When IT managers think about printer security, they tend to focus on the security of the documents coming off the printer. That’s definitely an issue, especially for organizations that print a lot of sensitive content. However, the security of the devices themselves tends to be neglected, leaving a gaping hole for attackers to access the network.
The problem is so widespread that the Federal Trade Commission has published copier data security guidelines to help businesses improve printer security.
The new GDPR regulations have compounded the issue. By not properly securing data with printer network security, you could be inviting a breach of confidential customer and/or employee information. If that happens, or even if you’re caught improperly storing data on printers, you could face expensive fines along with a public relations nightmare.
Security breaches through printers: what can happen?
These are just a few potential ways that cyber-attackers can take advantage of lax printer security to harm your business:
- Stealing sensitive documents stored on printer hard drives.
- Re-routing print jobs (think tax records or employee records) to their own printers to access the information.
- Sending unauthorized print jobs to your printers (such as offensive material).
- Using the printer to attack other network systems.
You might assume you’re safe from printer security breaches because you have a small business that no one would target directly. Unfortunately, that’s not the case! In 2016, a hacker managed to print racist flyers on printers at more than a dozen college campuses. He told the New York Times that he was not specifically targeting the colleges, but sending the flyers to every publically accessible printer.
7 steps to lock down your printer security
#1. Physically secure the device.
Ideally, install shared printers in an area where they are under someone’s watchful eye. Better yet, in an area that only employees have access to. You can even install a lock that prevents someone from stealing the printer. While not likely with a large multifunction machine, it could happen.
Also, disable any physical ports so they can’t be used to access data on the printer.
And of course, set up user authentication using secure print software, so users need a PIN, card or badge to retrieve their printed document. That gives you the ability to track who prints what.
#2. Remove printers from the Internet.
You don’t want your network printers available on the public Internet. It’s simple and relatively inexpensive to set up a hardware firewall to protect them.
#3. Use data encryption.
When someone prints a document, that data has to travel through your network and has to be stored for some period of time on the printer. If that data is not encrypted during that time, it’s vulnerable to attackers, who can easily read it if they manage to intercept your data. So, make sure the your print jobs are encrypted while in transit, so all data is scrambled and unreadable. And, make sure you choose a printer that provides encrypted storage.
Another printer security tip: for more protection, set your printer to automatically delete data from the hard drive after the print job is complete or after a specified period of time.
#4. Protect the admin control panel.
Your IT staff can manage printer administration through a web-based control panel. You’d be amazed how often people fail to change the default password for that page. That’s a huge printer security risk. Change it now!
#5. Shut down default services that aren’t needed.
By default, many printers enable protocols like HTTP and FTP, which are insecure and typically aren’t needed. That means a hacker can directly access any data stored there. An employee with programming skills could use the printer for unintended purposes, like setting up an FTP server to store music or even pornography.
#6. Keep firmware up to date.
Printer manufacturers periodically provide firmware updates for their machines, and very often these contain security patches and updates. Keep your printer security tight by regularly updating the firmware on all your network printers.
#7. Erase the hard drive when returning the machine.
What happens to the data on the hard drive when you return leased copiers or dispose of old desktop printers? That data can very easily wind up in the wrong hands. Read this story about a CBS investigation: the reporters easily managed to buy a handful of discarded copiers for just a few hundred dollars. They found tens of thousands of documents including pay stubs, social security numbers and checks.
To ensure printer security, never let a printer leave your office without wiping the hard drive. Or, you can have your copier dealer destroy the hard drive for you. We perform that service for our customers for a very small fee.
Did you know secure printing can also save money?
Modern copiers allow you to set up secure print with user authentication (as we mentioned in step #1). Doing that not only secures your documents, but prevents a lot of wasted printing. You’ll be amazed at how much you’ll save in supplies, paper, and even service costs.
Read this case study to find out how much a NYC business save on office printing by optimizing their print environment.
Want to find out more ways you can easily cut down your printing costs, so you have more budget to spend on other priorities? Sign up for a free print assessment.