Office printers: The ticking IT time bomb hiding in plain sight
Office printers don’t have to be security threats: with foresight and maintenance they’re very easily threat-proofed. The problem is that system administrators rarely give the humble printer (or scanner, or multifunction printer) much attention.
But hackers haven’t forgotten about printers – not by a long shot. Last summer, a Russian hacker group penetrated numerous organizations by first infiltrating unprotected printers, which were connected to the same network as every other device, and then laddering up to exploit increasingly sensitive areas. Furthermore, according to a recent report, foreign governments can also easily conduct industrial espionage by targeting this under-the-radar beachhead into the organizational networks.
Given that each business, budget, and network infrastructure are unique, there are no “one size fits all” fixes, but there are a few security best practices for printers I consistently see ignored in the field.
Here’s a look at the common-sense measures all businesses should employ:
Change the default password
We’re starting off with the simplest mistake that I see in the field all the time, sometimes on a company-wide level. Even in California, which recently issued new, stricter default password guidelines as outlined by Senate Bill 327, we still recommend that the administrator password be changed when a new device is connected to the network.
Consistent firmware updates
Another easy-to-fix but all-too-common problem. Users who get a prompt to install updates should restart the device right away; the trouble is they usually don’t. Tech teams need to make sure they have the latest device firmware and that it is installed on their fleet in a timely manner. Losing printing and scanning access for a few minutes is a small price to pay when the alternative is a cyberattack that halts infrastructure for days, weeks or longer.
Pull printing
Although a malicious third party breaking into an organization’s data is a real and present danger, document-related breaches, many of them inadvertent, are an equally large threat. An employee accessing sensitive information and then taking it with them off-premises, or simply sending a confidential document to the wrong party, can be as disastrous as a “hack.”
One relatively simple way to improve document security is pull printing. There are many advantages to pull printing, but focusing solely on the security aspects, this creates an added layer of security by requiring users to enter a unique code or insert an ID card before retrieving files. Inputting these credentials reduces the risk of sensitive data falling into the wrong hands.
IP filtering
IP filtering protects data in a similar way to pull printing, by using filters that only grant access to users with legitimate IP addresses. IP filters block unauthorized requests without the correct address, safeguarding customers’ sensitive information while ensuring compliance with privacy laws.
Device-based document management software
If pull printing or IP filtering isn’t enough, there is an increasing number of third-party apps that can be integrated into office devices to ensure a wide array of document-management and workflow processing needs are met. This way, management has a holistic, real-time understanding of who is viewing what, when and why.
Custom hardware modifications
Altering the physical devices themselves is, in some ways, the ultimate level of protection, but there are many modifications that can be made that are not overly complex. For instance, customizing devices by disabling Wi-Fi connectivity is one option my team is sometimes asked for in order to increase device security. On the subject of connectivity, customers can also opt for newer models with the latest security authentication standard, 802.1x, which supports more advanced levels of communication across wired and wireless connections.
However, even files left on many printers and scanners with built-in hard drives can still be pulled in-person with a memory stick.
Third-party testing
Using third parties to continually help identify security risks is a smart course of action for enterprises that are truly serious about security measures. Many printer manufacturers have latched onto this approach, contracting with IT services companies to test network and device protocols. This strategy is not just effective, but also an easy way to avoid heaps of bad press down the road.