When the Firewall Is Not Enough

 
 
By Karen A. Frenkel  |  Posted 10-04-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    When the Firewall Is Not Enough
    Next

    When the Firewall Is Not Enough

    Some IT managers don’t realize printers must be secured, and those who do don't really know how. But it's a necessary step in an era of rampant security concerns.
  • Previous
    Printers Are Vulnerable to Cyber-crimes
    Next

    Printers Are Vulnerable to Cyber-crimes

    According to Ponemon: 53% of IT managers realize printers are vulnerable to cyber-crimes, 64% of IT managers say their printers are likely infected with malware, 47% have an endpoint security strategy, 56% of companies ignore printers in their endpoint security strategy
  • Previous
    Printers Are Endpoints
    Next

    Printers Are Endpoints

    52% of companies have a policy to secure printers yet only 44% include printers in their endpoint strategy because they don't understand how to blend them in with the overall strategy, government regulation and compliance.
  • Previous
    Little Confidence in Printer Security
    Next

    Little Confidence in Printer Security

    39% of organizations have low confidence in their ability to secure printers.
  • Previous
    Turn Off Unnecessary Protocols
    Next

    Turn Off Unnecessary Protocols

    There are many protocols on devices that are historical or for different needs, but unused ports are potential attack vectors. Any device on a network can be infected, so turn off unnecessary printer protocols.
  • Previous
    Require Printer Passwords
    Next

    Require Printer Passwords

    Printer passwords can prevent unauthorized changes to printer settings on the control panel. If you don't set an Admin password, others can remotely connect to the printer and make changes, preventing it from printing, or installing malware.
  • Previous
    Disable File Access
    Next

    Disable File Access

    People are accustomed to network file sharing on printer disk drives. HP does not recommend that. To prevent unauthorized access to files stored on the printer hard drive, disable file access.
  • Previous
    Manage Firmware Updates
    Next

    Manage Firmware Updates

    Make sure you have secured the ability to update printers so that no one else has access except the Admin.
  • Previous
    Enable HTTPS Redirect
    Next

    Enable HTTPS Redirect

    HTTPS is an insecure protocol. Enabling HTTPS Redirect protects documents being sent to the printer and forces the use of a secure channel redirect.
  • Previous
    Monitor and Measure Printers
    Next

    Monitor and Measure Printers

    Proactively monitor and measure printers so that they stay secure. Make sure the document is printed out to the right person at the right time to prevent confidential documents from leaking.
  • Previous
    They're Not Just Printers
    Next

    They're Not Just Printers

    When buying printers, don't think of them as just printers. Seek companies that have thought about security, support industry standards, and government regulation and compliance.
  • Previous
    Don't Forget About Mobile
    Next

    Don't Forget About Mobile

    Be sure you have a mobile printing policy in place so that you can require authentication and track printing from mobile devices.
 

In the era of the Internet of things, CIOs must apply the same security policies to printers as they do to their IT infrastructure. Statistics of printer breaches are unavailable, but HP estimates that 70 percent of customers do not secure their printers. Man-in-the-middle attacks abound. As an example, university students recently re-routed a professor's tests, printed them in a dorm room, and then sold them. "Organizations do a lot to secure their infrastructure from an IT perspective," said Michael Howard, HP Worldwide Security Practice manager. "Many encrypt entire networks, but they don't include printers. And without authentication, a user can scan, copy, fax—with no record that they were there." More sophisticated OSs mean CIOs should apply the same security to them as to the network, he said. "There are backdoors in endpoint devices that an engineer put into the code in case something needed to be fixed in the field, not knowing that hackers can use that to find their way in," said Shivaun Albright, HP Distinguished Technologist. Here are some highlights of a Ponemon study, "The Insecurity of Network-connected Printers," and HP's top tips to secure your print environment.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...