Printers can be your companies biggest security risk
Multi-function devices (MFDs) are starting to strongly resemble your PC, containing hardware, software, internet, e-mail and network access. Whilst this has a phenomenal effect on productivity, reduced wastage and workplace efficiency, it also leaves organisations open to major security breaches if it isn’t carefully managed and maintained.
A team of research academics recently published a report identifying key elements of printer vulnerability, demonstrating where hackers could gain access to printers and siphon out documents, using the printer memory. Subsequently, a hacker successfully accessed 150,000 printers, alerting the owners to the lack of security settings on the devices. In the digital age we live and work in, it is surprising how many organisations still don’t have effective control over the security of their data, documents and MFDs.
Machine-generated data, including printer data, is a key driver in the growth of the world’s data, which is projected to increase fifteen-fold by 2020. In fact, IDC predicts that by the end of this decade the globe’s data will stand at 40ZB, with machine-generated data representing 40% of that. Furthermore, they expect that by the same year, 25 billion connected “things” will be in use – up from 4.9 billion five years previously. This includes the explosion of tablets, mobile phones, wearable technologies and so forth. With this rapid rate of growth, there is of course further opportunity for cyber crime through unprotected, or under protected, contact points in the system.
The cost of resolving a breach can be enormous and whilst a breach might be due to a deliberate cyber attack, it might just as easily be an accidental internal breach, or a regulatory or legal non-compliance issue. Yet printers continue to be frequently overlooked as a priority, falling far behind PCs, mobile devices and servers. A 2015 survey showed that only 18% of IT professionals considered printers to be a medium to high risk, versus 91% for PC devices. In fact, only 44% had any security in place for network-connected printers.
Old printers are still a huge risk!
Another security risk which is often neglected is the safe disposal of print technology. There has been many stories published in the media of highly secure information being made accessible from old print devices that haven’t had their data destroyed properly when being disposed of.
Often, sensitive documents are left in print queues or stored on applications and are forgotten about. Just like with PCs or mobile devices, when print technology becomes unnecessary or redundant, organisations should take care to erase the data from the machines in the correct and safe manner.
Tips to keep your data safe
There are a variety of different ways to make sure that your company data is protected as our society continues to grow digitally, so here are a few straightforward steps:
- Many MFPs can be fitted with hard drive encryption and data erasing software, which prevent data from being stolen directly from the hard drive.
- Pull printing, also known as user authentication, means that documents are only printed when the user is at the device, limiting the number of private documents left lying around.
- Integrate print into your security strategy, ensuring that you address it at the same time as the other technologies within your workplace.
- Training: accidental breach isn’t uncommon, so make sure all of your users understand and conform with data protection mandates, encouraging responsible and secure behaviour.
If your print technology is not secure or you would like to find out more about how you can protect your print infrastructure, get in touch with us today.