HP Inc. today announced it is the first and only vendor to complete the Keypoint Intelligence-Buyers Lab Security Validation Testing program for MFPs and printers. HP has now passed the third round of validation testing and earned the final program seal for Firmware Resilience for its HP FutureSmart v4+ Enterprise firmware platform for HP Enterprise and Managed printers and MFPs. This makes HP the first and only company to earn all three seals—Device Penetration, Policy Compliance, Firmware Resilience.
This accomplishment comes on the heels of HP being recognised with a 2019–2020 BLI PaceSetter award for Security: Imaging Technology Leadership, in a granular study by Keypoint Intelligence that drilled down into more than 75 points of potential differentiation spread across key categories of Vision and Market Leadership/Education, Security Assessment/Remediation Services, Fleet Management, Security Software Offerings, and Printer/MFP Platform Security (hardware and firmware security features).
Security is at the heart of everything we do at HP. The Buyers Lab program is helping to raise the bar in security. We’re proud to be the first OEM to complete the program and encourage our industry counterparts to get behind this effort in order to help drive more stringent standards for printer security overall.
The Buyers Lab Security Validation Testing program establishes industry benchmarks in the areas of Device Penetration, Policy Compliance, and Firmware Resilience. This three-track test suite addresses security from various vectors to ensure devices are safeguarded against vulnerabilities and all three program levels combined establish a strong security capabilities baseline for customers to include in their RFPs.
- Device Penetration: An independent cyber security provider probes for potential vulnerabilities in the device firmware/OS, ports, print protocols, embedded web page, connectivity avenues, and more.
- Policy Compliance: Validators employ the OEMs’ management tools to specify security settings and save those settings as a “policy” template, apply the policy across a fleet to ensure devices are in compliance, monitor those settings on an ongoing basis, automatically remediate devices that fall out of compliance, and more.
- Firmware Resilience: An information security lab validates that devices are in compliance with the NIST SP 800-193 guidelines for platform resiliency of connected devices. The testing ascertains whether mechanisms are in place to protect the platform against unauthorized changes, and that the device can detect an attack and recover to a secure state automatically.
Third-party validation testing programs like this, give customers a baseline to evaluate all print vendors and help make optimal purchase decisions. Through this program, Buyers Lab does the heavy lifting of vetting security claims and validating security features so that customers can rest assured that their printer’s security has been independently proven.
On February 19, 2020, HP announced it was the first Print industry OEM to earn both the first and second seals for Device Penetration and Policy Compliance.