Three ways to secure your printer
Your office printer is a sitting target for hackers, so what can you do to secure it?
Laptops, desktops, tablets, smartphones - all are security risks. But there's another device organisations often miss; one that, according to a recent survey by Spiceworks, is 68% more likely to be the source of an external breach today than it was in 2016 and 118% more likely to be the source than an internal one. That device? The humble printer.
That survey goes on to say only 3 in 10 IT professionals recognise the printer as a security risk. In fact, many still hold on to the legacy perception that printers are safe inside the perimeter of a network, which just isn't true. Those that do realise their printers pose a threat must also realise the security solution has to be tackled from multiple angles - just a firewall, for example, won't be enough.
Printers often have access to an organisation's internal networks, and as IDC said, "an attacker who compromises a printer can have unfettered access to an organisation's network, applications and data assets."
A recent example of this type of hacking comes from late last year when fans of YouTuber PewDieDie hacked at least 50,000 printers. Fortunately, the fans merely printed a message requesting victims to follow PewDieDie and unsubscribe from a rival channel. While that prank was relatively harmless, hackers also have the ability to exploit firmware flaws that can result in fried data chips and printers that no longer function.
While a serious threat, there are steps your organisation can take to secure your printers.
Establish user authentication and access controls
Enabling features that require employees to enter a PIN or swipe their security badge at the printer to authorise a print job ensures confidential documents don't get left in the tray. It also keeps documents from being accidentally reprinted, which in turn saves paper and money.
Encrypt data in transit
Employees frequently print documents full of sensitive information. If printer data is not encrypted, this information flows unprotected over the network. Since printers provide an unassuming access point to the network, this means that data is exposed.
Encrypting data in transit from endpoints to the printer will help prevent this from being a problem.
Keep firmware up to date
Updating the firmware, which is the program installed on a printer when it's manufactured, is a basic precaution that often gets overlooked. But keeping the program up to date is an easy way to catch vulnerabilities and help secure your fleet.
Keep in mind, though, it takes time and resources to review, test and implement new firmware for a whole fleet of printers, which is one reason why it often doesn't happen as frequently as it should.
Finally, when buying your fleet, consider printers that have built-in security features, as printers are more difficult to secure after they've been bought and shipped.