HP Commercial LaserJet Printers and MFPs - Imaging and Printing Security Best Practices

Chapter 7 HP LaserJet and Color LaserJet MFP Security Checklist 84
ensures that the original data is destroyed.
Secure Fast Erase mode overwrites files one time. It slows MFP performance a bit, but it
provides reasonable security for most situations.
Secure Sanitizing Erase overwrites files 3 times. It slows MFP performance considerably, but it
provides even more assurance that the data is not recoverable. If your network is required to
meet stringent security requirements such as DOD regulations, you should use Secure Sanitizing
Erase.
Digital Sending Page Options
Configure Auto Reset Send Settings to Delay before resetting the default settings,
and type a number of seconds to delay. This setting enables the MFPs to remove email
addresses or fax information from the control panel if a user forgets to reset it. The
authenticated user performing a digital send job is also automatically logged off.
With the timeouts configured, an MFP control panel will revert to the default screen, and a user
will not be able to reuse addresses and other destination data beyond the timeout period.
Configure the Default From Address, and select Prevent users from changing the
Default From Address. The Default From Address setting allows you to place a
standard and consistent address in the From field of emails sent from the MFP. Selecting
Prevent users from changing the default from address ensures that users are unable
to tamper with the address in the From field, and that it is automatically populated with the
default or the authenticated users email address. These features ensure that nobody can use the
MFP to spoof identity or provide erroneous addresses. Consider using a From address that
describes the location or the type of MFP, or use a real address to monitor reply messages.
With the Default From Address configured, no one can change the From address in email
messages. The address you configure is the only address anyone can use.
Final Configurations
Disable Direct Ports. This setting shuts down the MFP parallel ports. It restricts access to only
network connections.
Shutting down the parallel ports ensures that no one can configure the MFPs or print using
these connections. Thus, users will not be able to bypass job accounting or restricted access,
such as color printing, by using alternative connections.
This setting causes the MFPs to turn off and turn on. They will be out of service during this time.
This is also the reason this setting should be configured independently of other setting
configurations. If you attempt to configure this setting with other settings, the other settings will
likely fail. This is because Web Jetadmin temporarily loses contact with each MFP while the
MFP is restarting. Be sure to wait a few minutes until all of the MFPs are online and ready
before executing another configuration.
With Direct Ports disabled, the parallel and USB ports are turned off, and the MFPs behave as
if the ports do not exist.