192
HH490 User Guide
•
Ensure access is restricted to administrators for secure process channels, devices, and components related to
barcode scanner series.
•
Enforce proper configuration at installation of barcode scanner series and its components, including secure by
default, baseline configurations for detection of unauthorized changes, and configuration of least functionality
required and management of configuration changes. When possible, the configuration should be automatically
traced and reported.
Security Updates and Service Packs
One of the common weaknesses of system management as reported by, Open Web Application
Security Project (OWASP) is "not keeping software up to date". It is critical to keep the latest patches
and software versions on your Honeywell device. This is especially true for software that has
reported Common Vulnerabilities and Exposures (CVE). The MITRE Corporation and the National
Institute of Standards and Technology (NIST) track CVEs and mark their level of criticalness. For
example, when a critical vulnerability was found in the popular OpenSSL® cryptographic software
in April of 2014, the TLS heartbeat read overrun (CVE-2014-0160) was tracked and marked by both
organizations. A CVE such as the CVE-2014-0160 must be addressed as soon as possible.
Honeywell provides system updates for both security and feature-related purpose. If the third-party software has been
installed, Honeywell recommends testing the update on a non-production system to ensure Honeywell software
continues to operate correctly.
Caution: Before installing any critical updates or making any system changes, ALWAYS back up the system. This
will provide a safe and efficient recovery path if the update fails.
Additional Resources
Security Resources
The MITRE Corporation
National Institute of Standards and Technology (NIST)
Open Web Application Security Project (OWASP)
U.S. National Vulnerability Database (NVD)