News & Insights

Blog Entries

Plugging Cybersecurity Gaps: 3 Reasons why Secure Printing is a Crucial Link in the Chain

If you’ve ever wrestled with a jammed printer, or attempted to replace ink cartridges in time for an important meeting that you need print outs for – you know that these devices can cause any number of negative business impacts.

But, when it comes to printers, there are far worse consequences they can cause than simply failing to print or scan.

Many printers these days are as technologically sophisticated as computers themselves. They have internal hard drives which they use to store data, can connect to wireless networks, and of course, are used to create outputs for what can be sensitive or protected information.

Because of all this, printers, while perhaps not the usual suspects – can actually play a pivotal role in cybersecurity. Failing to take adequate steps to shore up the security of your printers can provide all the space that savvy hackers need to infiltrate an enterprise. If you think of your internet-connected devices as a chain, your printers can often be the weak link. While we’re all hyper-concerned about the security of our computers, we are much less worried about the printer we use. But due to their wireless connectivity, they need to be secured just like any other device.

              

As such, here are three reasons why secure printing is a crucial link in the cybersecurity chain.

1) Printers Store Sensitive Information

Most multifunction printers can store the data included in the documents they print and scan. Usually, this is a default setting, and is unchangeable. While this feature provides several benefits in terms of functionality, it also means that enterprises that fail to implement strict security measures, that include printers, are opening themselves up to an array of cybersecurity threats. Print jobs stored within the device’s internet-connected cache can make it possible for hackers to gain access to sensitive business or personal information. In 2017, it goes without saying how damaging a hack can be to a corporation in terms of reputational, operational, or outright financial consequences. What does need to be said, however, is that by storing a repository of potentially sensitive documents, your print environment becomes a target as well – not just other internet-connected devices like computers or smartphones. Which leads us to our next point…

2) Printers are Connected with Your Enterprise’s Wider Internet Network

Hackers spying on documents stored in a printer is bad. But even worse is that it only takes one unsecured device for a hacker to gain access to an enterprise’s full network. With just one unsecured printer, it is possible to leave your entire network open to a nefarious attack through this unprotected ‘back door’.

The consequences of such a breach can be devastating. At the very least, this can open your network to cybercriminals and give them the ability to spy on the entirety of your enterprise. But beyond that, when your entire network is compromised through a single unsecured printer, it can lead to an enterprise level malware, ransomware, or other type of attack that can be truly debilitating. It’s even been reported that hackers have perpetrated ‘mass printer trolling’ attacks, where they clog up the entire printing environment for an enterprise with often bizarre or inappropriate print jobs. While print-related hacking attacks may be less common than email-based ones, for example, they do represent a common weak point in terms of cybersecurity. And it is unwise for any enterprise to assume their print environment will remain safe over time.

3) Not All Threats are Digitally-Based, or Even External

While there’s no shortage of sinister actions that hackers can take with or through an unsecured printing device, other threats come in the form of human error from within your enterprise itself. Document snooping or even incidental theft can be a consequential issue in highly-regulated industries like healthcare, where even a glance at HIPAA-protected information can be infraction-worthy. Similarly, document theft can and does happen, and can create problematic security or compliance scenarios for businesses in many industries. If private health or financial information is accidentally shared within your enterprise through a mix up in the print room, especially in a busy, crowded setting like a hospital where privacy is at a minimum – you can run into print-security issues that are entirely homegrown.

Thankfully, there are steps to mitigate these risks, just as there are with outside threats.

Mitigating Steps

When considering the security of your enterprise print environment, a good first step is to ensure that printers that are connected to your wireless network are up-to-date with the most recent security features. Manufacturers provide updates yearly, or more frequently, and these patches can go a long way toward shoring up your security in this area. If they do not have these features, it may be wise to consider cycling them out in the near future.

Beyond that, it is a best practice to use encrypted connections to send print jobs to your connected devices. Diving down a level deeper, some tips and tricks to that end include changing the wireless network name to something other than the default, changing passwords frequently, and installing devices in the first place that have encrypted hard drive capabilities.

To help prevent document snooping or theft, utilize access passwords, PIN codes, or keycard scanning capabilities that many connected print devices offer today. This way, only authorized personnel will be able to access these documents in the first place, helping avoid issues before they can occur.

Lastly, if this all sounds a bit difficult to manage internally, there are managed print service providers who can handle this work for you.

While printers are not the first device that comes to mind when considering cybersecurity measures to implement, leaving your print environment out of the mix when it comes to this can lead to negative consequences. In 2017, no cybersecurity protocol is complete without including the connected print environment. But by becoming aware of the distinct threats leaving this area unsecured poses, enterprises can take the appropriate steps to prevent them. 

Read our latest news and insights