Most organisations are well aware of the dangers of data breaches, and take cyber security very seriously as a result. But there is one security risk that is often overlooked: the seemingly innocuous printer.
Printers and multifunction devices (MFDs) have progressed in leaps and bounds over the years – no longer do they simply ‘print’, but they also copy, scan, email, and the list goes on. In order to fulfil these functions, devices have to be able to connect both to the wider network and the internet – but this connectivity makes them extremely vulnerable.
In fact, one security researcher found hundreds of printers that offered full access to their administration panel online, exposing them to anyone with an internet connection who knew about the vulnerability. In a worst case scenario, according to researchers at the Ruhr University Bochum, hackers could even use MFDs as an entry point to pull an organisation’s network credentials and gain higher levels of access.
Now consider the types of sensitive documents that are transmitted to, stored in and printed from your printers and MFDs – these are all at risk of falling into the hands of malicious attackers simply due to devices unknowingly being left unsecured.
When it comes to properly securing your print environment, printer security software plays a crucial role, patching vulnerabilities at several different levels. Here are 7 printer security features to look for when considering purchasing new devices or software.
User authentication and authorisation
User authentication enables users to verify their identity, using logins or ID cards, before using devices, while authorisation restricts printer functions based on the user. This can be further strengthened with an account lockout function, which temporarily locks the accounts after a certain number of incorrect login attempts.
User authentication facilitates “follow-me” or pull printing (see below) to help keep documents confidential, while user authorisation prevents employees having administrative access to settings on the device, which they may advertently or inadvertently change to make the device more vulnerable to outsiders.
“Follow-me” or pull printing
“Follow-me” or pull printing enables users to release their print jobs from the printer once they have authenticated themselves via a login or ID card. The job is then erased once it has been printed.
This prevents sensitive documents being forgotten in print trays or being picked up by malicious actors, maintaining confidentiality.
Secure communication protocols
A device’s connectivity to both the internet and the network makes it highly vulnerable to man-in-the-middle (MitM) attacks, where malicious actors secretly insert themselves within a connection and intercept all the data passing between the two parties. That means, theoretically, that a hacker could read every document a CEO sends to the printer.
One way to defend against this is to ensure any transmitted data, whether it is going to or coming from the device, is encrypted via a secure communication protocol. This prevents information being viewed by potential MitM attackers.
Stored data protection
Many people are unaware that the device often stores data temporarily and, if the device is left unsecured, this data can be leaked to outside parties. To combat this, data stored within the device can also be encrypted so that, in the event sensitive or confidential information is intercepted, it cannot actually be read.
Data overwrite function
When a device completes a job, most people assume the file is then deleted. But ‘deleted’, doesn’t necessarily mean the file is completely erased – in fact, it remains on the device’s disk drive until it is overwritten when space is needed. And this data can in fact be retrieved by those with the know-how.
An overwrite function ensures this data is truly erased by overwriting it with meaningless data, thereby preventing the actual data from being restored by a third party.
Network access restrictions
To further defend against unauthorised access, some MFDs can limit communications to only a set range of IP addresses. This means only pre-authorised devices are able to communicate to the device, helping to defend against malicious attackers masquerading as authorised users, and tapping or altering data.
Because printers are typically connected to many, if not all, devices on a given network, they are particularly attractive to hackers. Network monitoring software acts as a gateway for the MFD’s incoming and outgoing traffic, monitoring it for any suspicious behaviour or potential threats, and providing immediate alerts if it detects something. In some cases, this type of software can even detect malware and immediately block it at the firewall.
When it comes to your organisation’s security, you simply cannot afford to overlook your printers and MFDs. Be sure to use every tool at your disposal to prevent a costly data breach.
Do you know what potential security risks your organisation is currently suffering from? Book a security audit today to find out what vulnerabilities are exposing your data.