Manualshelf

HP LaserJet, OfficeJet, PageWide, ScanJet - HP FutureSmart Firmware Device Hard Disk, SSD, and eMMC Security (white paper)

ManualsBrandsHP ManualsPrint & ScanC2S11A
12345678910
PUBLIC 2
Overview
This document discusses secure erase options and hard disk, SSD and eMMC security on HP FutureSmart
Firmware printing devices. It replaces previous security documents HP FutureSmart Firmware Device Hard Disk
Security, Solid State Drive Security for HP Printing Devices and eMMC Security for HP Enterprise Printing Device.
Hard Disk Drive Security Overview
To protect customer data on devices using hard disk drives, all data written to the data disk areas are
encrypted using AES-128 or AES-256 encryption (on products manufactured after November 2012). The
section of the hard disk containing job data can be securely erased on demand, instead of performing an entire
disk wipe (See Erase Job Data). Industry standard ATA Secure Erase is an available option which securely wipes
all data including spared and reallocated sectors for decommissioning devices (See Secure Disk Erase).
Hard Disk Architecture
The printing device Hard Disk is divided into different sections for different classes of data
Job Data: Contains all job data, including temporary files for print and scan jobs, and Stored Jobs.
Configuration Data: Contains printing device dependent configuration settings and system
information. Information stored here includes printing defaults, authentication configuration, and
some customer specific configuration settings.
System Data: Contains the HP FutureSmart Firmware operating system code. This code must be
present on the hard disk for the printing device to boot. Previous HP printing device operating systems
booted from a compressed image stored in non-volatile memory.
Repository: This area contains a compressed copy of the device operating system installation code,
providing a way to restore a corrupted operating system image or recover from a failed firmware
upgrade.
Secure Erase Commands
HP FutureSmart Firmware printing devices support four different data erase features to securely erase
ongoing job data, and for device decommissioning or redeployment.
1.
Managing Temporary Job Files
The feature controls how temporary job files are erased at the completion of print, copy, fax, or digital
send jobs.
Temporary job files include:
o
Temporary data for print jobs
o
Temporary data for copy, fax, e-mail, and send to network folder jobs
The File Erase Modes available are:
o
Non-secure Fast Erase (No overwrite)
o
Secure Fast Erase (Overwrite 1 time)
o
Secure Sanitizing Erase (Overwrite 3 times)
Note: For File Erase mode specifications see Appendix A