Nearly every organization owns a print fleet, yet for many, that fleet is left out of cybersecurity risk analysis. In 2019, the Global Print Security Landscape shows that 11% of all cybersecurity incidents are print related, but only 29% of SMBs even include printers in cybersecurity analysis.

Printer security is hugely impactful for many organizations, not only because printers have access to sensitive print data and print logs. Most are also directly connected to servers with backups and may even have full access to servers.

This 6-step checklist will help you analyze print security and hopefully close some gaps to reduce cybersecurity risks.

Depending on your organization, you may also want to invest in a full print security analysis and take further mitigating measures such as implementing pull printing, encrypting printers, and limiting physical access to printers.

For most organizations, the following 6-steps are a very good start to printer security analysis.

1) Review Printer Security Settings

Every printer comes with default settings which should be changed and updated by IT. Ideally, this can be done remotely through a single print management program. Many organizations either skip printer security settings altogether, or start out on track and slowly fall behind and new devices are added, sometimes without consulting IT. However, failing to update them can result in a breach.

  • Change default passwords such as for administration control web pages
  • Close ports to prevent remote access
  • Turn on automatic updates or ensure you can update remotely
  • Close USB access ports on the device to prevent uploading viruses from BYOD

In some cases, you may also be able to use the base printer settings or the settings in your print management program to limit the printer from pulling files from the server, rather than only accepting pushed files. This can be important if the device is hacked, because it will mean the printer can’t actually access the server, only the other way around. Quocirca estimates that 60% of organizations use generic administration account names and default passwords on printers.

If your printers retain their base settings, nearly anyone with knowledge of the model can access the web page and access the printer and your network. This is especially true if you leave ports open, which essentially allow remote devices and servers to request and gain access with no administration approval.

2) Automate Firmware Updates

Firmware updates and security patches are often pushed in response to a major vulnerability, but many organizations fail to install them. Without remote printer management, finding and installing firmware updates can be time-consuming and costly for IT teams. Yet, HP tested over 1.2 million printers and found that 55% were behind on security patches.

If you don’t have a way to automate or remote update firmware, your printers are likely a major cybersecurity risk.

3) Implement Antimalware and Firewalls

It’s important to ensure that your network and individual printers are protected via antimalware and firewalls. The Quocirca Global Print Security Study suggests that 64% of organizations have had printers infected with malware at some point, with many IT managers believing that some devices still are. Printers often have the same risks as computers, especially if they allow incoming network connections outside of VPN.

  • Install network-based anti-malware
  • Install device-based anti-malware
  • Implement firewalls
  • Use automation to detect unusual activity on the network and automatically shut down printers or isolate them from the network.

How much security should you implement? In most cases, if your network is secure and you have anti-malware and scanning in place, you can stop there. If your organization faces additional risks, you may want to ensure you have stronger local anti-malware and firewalls in place.

4) Install or Automate Monitoring Threat Log Management

Monitoring and threat logs are important for ensuring you can quickly identify what went wrong, why, and where. Most printers offer basic print logs. Most print management solutions also offer complete user access management with change logs, print logs, activity logs, and user access logs. If something goes wrong, automated monitoring should be in place to detect problems as quickly as possible so that devices can be isolated and cut off. And change and threat logs are important for identifying where the issue happened, isolating the source, and hopefully preventing it from happening again.

5) Implement User Access Management

Many organizations want to avoid user access management because they trust their employees. At the same time, most employee-related cyber security issues are accidental. If you can’t track which users are doing what and when, you also can’t tell when a user account or device has been compromised or isolate where a problem might have come from.

User access management also allows further security protocols such as pull printing, where files aren’t printed until the user reaches the printer and requests files with a pin code or badge. It also supports restricted printer access, where users must have an account in the printer’s system in order to access the printer at all. These policies may be too much for many SMB’s, especially if you have a low risk profile, but can greatly reduce risks in organizations handling sensitive data.

6) Review Employee Practices

Employees will always be one of your largest printer security risks, simply because printer usage practices impact security a great deal. Here, some key considerations include:

  • Is printer access left open on computers when employees get up
  • Are print files left in trays or open on desks
  • Do employees bring their own devices? USB drives?
  • Do employees access remote printing from unsecure networks?
  • Do employees update their devices
  • Are employee workstations and devices properly protected with antivirus/antimalware and firewalls?

Employees can accidentally generate print related risks, usually by forgetting or lapsing on security protocols, and sometimes because there are no security protocols in place. The lower your employees score on secure printer usage practices, the more at-risk your organization is.

While printer security means a lot of different things depending on the organization, it’s almost always a good idea to improve it. A breach, even through a printer, can be significantly costly, damaging to your reputation, and may result in data loss across the organization.

For some organizations, implementing managed print services is the most cost-effective way to access central printer management, automation, user access management, and greater network control.

For organizations with existing tools in place, doing so may only require reviewing what you have, changing settings, and ensuring that your organization stays on track.