One device administrators haven't secured with a smart card is the lowly, yet hardworking, multifunction printer. Even for the admittedly smart-card-savvy DOD, "Imaging and printing are the biggest security holes," says Enrique Barkey, Worldwide Director, Public Sector, at HP.  

"The DOD realized a person could take a document and put it on a multifunction printer and send it by email straight out of an institution without any control," adds Simon Wakely, who is vice president of business development at smart card middleware provider, ActivIdentity.

"It goes beyond the DOD: Even in commercial space, the weakest link is imaging and printing," says Barkey, who is HP's worldwide director, public sector. "A lot of damage can be done because multifunction printers are connected to the network environment—they are the On and Off ramp to the digital world."

Which is why HP teamed up with ActivIdentity, creator of ActivClient smart card enablement software, to build a solution. The result: An HP multifunction printer that can read Common Access Card (CAC) smartcards and, via ActivIdentity middleware, communicate with Active Directory (AD) to authenticate employees to allow them to scan documents and email them.

            The user sends a print job, which is encrypted, compressed, locked, and stored on a print server. Or the user goes to the printer to start a scan job. He or she inserts the CAC smart card in a reader at the multifunction printer.  The printer prompts for a PIN, which the user enters. The middleware uses the PIN to unlock a secret area on the smart card, then, using public key infrastructure (PKI) to provide a certificate, and AD to provide the info on the user, a credential is released and compared, and the response comes back—the user is approved.

Although the DOD requires authentication only for scanning documents, other organizations require authentication for printing documents—not only for security reasons but for cost-saving measures, especially in paper-intensive offices. "Printing costs can be a significant part of some organizations’ budgets. A way to start controlling the printing environment is through security," says HP's Barkey.

"ActivIdentity and HP have positioned this strong authentication solution into the private sector too," adds Wakeley. "Smart cards are becoming ubiquitous as a strong form of authentication."

To learn more see Active Identity's web site at http://www.actividentity.com and HP's web site at http://www.hp.com/large/solutionhomeshared/ipgsecureprinting.html.