP focuses on several key areas:

  • Secure firmware updates. Implementing over-the-air secure firmware updates with self-healing capabilities ensures that devices are secured against man-in-the-middle activities and remain protected against emerging threats.
  • Enhanced boot security. On boot-up, HP print devices perform rigorous BIOS self-validation checks. In case of anomalies, the device can either abort the start-up process and alert the administrator or automatically recover by loading a known, secure firmware image.
  • Zero-day memory and network communications protection. Currently, HP is the only vendor with embedded runtime and sleep mode zero-day threat memory protection (Memory Shield’s Control Flow Integrity capability) and network behavior anomaly detection of outbound network communications with Connection Inspector.

This multi-layered approach demonstrates HP’s commitment to enhancing the security posture of its print devices and mitigating the risks associated with their increasing complexity within modern IT environments.

At the summit, HP highlighted other areas it is investing in, including supply chain, print lifetime, and device-to-cloud security.

Supply chain security

Supply chain security remains a critical yet often overlooked aspect of organisational security. While many governments have implemented measures to restrict the use of components or systems originating from countries deemed adversarial, many manufacturers have primarily focused on adhering to these governmental restrictions, neglecting a more holistic approach to supply chain risk management.

However, the supply chain provides a fertile environment for malicious actors. Components or assemblies can inject code into them at the source or along the supply chain logistics route. HP has introduced a set of checks and balances across its PC and printer portfolios to deal with this. It uses PKI to track firmware changes as it traverses the supply chain. It audits each supplier to ensure that the supplier meets its requirements. It assesses all suppliers’ designs to monitor for issues. HP also uses hardware breach detection to raise alerts so administrators and engineers can investigate affected items to see if anything malicious has happened.

HP also ensures security for final delivery. It allows buyers to use secured logistics, lockable containers to hold the print devices, tamper-evident packaging, GPS tracking, door-open detection, and secure parking sites.

All of this is part of HP’s overall design-to-end-of-life security approach.

Print lifetime security

According to HP, approximately 95% of a printer’s security incidents occur during its operational lifespan, while only 5% are attributable to boot-related vulnerabilities. In response, HP has implemented comprehensive security measures to enhance overall device security.

At a hardware level, HP devices continuously monitor memory to detect any runtime intrusions, upon which automated remediation or administrator alerts can be enacted. This also includes zero-day memory integrity monitoring, providing additional protection against advanced threats. HP also monitors outbound network behaviour to detect anomalies and prevent information leakage. It has developed an embedded AI-driven component for its printers, called Connection Inspector, to provide advanced threat detection and self-healing capabilities.

Through Wolf Security, HP protects against everything from BIOS boot-up exploits through man-in-the-middle attacks to zero-day remote code execution, DDoS attacks, phishing attempts, USB malware injection, runtime memory exploits, consumable supplies attacks (via cartridge firmware), stolen document/data leakage, data leakage over the network, and data leakage from device storage on device retirement.

This final area (device retirement) is also increasingly important. Many organisations do not use a print device’s capabilities to wipe data securely from internal disks or firmware storage before retiring the device. With both encrypted storage and a centralised capability to wipe data, organisations can be more assured that they will comply with regional and global laws around data protection.

Device-to-cloud security

As digitisation initiatives drive increased reliance on cloud platforms for data storage and management, HP recognises its responsibility to safeguard customer information. Recognising that sensitive data may transit through HP devices en route to the cloud, HP provides capabilities that empower organisations to maintain complete control over their information. For example, HP uses AI when extracting information to automatically classify, identify, extract, and redact the information based on defined organisation rules. This removes manual steps, eliminates error-prone manual data entry, and enables secure data workflows across and beyond the organisation.

Such capabilities can remove users’ worries about whether they should scan certain documents into the system and make workflow processes far more efficient and effective.

Quocirca opinion

With its strengths in both hardware and software security, HP is well-positioned to differentiate itself through its comprehensive platform security approach.

It is building a cohesive message around how its security approach encompasses the entire device lifecycle, from component design and supply chain resilience to secure usage, seamless cloud integration, and responsible end-of-life management.

Through its regular Wolf Security Threat Intelligence reports, HP is proactively educating customers about the dynamic and complex nature of the modern security landscape.

Leveraging its Wolf Security brand and expertise will be crucial in effectively conveying its broader platform security strategy.

In particular, HP’s print security offerings are extremely strong and have seen significant advancements this past year. However, as certain print security features become increasingly common among competitors, they risk becoming commoditised. To maintain its competitive edge, HP must effectively communicate to existing and prospective customers how its print security solutions go beyond the table stakes of print security and contribute to a broader, more integrated approach to information security.

Therefore, HP’s success hinges on its ability to effectively differentiate its security offerings in the market and maintain this differentiation in the dynamic and rapidly evolving security landscape.

Learn more about print security market trends in https://quocirca.com/quocirca-print-security-landscape-2024/

For more information about becoming a Quocirca client, click here.

In the spotlight with Quocirca

In conversation with industry leaders

Find out more

Contact

Get in touch with Quocirca to find out more.

enquiry@quocirca.com

Get in touch

Print 2025

A global market insight study

Visit Print 2025

Services

Expert and actionable insight to inform business innovation and strategy.

View Services

Stay ahead with industry insights

Receive Quocirca’s latest articles and research updates

Privacy

Subscribe

You have Successfully Subscribed!

Stay ahead with industry insights

Receive Quocirca’s latest articles and research updates

Privacy

Subscribe

You have Successfully Subscribed!

Get Notified

Subscribe to be notified when we launch!

Thank you for signing up! You'll be notified as soon as we launch. Stay tuned!

Quocirca Research Advisory Enquiry

Subscribe

You have Successfully Subscribed!

Apply for Quocirca’s Quocirca Insider Subscription Programme

Please note this is exclusively for reseller/channel and end-user organisations. If your company is a technology supplier please contact us about our Research Advisory Services. Our Research Subscription Service is only offered as an annual subscription.

On completion of this application form we will review your application to ensure that you are meet the above criteria. If approved you will receive a payment link to purchase the annual subscription. This service will automatically renew after one year unless you contact us to cancel.

Quocirca reserves the right to revise pricing after one year.

Subscribe

Privacy

Thank you for your application!