Printers suck. I’ve already written about why they suck. What I didn’t realize until recently is that they also pose a serious threat to IT security.
A white paper published by IT analyst Quocirca found that 63 percent of companies surveyed suffered at least one printer-related security breach. Even more disturbing (yet not all that surprising) is that only 22 percent of organizations consider printer security an area worth prioritizing.
Feature-rich with little to no out of the box protection, a printer can act as one of the biggest attack surfaces in a given IT infrastructure. Some companies have no idea that they’re vulnerable to common print security risks such as:
- Theft. Forget network hackers – any documents that are not immediately secured can easily be swiped from the document tray by anyone in the office.
- Printer attacks. From bringing the system to a halt with phony print jobs to using the device as a pawn in DDoS attacks, hackers can exploit printers to wreak major havoc on company resources.
- Network vulnerability. An unsecured printer can put an entire network at risk. All it takes is a single open vector to provide access to any connected device.
- Data breaches. Social security numbers, customer data, and confidential documents are regularly stored in printer caches. Left unguarded, this info is easy pickings for criminals armed with the simplest of tools.
Managed print services (MPS) are available to organizations looking to optimize, streamline, and simplify their printing environment. MSPs and VARs are in the position to guide their clients on the finer aspects of printer security. These pointers can help.
Devise a Printer Security Strategy
Companies build elaborate training programs around teaching workers to safely use mobile devices. After realizing how dangerous they are, the same respect should be given to printers. An ideal printer security strategy is made up of standards, policies, and processes that govern how printing resources are to be used across the organization. A layered strategy that covers all the basics, yet can incorporate advanced security functionality as printing operations and business needs evolve is truly ideal.
Lock Down the Printer
Proper printer security starts at the device. Most modern network and multi-function units come with access control, authentication, and other built-in security features. IT administrators should check with the manufacturer for firmware updates and recommendations on default configurations that protect the device while on the network. It’s also a good idea to keep physical security in mind by housing printers in a safe area and incorporating locks, proximity badges, and smart cards that protect against physical removal.
Encrypt Printer Data
As a shared resource in most office spaces, print job data travels across a network of connected computers. While the original data may be protected on the source system, print jobs send it over the network in plaintext that can be easily intercepted and comprehended by the most basic of hackers. Encryption offers a way to protect data as it travels across terminals, cables, and other points in the network. Found in Linux distros and older versions of Windows, Internet Printing Protocol (IPP) offers both encryption and authentication to keep prying eyes away from printer data.
Stay on Top of the Print Environment
For most companies, organizing documents is the extent of their print management strategy. As a vital part of the network, a printer represents its own infrastructure and should be handled accordingly. Luckily there are tools available to help IT administrators track virtually every key aspect of the infrastructure. Such utilities make it easy to track print jobs and keep up with the users running them. Armed with these monitoring capabilities, administrators can identify users who may be violating printing policies as well as opportunities that allow the company to reduce print jobs and save money.
Dispose of Old Printers the Right Way
Old hardware can be a headache in more ways than one. An old, broken printer, for example, can be a major liability if not properly disposed of. Many printers store small amounts of data on internal hard drives and when old equipment is tossed, that information discarded right along with it – but it can be retrieved with relative ease. IT administrators should make sure all printer data has been wiped clean from the device before anything is junked or sent to a thrift store. In many cases, those hard drives can be removed, connected to a PC, and erased in a few quick clicks.
It’s past the time we start to view printers like smartphones, tablets, and other devices we add to the network. Most organizations don’t want to go through all the trouble. IT service providers who can shoulder the burden with managed print services that make security a non-issue will be treasured as valuable assets by their clients.
By: Contel Bradford