The average business operates 1 printer per 10-25 staff, implementing print devices alongside print networks and servers, many of which are directly connected to employee workstations and devices.
Device vulnerability is an increasing concern for many organizations, especially as Internet of Things proliferates smart devices, but printers are still an oft-overlooked point of vulnerability. In fact, the Global Print Security Landscape 2019 claims that 60% of all organizations are vulnerable through their printers. The same report suggests that only 27% of printers fall under the category of “truly secure”.
At the same time, printers pose massive risks for organizations of all kinds. Most are essentially small computers, with the ability to network, accept data, and push data to other devices. These features offer a host of conveniences, but also create risks.
Implementing cybersecurity policies to cover risks for printers will help your organization to secure customer data, private employee information, and other forms of sensitive information. It will also work to protect other devices on your network from malicious attack, secure your network, and otherwise prevent breaches and server attacks that could be harmful and expensive.
Printers are Endpoints
Most modern printers are full, functioning computers on their own. IT teams traditionally think of workstations as endpoints, but every IoT device, including multi-function printers (MFPs) qualify. While 65-70% of all attacks and data breaches originate at endpoints, most security experts and most organizations still don’t see printers as endpoints.
One study by CDW suggests that the only way to properly protect printers and other endpoints is to establish strong protective measures. These should include not only firmware updates and antivirus programs, but also predictive security, anti-ransomware, anti-exploit, and automated monitoring to ensure long-term network security.
Networking Creates Vulnerabilities
Printer hacks ranging from the PewDiePie promotion to a hack by Stackoverflowin, who messaged 150,000 printers across the web to alert users of vulnerabilities, have made the news time and time again. While harmless, the hackers related that their efforts, which collectively impacted over 200,000 printers, were largely easy. Both found ports (Internet Printing Protocol IPP, Line Printer Daemon LPD, and Port 9100) enabling printers to start print jobs left open, via device directories, and utilized them using relatively simple code-based exploits.
Network access always increases the vulnerability of a printer. It’s important to go through settings and configure printers to close ports. If your printer is on an open IP address, consider re-routing to a subnet, with a non-routable IP address.
Most printers have access to internal networks linked to servers, workstations, and other IoT devices. Transversal attacks using PostScript, cross-site printing (XSP), Cross-Origin Resourcing, and Printer Job Language can be launched almost effortlessly as a print request and can in turn impact an entire network.
These attacks can allow hackers to access email accounts and passwords, other network devices, networks, servers, and more. They’re also how the U.S. government lost data linked to 170 million registered voters and potentially how Target was hit with a data breach eventually costing $18.5 million in settlement fees.
What can you do about this? Implementing measures to prevent printer access, additional device protection, and implementing security monitoring will help.
In some cases, it may also be important to update outdated printers that don’t allow modern security standards. In most cases, simply preventing devices from accessing a lot of data won’t completely do the job, simply because printers need this information to function and offer value. Instead, you have to create measures that prevent breaches in the first place.
Most people think of fax as a thing of the past, but data shows there are over 46.3 active fax numbers in the world, over 17 million of which are in the U.S. Most of these belong to printers. While many organizations see value from fax, fax is also one of the largest printer risks, simply because hackers can target a printer with nothing but a fax number.
While it’s not always feasible to turn off fax, it is a good idea to review fax as a security risk and mitigate any issues as much as you can. For example, it may be a good call to ensure that any fax-capable devices are not networked to the rest of the organization.
Lack of Traceability
If your organization has 1 printer per 10 people, that likely adds up considerably over your entire organization. Keeping track of printers, print devices, scanners, print controllers, and network servers can be a full-time job for an IT team, despite the fact that they have many other far more pressing jobs to prioritize.
This puts print networks at risk simply because they aren’t up to date, printer firmware isn’t up to date, and security patches aren’t always implemented with any kind of regularity.
Implementing remote management software is one of the easiest ways to improve printer security, simply because you can remotely monitor printer status, install updates as they arrive, and notice changes in printer behavior. This can help to prevent breeches, detect malware more quickly, and prevent software downloads, greatly improving the security of the entire system.
50% of printer breaches result in print job interception, where hackers either copy print jobs to a remote server or directly access data. For many printers, doing so is relatively easy, because print data is stored on default server names, accessible by anyone with the right knowledge and access to the network.
Improving network security, encrypting data, and moving printers to subnets that can’t be accessed externally are some protective steps you can take. In some cases, it also depends on your hardware, software, and whether or not you utilize cloud, but a print security assessment will help you determine how and where issues are cropping up.
Printer users are still one of the largest security risks for any organization, through both accidental and malicious actions. Document theft, document loss, and password theft or loss are often related to users who don’t understand security measures or who don’t follow them.
For example, “empty tray” policies could prevent data theft, simply by ensuring printed documents aren’t left at the printer. And, security standards to prevent users from clicking and printing links, from using potentially compromised USB devices, or changing settings for convenience will greatly improve network security.
In most cases, organizations don’t have the tools or resources to push printer security on an already overburdened IT team. In some cases, integrating printer security will mean increasing that team, in other cases, it will mean implementing third-party services like managed print services. In the case of the latter, risk assessment and reduction are included as part of the service, and will incorporate every aspect of print and print networks