Et tu, printer?

When you think about protecting your business from security risks, what comes to mind? Most likely, you're not thinking about your office printers. But you should. 

Printers found in many businesses these days do more than just print. Many of them also scan, copy, fax and receive print jobs through a network connection. Like a computer, printers are equipped with processors, hard drives and operating systems—and are thus susceptible to the same threats that commonly plague PCs. 

Watch out for these threats
There are many different ways your printer might be compromising the security of your business. Here are several threats you should make sure you're defending against: 

Document theft: This is the most obvious threat and applies to all printers. If printed documents are sent to the printer and left there for a period of time, it's very easy for someone to come by and take them, or at least look through them. This is an easy way for sensitive information to fall into the wrong hands.
Defense: Keep office printers in a visible open area instead of in a separate room where they can't be monitored. HP Access Control Secure Pull Printing helps reduce unclaimed prints and increases efficiency. Users can print to a secure network, authenticate with ease, and retrieve jobs when necessary. Another good idea is to designate separate printers for departments that deal with sensitive information.



Unprotected settings and controls: If your printer control panel isn't password protected, a user can wipe out all of your settings by resetting the printer defaults. People might also mistakenly or intentionally alter and reroute print jobs or open saved documents they should not be seeing.
Defense: Make sure your control panel is password protected. You can most likely access the control panel or an administrative portal of some sort through a web browser, a screen on the printer, or your PC. 

Data retrieval from stolen or tossed out printers: If your printer has an internal drive, it can store print jobs, scans, copies and faxes containing sensitive information. This information can fall into the wrong hands if someone steals the printer or when you get rid of your old one without properly erasing data.
Defense: Make sure to erase the hard drive before you recycle or trade in any printer. When buying a new printer, look for one that has an encrypted hard drive, or buy a printer that doesn't write to the hard drive in the first place. 

Hackers: If you use a web-connected printer, there are several different threats posed by hackers that you should be aware of. Via the internet, attackers can send unwanted print jobs to your printer, use it to transmit faxes, change its LCD readout, change the settings, launch denial-of-service (DoS) attacks to lock it up, or retrieve documents. They can even install malware on the printer that will allow them to control it remotely.
Defense: Use a printer that supports encrypted connections and connect online using an "https://" protocol, which is designed to transfer encrypted information, instead of the insecure "http://." Don't make your printer vulnerable by opening its Web interface to the internet, and check to see if your printer has Access Control List (ACL) support that lets you define who can use or administer it. 

Businesses can no longer ignore their printers as security threats. Take the time to educate yourself on the types of printers your business is using, the significant threats outlined above and the proper precautions you can take to avoid them. Check out HP Secure Printing Solutions for more ways to help protect your company's sensitive information.

TweetBacks
Comments (Comment Moderation is enabled. Your comment will not appear until approved.)
Comments are not allowed for this entry.