Printers: The overlooked cyber security risk
Companies go to great lengths and take many precautions to protect their data and systems from cyber attacks. Still, it’s common for businesses to overlook an easy access point—multifunction printers (MFPs). Having an unsecured printer gives cyber criminals access to your network and your data.
If your printers connect to a network, they are just as vulnerable to cyber attacks as computers are. Printers might even be more susceptible because they are often unprotected and overlooked as points of entry. In August 2020, Cybernews deliberately brought attention to the need for companies to focus on the importance of printer security by hijacking 28,000 unsecured printers worldwide, forcing manufacturers to develop a guide about printer security.
In a 2020 study by Quocirca, the leading source of independent market insight in the print industry, it was reported that 33% of IT decision makers in the US were completely confident that their print infrastructure was protected against security breaches even while 74% had experienced data losses due to unsecured printing practices.
Not only do unsecured printers provide access to networks, but they also provide access to the data on a network and data stored in the printer. Therefore, it’s critical to include printers during regular audits for breach risk prevention planning. Many companies turn to a third party to help them with print security and risk prevention. In the US, 45% turn to Managed Security Service Providers (MSSPs) like Visual Edge to provide print security advice, and 17% turn to a Managed Print Services (MPS) like the Visual Edge Technology companies across the country.
TOP SECURITY RISKS
Printers provide a unique challenge for IT because there are multiple configurations, including network printers, remote login printers, personal printers. Here are some security risks to consider when evaluating the print equipment landscape.
Unauthorized Access / Uncollected Documents
Numerous documents get printed but never get picked up. Or documents print but may end up between prints belonging to someone else. Printed copies may contain sensitive or confidential information.
Multifunction printers (MFPs) are basically small computers. Without security in place, data can be exposed moving through the network either by a cable or wirelessly. For printers connected to a network, printer configurations can change to reroute print jobs. Just like small computers, MFPs store data, so if printers are used between companies or move from one company to another, temporary data may remain on the printer and could be exposed.
Mobile Device Printing
Organizations need to consider providing a cross-platform printing solution so that employees don’t use 3rd party apps to print from their mobile device, which could lead to many new multiple entry points for hackers to access your system.
PROTECTING YOUR PRINTERS & DATA
- Make sure your security audits and risk prevention strategy include your printers.
- Limit network printing by configuring settings so that the printer only responds to commands from the network router.
- Secure your printing ports by turning off unused protocols and services.
- Invest in print management software to track who’s using printers and how they’re using them.
- Encrypt data so that it won’t be of any value if it does get into the wrong hands.
- Install manufacturer’s patch updates for software and hardware as soon as possible because updates may contain fixes for security risks that the manufacturer has identified.
- Use two-factor authentication so that users must identify themselves to receive a print job in the print queue. You shouldn’t be concerned with only external threats. Internal threats do exist, and if you limit access to digital files, you need to restrict access to printed documents.
- Wipe the data storage drives once before removing the printer.
Pay attention to the risks of unsecured printers in your organization. Take steps to eliminate those risks. Some organizations help companies understand and implement best practices for cyber security, including PCI, NIST, HIPAA, and OWASP. And partner with a full-service managed services provider for both equipment and IT to ensure printers integrate into your network and are secure from outside threats. They can monitor, manage, and protect the print environment.
Visual Edge specializes in managed IT services and security, cloud computing, and print/copy solutions for businesses across the US, including remote offices. The company has more than 20-years of technology service with a national network of expert engineers. Request your no-obligation assessment today and get a free dark web analysis.