Printer security is so bad HP Inc will sell you services to fix it
Finally, FINALLY, someone is turning off Telnet and FTP
Printer security is so awful HP Inc is willing to shut off shiny features and throw its own dedicated bodies at the perennial problem.
The tech giant is offering the professional security services under its new and far-harder-than-before "Secure Managed Print Services" offering unveiled today.
Security types will also provide ongoing risk assessments and audit passing for the horridly hackable hardware, and handle firmware updates and password resets.
The HP printers are shipped in a hardened state with shiny but dangerous features and ports closed by default in a move that reduces the attack surface available to external hackers.
The obvious hacker-bait Telnet and FTP facilities included in printers are on the hardening chopping block, as are other unspecified geriatric features.
More interfaces will be decommissioned in the future as HP successfully wrangles popular software providers to move to more secure networking options.
Thankfully remote capabilities remain to allow Shodan users external HP experts to log in and monitor the security health of device fleets.
The tech company is continuing its hardening approach decommissioning old cipher suites and protocols, and upping administration and encryption settings for new and old HP printers.
“Networked printers can no longer be overlooked in the wake of weakening firewalls to the growing sophistication and volume of cyberattacks,” HP South Pacific printer boss Ben Vivoda says. ®