HP Color LaserJet 4730 HP LaserJet MFP and Color MFP Products - Configuring Se - Page 10

Information Disclosure Information disclosure is gathering information from an MFP and providing it to unauthorized users. This can include authentication information, usage log information, or information from the contents of a job. Here are some ways information disclosure can relate to an MFP: • Reading stored print jobs on the MFP hard drive • Downloading log information • Downloading address books • Intercepting print jobs, copy jobs, fax jobs, or digital send jobs (such as email) You can minimize the risks of information disclosure in the following ways: • Install Jetdirect 635n Print Servers to encrypt the data stream to include log data and file metadata (look for this product at hp.com or contact your hp product supplier). • Close unused ports and protocols. • Configure all possible password settings. • Configure authentication. • Configure SNMPv3 for Web Jetadmin. Denial of Service Denial of service is any type of interference with normal use of an MFP. This can include any of the following: • Canceling or pausing the print jobs of others • Turning off the MFP remotely • Disconnecting power to the MFP • Pulling out the MFP formatter board • Disconnecting the MFP from the network • Causing interference with network communication to the MFP • Changing the network location of the MFP • Causing an error state that interrupts service • Changing access configurations Here are some methods of minimizing opportunities for denial of service on an MFP: • Lock the control panel. • Lock EWS configuration settings. • Close unused ports and protocols. • Disable controls such as the Job Cancel button and the Go button. • Enable the resume feature to allow the MFP to resume operations after an error state. • Configure Job Timeout. • Control physical access to the MFP. HP LaserJet and Color LaserJet MFP Security Checklist 10