Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PCM Vision 2019 Breakout: HPI

479 views

Published on

Securing endpoints using analytics and a proven framework | Lindsey Hearst - HP Print Security Advisor

Published in: Technology
  • Be the first to comment

  • Be the first to like this

PCM Vision 2019 Breakout: HPI

  1. 1. LEADINGTHEWAY 2019 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  2. 2. Security Starts with Endpoint Devices HP Print Security Lindsey Hearst INTERNAL USE ONLY – DO NOT DISTRIBUTE
  3. 3. 1962 3 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  4. 4. Jens Müller - Exploiting Network Printers PRinter Exploitation Toolkit (PRET) Hacking Printers Wiki https://www.blackhat.com/docs/us-17/thursday/us-17-Mueller-Exploiting-Network-Printers.pdf INTERNAL USE ONLY – DO NOT DISTRIBUTE
  5. 5. Mirai IoT Botnet 5 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  6. 6. ©2017 HP Inc. | All rights reserved. Content is subject to change without notice. | HP Confidential6 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  7. 7. 7 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  8. 8. Shodan.io 8 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  9. 9. 9 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  10. 10. HP Confidential10 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  11. 11. 11 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  12. 12. 12 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  13. 13. 13 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  14. 14. 14 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  15. 15. Self-healing HP Enterprise and Managed printers can automatically repair themselves from attack in real time HP JetAdvantage Security Manager automatically assesses and remediates device security settings 15 The world’s most secure printing* Real-time threat detection, automated monitoring, and built-in software validation Run-time intrusion detection During run-time, HP printers detect and prevent unexpected changes to memory HP Sure Start During startup, the integrity of the boot code or BIOS is validated Whitelisting When loading firmware, only authentic, good code—digitally signed by HP—is loaded HP Connection Inspector When connecting to the network, HP Enterprise printers put a stop to suspicious 4. Continuous monitoring Protects operations and stops attacks while device is running Inspects outgoing network connections to stop suspicious requests (Enterprise only) 1. Check BIOS/boot code Prevents the execution of malicious code during bootup by allowing only HP-signed, genuine code to be loaded 3. Check printer settings After a reboot, HP JetAdvantage Security Manager checks and fixes any affected security settings 2. Check firmware Allows only authentic, good firmware—digitally signed by HP—to be loaded Automatic Reboot INTERNAL USE ONLY – DO NOT DISTRIBUTE
  16. 16. Advancing Regulation 16 o Feb. 2018: PCI DSS 3.2 o March 2017: New York Cybersecurity Regulation (23 NYCRR Part 500) o April 2017: US-CERT Federal Notification o Sep. 2017: Securities and Exchange Commission launches Cyber Unit o May 2018: GDPR – General Data Protection Regulation o 2018: Canada PIPEDA Mandatory Breach Notifications INTERNAL USE ONLY – DO NOT DISTRIBUTE
  17. 17. Security control questions Question Regulation What controls are in place to identify and track the activity of each user who has privileged user rights across the print infrastructure ? HIPAA 164.312(a)(2)(i) Assign a unique name and/or number for identifying and tracking user identity. Required. Does an accurate CMDB (list of printer assets) exist that includes all printers noting the firmware version, owners, software, type of use, etc.? HIPAA Control164.310(d)(2)(iii) Tracking Assets. What controls are in place to protect sensitive or private print jobs and scan jobs while in motion ? HIPAA 164.312(e)(1) Transmission Controls. 17 INTERNAL USE ONLY – DO NOT DISTRIBUTE
  18. 18. 18 Outdated OS security and firmware No BIOS protection from persistent, stealthy malware No security policy enforcement Vulnerable to visual hacking Weak and vulnerable password protection Published security vulnerabilities Complicated or lacking user authentication Lack of document security options EVERY ENDPOINT DECISION IS A SECURITY DECISION. INTERNAL USE ONLY – DO NOT DISTRIBUTE
  19. 19. LEADINGTHEWAY 2019 THANK YOU INTERNAL USE ONLY – DO NOT DISTRIBUTE

×