Printer breaches are a cyberthreat.
On March 24, 2016, a hacker claimed responsibility for a security breach that affected some of the nation’s most elite higher education institutions, including Mt. Holyoke, Princeton University, Smith College and UC Berkeley. The breach resulted in reams of “hate” flyers being spewed from more than 29,000 printers.
The hacker used an online tool to identify accessible printers with public IP addresses and unsecure ports. The breach could have been much worse if the hacker had been able to intercept data through a “man-in-the-middle attack” and access and infect the institutions’ networks.
Many people don’t think of printers and multifunction devices as being susceptible to malware and hacker attacks like PCs, but they are just as vulnerable.
What can a hacker do with a printer?
A hacker can telnet into a printer, spy on print jobs, or even change the administrative settings on a printer, forcing users to print more copies than they intend to print. A cybercriminal can also alter a print job in some form, changing the color or wording, with malicious intent—or configure printers to act as zombies.
That’s why it’s so important for your customers to safeguard their printing resources, classify data and ensure they know what kind of data is on their printing devices.
The biggest security threat is internal.
IT departments can lock down printers from outside intruders, but the bigger threat is their own users. The simple act of using the device—printing a document to a shared printer—can result in data loss through uncollected print jobs, documents being sent to the wrong printer, or even unauthorized use of printers for paychecks or prescriptions. Any opportunity for a document to fall into the wrong hands is a potential risk.
Then there’s always the risk that malicious employees or visitors in an office or corporate headquarters can get physical access to the printing device and steal it or just access the hard drive if it’s not secured properly. When you consider that printing devices today have hard drives with a greater capacity than the standard laptop, this amounts to a large amount of data that can be pirated, especially since printer hard drives are not purged on a regular basis.
Unsecured printing devices present compliance issues.
Printers and multifunction devices are often overlooked with respect to compliance risks, but they shouldn’t be.
PCI-DSS, the Payment Card Industry Data Security Standard established by the credit industry, has set clear guidelines to protect the security of credit, debit and cash card transactions and safeguard cardholders against misuse of their personal information.
According to PCI-DSS, any system or network that allows you to store, process or transmit data is subject to PCI compliance. Multifunction printers certainly fall into this category. Devices that scan credit-card-holder data onto a server need to be protected according to PCI stringent controls. So it follows that an organization is out of compliance if it does not take adequate steps to safeguard its printing devices.
Treat printers as mission-critical devices.
Every new printing device should be treated just like any other piece of hardware. It needs security and maintenance and should be covered under specified protocols and rules. IT managers should keep printers on the list of security concerns and develop guidelines and procedures to address ongoing printer security.
Here’s a checklist of steps your customers can take to secure their printing environment:
Secure the device: Printers that are out in the open should be moved to a controlled access area or, at the very least, should be physically secured with a lock that requires a key for removal. Physical ports should be disabled to prevent unauthorized use, and access to preprinted security pages—such as checks—should be controlled to prevent theft or unauthorized use.
Requiring authentication and authorization for access to device settings and printer functions can also help prevent security breaches and reduce printing costs. Options like PIN authentication, LDAP authentication, smart cards and proximity badges are all good ways to control printer access.
When it’s time to retire a printer or return it to a leasing agency, it’s important to remove any data that may still reside in the device’s memory by erasing, destroying or removing the hard disk.
Secure the data: Encrypt print jobs to protect data in transit to the printing device, and use encrypted storage for when documents sit waiting to be printed.
Authenticate users, tie them to their specific print requests and require them to authenticate themselves to a printer before their jobs will print.
Protect documents: Pull printing is an excellent way to avoid printed documents sitting on the printer tray unattended. With HP Access Control Secure Pull Printing and other pull printing solutions, users can print to a secure network, authenticate with ease, and then retrieve the print jobs when and where they choose.
Monitor and manage the printing environments: With utilities that track and record print jobs, companies can monitor usage and audit printing practices. They can identify those workers who may be abusing their print privileges or not following company policies—and discover ways to reduce the amount of printing and save money.
Make printing security a priority for your customers.
As their trusted IT advisor and business partner, provide them with guidance on the solutions and policies they need to implement in order to safeguard their printing resources. The security of their data and their entire IT infrastructure depends on it.