HP PageWide Pro 577dw Printing Security Best Practices: Configuring a Printer - Page 10

• Protect MFP storage access • Configure authentication • Configure the administrator password • Configure SNMPv3 Tampering with Data Tampering with data can include any method of changing, destroying, or adding to information that is flowing to or from a device or stored on it. Here are some ways tampering with data can relate to MFPs: • Canceling another person's job. Someone could use a remote access tool to cancel pending jobs. The person who sent a cancelled job gets no warning; only part or none of the job is printed. • Intercepting a print job before it reaches the device, altering it, and sending it on to the device • Intercepting remote configuration data, such as communications between Web Jetadmin and the device, to get passwords and other information You can minimize the risks from data tampering in the following ways: • Configure SNMPv3 • Prevent unnecessary remote access: close down all unused ports and protocols • Set the PJL and File System password • Configure HTTPS for EWS access Repudiation Repudiation is using an MFP without leaving usage information. This includes preventing the MFP from logging data or bypassing security checks such as user authentication. This also includes finding ways to use an MFP without paying by bypassing job accounting software. Here are some ways repudiation can relate to MFPs: • Accessing usage logs to delete entries • Removing origination information from file metadata • Bypassing user authentication • Using remote management software to access the MFP You can minimize the risks of repudiation in the following ways: • Enable embedded IPsec to encrypt the data stream to include log data and file metadata • Close unused ports and protocols • Save copies of log data at a separate location • Add security solutions such as proximity cards 6