HP is the first OEM to complete the BLI Security Validation Testing Program
HP Inc. announced today that it is the first and only vendor to complete Keypoint Intelligence-Buyers’ Lab Security Validation Testing program for MFPs and printers. HP has now passed the third round of validation and has received the final program seal for firmware resilience for its HP FutureSmart v4 + Enterprise firmware platform for HP enterprise and managed printers and MFPs. This makes HP the first and only company to have received all three seals – Device Penetration, Policy Compliance, Firmware Resilience.
This achievement follows on from HP’s BLI PaceSetter Award 2019-2020 for Security: Imaging Technology Leadership in a detailed study by Keypoint Intelligence, which found more than 75 points of potential differentiation in the most important categories of vision and market leadership / education, security assessment / Remediation services, fleet management, security software offerings, and printer / MFP platform security (hardware and firmware security features).
Security is at the heart of everything we do at HP. The Buyers Lab program helps raise the bar when it comes to security. We are proud to be the first OEM to complete the program and encourage our industry colleagues to support these efforts to achieve stricter overall printer security standards.
The Buyers Lab Security Validation Testing program sets industry benchmarks in the areas of device penetration, policy compliance, and firmware resilience. This three-pronged test suite looks at the security of various vectors to ensure that devices are protected from vulnerabilities, and all three levels of the program together form a strong foundation for the security features that customers can include in their RFPs.
Device penetration: An independent cybersecurity vendor investigates potential vulnerabilities in device firmware / operating system, ports, print protocols, embedded websites, connectivity paths and more.
Policy Compliance: Validators use the OEMs’ management tools to set security settings and save these settings as a “policy” template, apply the policy to a fleet to ensure that devices are compliant, continuously monitor these settings, devices that are not more adhered to and more.
Firmware resilience: An information security laboratory verifies that devices comply with NIST SP 800-193 guidelines for platform resilience of connected devices. The test determines whether there are mechanisms in place to protect the platform from unauthorized changes and whether the device can detect an attack and automatically return to a secure state.
Third-party validation test programs like this one give customers a foundation for evaluating all print providers and helping them make optimal purchasing decisions. As part of this program, Buyers Lab takes on the heavy lifting of checking security claims and validating security features so customers can be sure that their printer has been independently verified.
On February 19, 2020, HP announced that it would be the first printing industry OEM to receive both the first and second seals for device penetration and policy compliance.
Further information can be found in our press release and our press blog.
New security threats to a homeworker