Just like any office equipment, printers are vulnerable to attacks from threat actors, be it denial of service, information theft, or botnet compromise. Despite this, findings show that they tend to be overlooked when implementing safety regimens in the workplace. Printers were found to be low on the security agenda for many US and European organisations, which tend to focus on securing their cloud or hybrid application platforms, email, public networks, and traditional endpoints instead, according to latest research from Quocirca.
This has resulted in 68% of organisations reporting print-related data losses in 2021, with an average breach cost of almost £632,000.
Despite many organisations gearing towards the paperless office, the number of printers has actually increased since the start of the pandemic and is constantly growing, according to Quocirca research director Louella Fernandes. One of the reasons for this is the rise of the remote and hybrid work strategy, which saw workers purchase home-based devices for work purposes. Although there are many benefits to working from home, many of the home-based work printers lack necessary security precautions, this creates a welcoming environment for cyber criminals looking to target organisations through a less-obvious endpoint.
“Printer estates have expanded to include home offices and employee-purchased devices, increasing the risk of accidental data loss and cyber attacks. Organisations are finding it harder to keep up with print security challenges and they are suffering costly breaches as a result,” she warns.
The past year has witnessed the rise of several print-related vulnerabilities which were enabled by even the most basic printer models becoming equipped with advanced capabilities. According to Fernandes, this increases “their potential to be weaponised by bad actors”.
Printer security best practices
While a serious threat, there are steps your organisation can take to secure your printers and avoid expensive data leaks. Here we explain the three best ways to secure your business printer: from access controls to software updates.
How to secure a printer with user authentication
Enabling features that require employees to enter a PIN or swipe their security badge at the printer to authorise a print job ensures confidential documents don’t get left in the tray. It also keeps documents from being accidentally reprinted, which in turn saves paper and money.
How to secure a printer with data encryption
Employees frequently print documents full of sensitive information. If printer data is not encrypted, this information flows unprotected over the network. Since printers provide an unassuming access point to the network, this means that data is exposed.
Encrypting data in transit from endpoints to the printer will help prevent this from being a problem.
How to secure a printer’s firmware
Updating the firmware, which is the programme installed on a printer when it’s manufactured, is a basic precaution that often gets overlooked. But keeping the programme up to date is an easy way to catch vulnerabilities and help secure your fleet.
Keep in mind, though, it takes time and resources to review, test and implement new firmware for a whole fleet of printers, which is one reason why it often doesn’t happen as frequently as it should.
Finally, when buying your fleet, consider printers that have built-in security features, as printers are more difficult to secure after they’ve been bought and shipped.
Building data-driven government with …….