One of the most commonly overlooked security holes in any company often concerns the humble printer.
You may think printers are secure due to the use of a PIN code on the keypad or because you added network security features a few years ago. The truth is that printer security – like all security in a company – is something to analyze routinely, to adjust for new threats and vulnerabilities, and to tweak on a consistent basis.
In fact, printer security has become an even higher priority than previously thought as companies have done a good job of plugging holes in other areas, such as mobile and Wi-Fi access. Hackers have now turned to some alternative methods of breaking into a company and stealing documentation, passwords, files, and images that compromise intellectual property.
Fortunately, there are several steps you can take to deal with printer security in a way that leads to peace of mind.
To start, any undertaking related to security should start with an analysis phase. It’s important to understand exactly which devices are on your network, who is using them, how the devices are being used, and which security precautions are already in place.
Any analysis should start with the overall workflow — looking at how documents are stories, retrieved, and used in the company. Employees might be storing documents locally or on a network, and they may be using mobile devices. The important point here is to look at workflow holistically in terms of the routine access throughout the day as well as guest access.
Once you understand the use cases, it’s important to analyze which security measures are in place, especially on the network. Trace a document from how it is accessed, edited, stored, and then printed. Analyze how the document is transmitted to the printer, and then how the documents are picked up or used after they are printed.
The more you know about the users and how they print, the better you can understand how to then improve printer security. At this point, after the analysis, it is important to examine the device themselves and then the network used to transmit documents.
2. Local printer security
Companies should investigate all printers and copiers, including how employees use them, where they are used, and how often they are accessed. This is especially important considering that printers are now increasingly advanced and can connect to wireless networks for remote access, which opens them up to new vulnerabilities.
At the printer itself, the security infrastructure should be as robust as a computer or any other endpoint device. As mentioned, this can mean much more than typing a passcode. Companies should look into how the printer could be accessed and hacked.
One advancement in this area is to output documents only at a pre-determined time so that an employee can retrieve open documents in the printer tray. Too often, employees will make a print output and then leave documents unattended, but new technology can help prevent that by only printing when the employee scans a badge and sets a print output time.
Another new technology has to do with digital shredding. Many high-end printers and copiers can store data meant for printing for long periods, even days or weeks. However, that means the data is vulnerable to hacking as it resides locally. Digital shredding is a method of removing all traces of the printed material on the local device after a set period of inactivity.
Companies should investigate several other security issues as well, such as hackers being able to remove a local hard drive, attach directly to printers, tap in remotely over a wireless network, use emerging wireless protocols such as 5G to access a printer, and also the local biometrics measures used to secure a printer, such as fingerprint readers.
3. The network itself
Other than the security issues related to the local device – such as stored data on a printer, stealing or compromising a local hard disk, and the biometrics used for security – companies should look closely at the network used for printers and copiers as well.
This ‘last mile’ connection is often the most vulnerable because it is the connection between the end-user (who might be located around the corner in the office), the connection into the servers at a company, and then the connection out to the printer. You might have network security measures in place for the servers and computers, but not the actual printing.
Of course, part of the analysis and improvements you make should address user authentication. There may be security precautions in place on the wireless or wired network, but if end-users only have to use a simple password to access an end-point, it won’t matter. Companies should investigate and improve user logins to make sure they are also highly secure.
Several network security protocols come into play here, such as IPFiltering, IPSec and SSL/TLS data encryption. As mentioned, it’s possible to implement network security for most activities on a network but to overlook the local printing, wireless, and remote access for printers.
Companies should also investigate and improve security measures related to compliance. In specific industries such as banking and health care, it is required to add security measures for all documentation stored on a network server, transmitted over the network, and then generated on printers and copies within the office. Often, failure in compliance in these key industries can lead to fines, especially related to HIPAA and PCI regulations.
The good news is that companies can add the local printer security measures, upgrade network infrastructure, and meet required regulations in ways that lead to peace of mind in terms of knowing whether hackers can breach a network through a printer network.
It’s smart to continually analyze printer networks and end-points (printers and copiers) and to improve printer security – all with the goal of staying one step ahead of hackers.