As companies scramble to secure their networks, workstations and mobile gadgets, many ignore printers, a device cyberthieves are finding fruitful in their quests to exfiltrate data from targets. Printers have evolved from their days as dot-matrix, noise-polluting hardware into powerful networked equipment that carry vulnerabilities like other endpoints.
But printers are easy to overlook. They likely rest in an office corner space, collecting dust and laden with unclaimed printouts that could be stolen or tossed in the trash. But they’re also connected to companies’ wireless local area networks (WLAN), opening gateways to the Internet and leaving them defenseless against cybercriminals.
Spiceworks surveyed more than 300 IT professionals and found only 16 percent believe printers are at high risk for a security breach. That blind approach puts businesses in precarious spots. Many are allocating significant funds to deny attackers access to their networks, but unwittingly leaving doors open for them to sneak in.
Printers are connected to every device in organizations’ networks. Network settings that aren’t reconfigured lead printers to trust all incoming commands as authentic. This simplifies printing from any device but exposes businesses to attackers.
Printers offer a myriad of information for anyone lurking. An unsecure one could leave a network of connected devices vulnerable to a breach. Hackers would have the opportunity to spy on networks, inject malware and compromise the security in which businesses had invested.
Multifunction printers can store printed data electronically. Print jobs stored in a printer’s cache could allow hackers to access sensitive information. Employees’ and clients’ personal information would be at risk should a cybercriminal gain access to broader company networks. Social security numbers, financial statements and invoices, and internal memos could be exposed.
Some enterprise-level printers come with built-in security features, including:
- Automatic-attack detection, protection and healing
- Tracking use to provide unauthorized use
- Simple sign-in options such as personal-identifiable numbers
- A proximity card reader that allows users to authenticate and print securely using an identification badge
- Secure encrypted printing for sensitive documents
Keep firmware updated and require authentication and authorization for access to settings and functions to help eliminate breaches and reduce printing costs.
Don’t ignore printers. Give them the attention they deserve before they open a Pandora’s Box of problems that could leave business leaders disappointed, when they learn their devices can’t print the money needed to fix their unforced errors.
To discuss security strategy, contact Security Analyst Frank Verdecchia at firstname.lastname@example.org.