This news story has reminded people to secure their printers. HP has made a PDF document available as a complementary guide to known best practices for increasing MFP security.

HP provides this checklist as a guide to best-practice security configurations that allow for reasonable convenience and usability. Some of the recommended settings create extra steps when accessing and managing MFPs. For instance, once you disable EWS configuration, you cannot access it again until you re-enable EWS configuration from HP Web Jetadmin. These settings are tested in a variety of conditions and using various combinations of simulated customer environments. Testing includes configuring all of the MFPs at the same time and verifying that the affected features continue to function. However, it is impossible to test these configurations in all possible network environments. You should test these settings in your environment to ensure that you understand their effects. You may find that some of the settings cause undesirable limitations. See the Ramifications section for further information and cautions.

This checklist is provided only as a complementary guide to known best practices for increasing MFP security. HP does not claim or warrant that these configurations prevent misuse of MFPs or networks or that they prevent malicious attacks on MFPs or networks. Use this document at your own risk.

Editor's Note: We made this available as a zip file for simple downloading.