Is your printer the weak link in your brand’s cybersecurity? | Nov17 Newsletter
You've covered all bases to protect your business against cyberattacks – incorporating the latest firewalls and virus scanners, a vigilant IT team and a well-trained workforce. But hackers are hoping you’ve overlooked a potential security vulnerability: the office printer.
Today's wireless multifunction printers (MFPs) are complex networked devices. And if not secured properly, they can expose your sensitive business data to unauthorised access and misuse. Even worse, beyond the damage to company reputation and bottom line, if certain companies fail to notify clients of data breaches impacting them, they could face severe fines under the Australia Government's Notifiable Data Breaches (NDB) scheme which is set to roll out in February 2018.
The bottom line is that safeguarding your printers is essential. Here are the best ways to prevent unauthorised printer activity and eavesdropping.
Secure access to your printer
Modern printers offer superior convenience, with features such as combined printer/scanner/fax capabilities, and wireless connectivity from PCs, laptops and other devices. But this can also make them prone to malicious activity, as shown recently when a UK hacker gained access to thousands of publicly exposed printers.
This can be prevented by ensuring your printer only allows access from approved networks and devices. Strategies include:
- Configure the printer’s access control list (ACL) to limit access by device, individual or network (including wireless networks).
- Consider using a PIN-based 'pull print' solution to avoid sensitive documents being abandoned in the tray.
- Turn on encryption to protect printer data, in transit and stored on the printer's hard drive.
A wireless printer can be a potential opening to hackers if it also has direct access to your company’s network. This can be mitigated by choosing a printer that allows direct peer-to-peer printing using its own local wireless signal, without needing to tap into your company LAN.
Patch and update
Like any other networked computing device, printers should be refreshed regularly with patches and other security updates. Be sure to check for firmware updates as part of your regular printer maintenance schedule.
If you’re using not just one printer but a whole fleet of them, it's a good idea to use a fleet security management tool that can identify new devices as they're added, and automatically apply company-wide security settings. It may also be worth investing in tools that can monitor your endpoint devices, including printers, for unusual behaviours or incidents.
Effective printer security begins with the understanding that any networked printer can potentially be used to hack into your systems and databases. Take proactive steps to secure your printers and you’ll have one less security headache to manage.