How to avoid a print security data breach

By Dave Mueller

Print security breaches happen more often than you may think. Endpoints are a key target and print devices are not getting enough attention in the enterprise’s IT security strategy. Cyber threats targeted toward printer and Internet of Things (IoT) devices have increased in in the first half of 2020 by more than 50%, according to the 2020 SonicWall Mid-Year Update Cyber Threat Report.  If the current pattern holds, total IoT attacks will surpass both 2018 and 2019 levels.

Today’s modern, intelligent, programmable print devices are routinely connected to the internet and the corporate network — in turn expanding the enterprise cyber-attack surface.

So, how do you protect your sensitive data while using your office printers and copiers?  

If your organization has not yet established an IT security plan due to inadequate technical knowledge, resources, or staff, qualified and experienced managed print services experts are available to help. The right managed print services provider will:

• Be able to provide you with a thorough printer and copier network security audit
• Have knowledge and insights into current cyber threats
• Advise you on the best security software and hardware technology available to meet your needs

Start the process of defending your printers, documents and data from network threats by physically securing your printers and copiers. If possible, move printers that are out in the open into a controlled access area. Access can further be controlled by disabling physical ports to prevent unauthorized use. Access can be further secured by requiring authentication and authorization for access to device settings and functions. Taking this step has the added benefit of controlling printing costs due to unnecessary and unauthorized printer use. Printer security technology experts recommend other security solutions such as PIN authentication, LDAP authentication, smart cards, proximity badges and biometric solutions.

To provide the users of office technology with efficient turn-key product solutions, many printer and copier manufacturers are offering models with a wide range of services and protocols built in. Many of these enabled-by-default protocols (Telnet, HTTP, FTP) are unnecessary and not secure. Leaving these services enabled may provide attackers with the ability to access the printer/copier data directly. If breached, a hacker would have access to all the data stored on the device. 

Disabling unnecessary services and protocols is a first line of defense strategy for heading off what are known as “zero-day” vulnerabilities. These are vulnerabilities that have not yet been identified but could eventually be discovered and exploited. Though zero-day vulnerability involves an unknown risk, the risk can still be mitigated by restricting and controlling access to your multifunction printers and copiers.

Encrypt print and copier jobs to secure data in transit in the event of interception and use encrypted storage to protect documents in the device’s queue. Data can also be protected by authenticating users and attaching them to their specific documents. Document owners are then required to authenticate themselves to the printer or copier before their documents will print. Make sure the end-point device does not store the document or data about the printed document once the print job is completed. In environments that involve multiple desktop printers and copiers, make sure that sensitive data is not stored on these devices. This is because desktop devices may be more vulnerable to physical theft, and with the hardware, the data could be stolen.

The importance of staying on top of software and hardware firmware updates cannot be overstated. This includes the firmware used in your multifunction printers and copiers. The role of firmware is similar to the function of a computer operating system. Like the operating system of your PC, firmware enables you to control how your printing device operates. Firmware is installed when the multifunction printer and copier is manufactured and provides the basic control necessary to use the device. When your printer or copier requires firmware changes, manufacturers will release an update. Firmware updates typically include a combination of fixes for known issues, as well as any applicable new features and improved security.

Without a doubt, the best way to secure your printer and copier is to invest in technology that is pre-programmed with the most up-to-date device security features. Look for multifunction printers and copiers that are designed to independently detect, protect, and self-repair damage from malware attacks. As you upgrade outdated equipment, replace it with systems that offer built-in threat detection and software validation features, so only authorized firmware and software can be installed and executed. This will provide your network with an extra layer of security.

Dave Mueller is the Vice President of Sales at Modern Office Methods. MOM has been helping businesses navigate their document challenges for over 60 years. Reach Dave
at 513-791-0909 or dave.mueller@momnet.com

Modern Office Methods is a Goering Center corporate partner, and the Goering Center is sharing this content as part of its monthly newsletter, which features corporate partner articles. Full Service Networking is the managed IT services division of Modern Office Methods.