Contents Sustainable Impact Footprint Integrity and human rights Supply chain responsibility Operations Products and solutions Appendix HP’s leadership team oversees our portfolio-wide requirements that mitigate the risks of NIST Platform Firmware Resiliency Guidelines. Social impact approach to security and provides the resources counterfeits, malware, and tampering. HP FutureSmart printers automatically self- needed to support HP’s continued leadership. Our heal and recover from attacks, and provide the Security Advisory Board, consisting of several Personal systems following award-winning features: Digital equity is the path for everyone, everywhere HP leaders as well as external advisors with to have equal access to education, healthcare, broad backgrounds in offensive and defensive HP produces the world’s most secure PCs • HP Sure Start maintains BIOS integrity. and economic opportunity. HP’s commitment to 5 creating positive, lasting change for communities security, advises us on the ever-changing threat and workstations. The HP Endpoint Security • Whitelisting ensures both HP and HP- landscape, augmenting our work in HP R&D and Controller is our foundation for hardware-based approved partner firmware is digitally signed around the world extends to how we design and HP Labs research activities. security, and has been certified by a third-party and validated. deploy products, solutions, and services. lab. It establishes a hardware root of trust, and is We continually conduct threat analysis on physically isolated from the machine’s CPU and • Run-time intrusion detection monitors memory HP’s portfolio of education products, emerging attack vectors, which in turn helps operating system, providing resiliency to the PC. for unusual activity. partnerships, and programs is enabling better guide product security development efforts. We • HP Connection Inspector monitors outbound learning outcomes and accelerating digital 1 employ cybersecurity specialists and conduct HP Wolf Pro Security helps small to mid-sized printer network connections. equity for millions of people worldwide, while our cybersecurity architecture reviews, penetration businesses with a simple solution that delivers strong focus on inclusive design aims to ensure testing, code reviews, and automated code maximum security coverage without increasing Through our industry-first printer Bug Bounty that everyone benefits from our technology. Our scanning using industry-leading tools. When IT’s workload or disrupting employee productivity. program, we offer rewards for highly trained, healthcare products are designed to streamline issues arise, we take appropriate actions to geographically diverse ethical hackers who patient care, optimize clinical workflows, and remediate reported security vulnerabilities. HP Sure Click Enterprise goes beyond Next- expose flaws in our print technology. The program deliver customized solutions. Many programs Generation Antivirus and Endpoint Detection and leverages deep, hard-to-find technical skills to find described throughout this report also contribute In 2018, we adopted the industry best practice Response with hardware-enforced isolation and obscure, previously unidentified vulnerabilities in Coordinated Vulnerability Disclosure approach, containment, and provides detailed, real-time our devices and ink/toner cartridges before they which describes how we work with partners, threat intelligence to security teams. are released to market. industry, and the security community to address 2030 GOAL HP’s Threat Research experts provide breaking vulnerabilities. When notified about a suspected HP Security Manager is the industry’s only 2 vulnerability, we investigate thoroughly and, news on malware, including indicators of comprehensive policy-based printer security Accelerate digital equity for 150 million people compromise and suggestions on how to defend by 2030 (beginning in 2021) if confirmed, work with the submitter on against threats. compliance tool. It is used to assess and remediate remediation and a coordinated public release configuration settings across HP printer fleets. PROGRESS THROUGH 2021 of information. Learn more about our personal systems Accelerated digital equity for security solutions and HP End-of-Use Services, HP Print Security Services combines credentialed The HP supply chain security group works to ensure including Device Recovery, Sanitization, and security experts and trained print specialists to that our products can resist attacks throughout the Recycling Services. assess customers’ unique print environments, 4.3 MILLION supply chain life cycle, from component sourcing address compliance requirements, develop and and manufacturing to transportation, service, implement plans, provide ongoing management, people and take-back. Our HP Product Cybersecurity Printers and proactively identify gaps in defenses. Standard for Suppliers, enforced through periodic 6 audits, contractually holds relevant suppliers to HP offers the world’s most secure printers, and Learn more about security solutions. our FutureSmart printers meet and exceed the 84 2021 HP Sustainable Impact Report www.hp.com/sustainableimpact
HP Sustainable Impact Report Page 83 Page 85