Nine out of ten office workers do not perceive printers or multifunctional devices (MFPs) as a risk factor. However, this hardware, which has grown in sophistication over the past 20 years, connected to corporate networks and the Internet, is as interesting to hackers as laptops or desktops.
Sharp, one of the leading manufacturers of enterprise printing devices, surveyed more than 5,500 small and medium-sized business (SMB) workers in Europe to find out their attitudes towards printer security, the need to protect them – through technology and user-friendly behavior with their new devices like their 3D and laser printer.
The study showed that many company employees lack formal skills and knowledge in this area, moreover, almost half of the respondents did not know at all that hacking a printer was in principle possible. Partly to eliminate this shortcoming is intended to be a guide drawn up based on the results of research by “ethical hacker” Jens Müller (Jens Müller).
The document states that uncontrolled access to office printers and MFPs creates multifaceted security risks – from downloading (intentional or accidental) malware through a printer into an enterprise network to stealing printouts from the output tray of a printing device. Meanwhile, 62% of employees in firms with fewer than 50 employees said anyone can work with their printers and MFPs. In larger enterprises (from 151 to 250 employees), this indicator decreases, but only slightly – to 43%.
A fifth (21%) of respondents say that their workplaces do not have any procedures for ensuring the safety of printers and MFPs. One in four found confidential information in the printer’s tray that was not intended for him, 28% printed documents in the office created at home – outside the secure environment of the enterprise, and 14% printed potentially unsafe files downloaded from an open network.
Minimizing security risks from network printers
You can minimize the risks from printers and MFPs in an SMB environment if you follow a few simple rules recommended by Mueller:
• protect access to MFP functions with a password (now this is neglected in 52% of European offices) and change the default administrative passwords;
• organize the maintenance of activity logs and notification of incidents by e-mail;
• activate filters for IP and MAC addresses;
• Provide transport layer encryption (TLS / SSL) or all network traffic (IPSec), built-in hard drive, PDF files, e-mail (S / MIME);
• regularly check availability with an authorized dealer and install the latest firmware;
• not allow visitors to use office equipment, hinder physical access to ports;
• disable any unused local and network printing services;
• configure the issuance of confidential printouts to the tray only by PIN-code or ID card;
• Safely dispose of old equipment, especially memory modules and hard drives.