While organizations today are spending a great deal of money on network security, they seem to forget about a seemingly innocuous piece of office equipment they use every day…their printer.
As Affinity Enterprises points out, printers are computers, and unsecured printers can put a business’s entire network at risk for cyber attacks. When malware is installed on a printer, cybercriminals can:
- Get access to confidential or sensitive information
- Send unauthorized print jobs
- Initiate a denial of service (DoS) attack
- Gain access to saved copies of documents
According to the Global Print Security Report, 60% of businesses in the US, UK, France, and Germany suffered a print-related data breach in the last year—breaches that cost companies an average of more than $400K.
But financial loss isn’t the only problem caused by printer security breaches. Loss of productivity, a decrease in consumer confidence, and possible damage to the brand can also have a negative impact on the organization.
“Print infrastructure is vulnerable to all the threats associated with IoT devices, but also to risks linked to hard copy output. The number of print-related of breaches reported by the organizations we surveyed is concerning and the lack of security maturity shows that businesses can and should do more.”
So what can businesses do to ensure that their printers aren’t posing a security threat? Affinity Enterprises suggests 4 precautions:
1. Safeguard the Printer
It’s important to secure your printer with a password. Make sure you change the default password when you get a new printer. Alternatively, other options include PIN and LDAP authentication, proximity badges, smart cards, and biometric solutions such as voice recognition, fingerprints, etc.
Printer manufacturers often send out firmware updates as new threats arise, so be sure to keep an eye out for them and make sure they’re regularly being implemented.
2. Protect the Data
“Data is most vulnerable when it travels the network wire to the printer or sits in the printer’s memory or storage,” says Affinity Enterprises. Once a document has printed, the document—or data about the document—should not be stored on the printer.
If you’re printing any information of a sensitive nature, such as payroll, contracts, or confidential company information, it won’t be safe from hackers without encryption. Encryption converts your information into indecipherable code, rendering it useless to anyone who doesn’t have the decryption code.
When printers are retired and returned to leasing agents, the drives and storage should be wiped clean to avoid sensitive information being compromised. This happened in 2010 when a NY managed care plan company’s printers were harvested for confidential information on over 300, 000 individuals—an oversight that cost the company $1.2 million in fines for HIPAA violations.
3. Ensure Document Security Within the Company
Sadly, documents left unattended in the printer tray are subject in inside security breaches. Documents containing confidential information can be viewed or carried off by anyone, which can result in a potential security risk.
Consider initiating pull printing capabilities which allow print jobs to be held on a server or workstation and released only by the user through a smartphone, access badge, or PIN number at the printer. This way, nothing is printed until the authenticated user is there to retrieve it.
4. Only Buy Secure Printers
Hewlett Packard is a good example of a manufacturer that is leading the way when it comes to high-quality, secure printers.
The company offers printing devices featuring unique technologies that thwart potential hackers or initiate a reboot when anomalies are detected, keeping your data and your organization safe from attack.
The next time you’re in the market for a new printer, do your homework to ensure that you get a device that will safeguard sensitive and confidential information.
“Hackers and data thieves are adept at finding creative entry points within the expanded attack surface that our digital world creates,” says Entrepreneur. “And organizations may still be overlooking key weak points in their network. ” One of these week points is the seemingly harmless office printer.
“Modern printers are essentially advanced, specialized network hosts, and as such, they should be given the same level of security attention as traditional computers.”
The Better Business Bureau notes that small businesses lose $79,841 on average to cybercrime annually, and the financial, legal and reputational costs of data breaches continue to rise.
That means security must be a top priority in order to ensure the safety of the data which is being transmitted across networks on printers and other connected devices.
Find out how retailers like you are saving time and making money with the Rain POS system. POS, E-commerce, and Marketing all in one.