As businesses increasingly rely on technology, protecting sensitive information is a top priority. However, printers are often overlooked as a potential gateway for hackers. To delve deeper into the challenges of printer security and the solutions to overcome them, we spoke with Jackson Jordan, SLED IT Account Executive, Logista Solutions. Keep reading to learn more about the insights and strategies he shared with us!
What is the most common office printing challenge?
Jackson’s response: Security is certainly at the top of mind for everybody, not just in print, but across the board with anything IT related. In printing there are concerns with two things. You’ve got concerns about somebody gaining access to your network through a print device or gaining access to the internal hard drive of that device. Then you’ve also got the risk of gaining access to sensitive information that’s been printed on that device sitting in the device’s tray where anybody could come by and pick it up.
Why is a printer vulnerable to hacking?
Jackson’s response: I think sometimes as an endpoint device, IT doesn’t pay much attention to printers like they would a computer and that leaves them open to vulnerabilities. I think printers are an easy target for a hacker if they’re looking for ways to get into a network or to find sensitive information or admin passwords since they know that IT typically doesn’t pay too much attention to securing those devices. That may be the first place for hackers to go and look for those types of things.
How can you protect print devices from hackers?
Jackson’s response: On an endpoint device, at a very minimum, you need to change your default password to a much stronger one. You need to update your firmware regularly, just like you would on your computers. Most organizations have some type of regular system that they use for updates and a patch management schedule that they use. I think you need to include your print devices in that schedule as well to update the firmware. If you’ve got any printing or network protocols or services turned on that are not needed on the device, you want to make sure that those are turned off.
“Make sure that you segment all the print devices on a separate VLAN. You don’t want to have print devices on a VLAN that you would need higher security on, like your servers. So, separating those off onto their own VLANs would be a good best practice.”
– Jackson Jordan, SLED IT Account Executive for Logista Solutions
I also suggest if you’ve got any old devices that are at the end of manufacturer support, those either need to be disposed of or replaced. When you replace any devices connected to the network I suggest replacing those with a business-class type of device versus a personal device that you could pick up anywhere. A lot of business-class devices have modern security capabilities built into them. Another thing that you could do is make sure that you segment all the print devices on a separate VLAN, you don’t want to have print devices on a VLAN that you would need higher security on, like your servers. So, separating those off onto their own VLANs would be a good best practice.
For anything that has scanning capabilities, I would not use administrator authentication credentials. So, when you set those up for scanning to file or scanning to email, I would not use the admin level authentication because somebody could come in and hack that device and pick up those credentials and could use them to log into your mail server for example. We’d also want to set up policies about storing sensitive information on a device’s hard drive or making sure you encrypt that data just on the hard drive. Also, when you’re disposing of or replacing devices, you want to make sure that the hard drives are either taken out or destroyed or that those devices are erased or encrypted.
As far as gaining access to sensitive information, people are picking up hard copies when you’re printing to a device. There is software out there for secure print release. I suggest implementing that software so that when somebody prints, the document won’t just print out on the device and sit there. Somebody will have to physically go to the device and authenticate and release those print jobs. Policies need to be put in place for shredding documents with sensitive data after they are no longer needed.
What are the benefits of enhancing digital and hardcopy security?
Jackson’s response: I think that by implementing what I’ve talked about, businesses would be able to enhance the protection of their sensitive information. They would also be able to reduce the risk of data breaches. And then it would also help them maintain their company reputation, like in hospitals or in healthcare-type organizations or financial organizations that are highly regulated. If they do have a data breach, a lot of times they have to announce publicly that they had a data breach, and that can ruin that company’s reputation. Putting security measures in place to make sure they don’t have those data breaches is very important from a reputation standpoint. Also, from a financial standpoint, a lot of them may have to pay certain penalties for having those data breaches.
About Logista Solutions
Logista Solutions is a nationally recognized leader in a broad range of technology management solutions. As one of the largest technology support providers in the U.S., Logista provides innovative and holistic solutions to help companies take control of their IT infrastructure and achieve better business outcomes. Popular services include Managed IT as a Service, VoIP and Unified Communications, Managed Print, Cloud Services and Asset Disposition.
