When it Comes to Cybersecurity, Don’t Forget the Printer
Although October is officially National Cybersecurity Month, the truth is that cybersecurity awareness needs to be a year-round endeavor — and more so than ever in this post-pandemic, hybrid-office, cloud-centric world. The annual Cost of a Data Breach Report from the Ponemon Institute and IBM shows 2021 had the highest average cost of a data breach in the report’s 17-year history — $4.24 million, up 10% from the previous year. In the U.S., the country with the highest cost, the average was more than $9 million.
If, as an organization, you’re not taking security seriously by this point, then it’s only a matter of time before you’re the next victim. Start now with the knowledge that every device on your network and every person with access to those devices is a potential attack vector — and yes, that includes copiers and multifunction printers (MFPs).
Print devices can be hacked, used for malicious purposes, serve as entry points for cyberattacks, and pretty much anything else a cyber attacker can use a computer for, so to ensure a secure environment, it’s best to treat them as such. This includes putting into place some of the same precautions you would use on the computers and servers on your network.
Access and Passwords
You wouldn’t leave the default password on your network router or allow users to set their password as “password,” would you? (Would you? Don’t.) The same should be true for your printer. Compromised credentials were the most frequent attack vector in 2021 according to the Ponemon report. During setup, the admin password should be changed and users with administrative access should be limited. Another way to limit access to critical administrative functions is by configuring the devices with Active Directory user authentication, making them a trusted network device and providing much tighter control over which users can access which functions.
Network and Email Security
Today’s advanced MFPs are often onramps to an organization’s network. Most offer accessible network and cloud storage at the click of a button, as well as the ability to email documents directly from the control panel. If connections are unencrypted or unsecured, hackers can easily gain access to a device, thus providing entry into the entire network. Network administrators can’t ignore the MFP as a traffic source and implementing the correct security protocols on every networked print device is a must.
Secure print release should be standard for printer users, particularly in industries where personally identifiable information (PII) is prevalent. The “paper left on the output tray” error is one of the oldest sources of a security breach in the book, but it is still disturbingly common, even in the digital age. Fortunately, most new print hardware comes with multiple options for secure release – technology like NFC and mobile devices offer even more options for administrators to set up authentication methods.
Don’t Forget the Hard Drive
Yet another similarity between printers and computers is the fact that they have hard drives that contain sensitive data. Before trading in or disposing of a computer, most people know that the hard drive needs to be wiped clean. The same is true of an MFP’s hard drive. Scanned documents, user data and more need to be wiped clean before disposal or trade-in.
Get it All Under Control
Even for large enterprises with multi-person IT teams in place, printer security can get lost in the shuffle. It’s essential that print devices be included in the overall umbrella of network security and that all security protocols apply to print devices as well. For smaller organizations with a small IT staff or single person serving as IT support, ensuring print device security can be overwhelming. Fortunately, many print device providers now provide assistance in the form of software, monitoring programs, and entire security suites that can help keep print security under control. And of course, having hardware designed with advanced security in mind makes it much easier to maintain control.
Look for devices with built-in security like data encryption, data overwrite, intrusion security features, encryption, built-in email security, auditing abilities, and more. Devices designed with today’s security landscape in mind will offer protection against everything we’ve mentioned and more, allowing IT admins peace of mind when setting up new devices.
Other features, like remote device monitoring, give admins a full picture of all the MFPs on the network, allowing them to view not only things like supply status, but centrally manage passwords and monitor admin access. It’s a complete picture in a simple step that greatly simplifies things for the staff.
The security landscape isn’t going to improve anytime soon. As long as cybercriminals can make money and gain notoriety from attacks, they will. Every organization, regardless of size, must stay vigilant – and that includes securing every device on the network.
Sharp MFPs and printers are built with multi-layered security in mind, incorporating each of the measures mentioned above. To learn more, visit sharpusa.com/security.