- December 9, 2020
How to Identify Enterprise Printer Security Vulnerabilities
Companies today have more data with more ways to analyze it than at any other time in history. This creates both competitive advantages and security weaknesses. This increase in data paired with a remote workforce shift opens up more points of attack for malicious actors. This risk is especially true for large companies that handle significant volumes of sensitive data with teams spread across diverse geographical areas.
While many organizations spend vast amounts of money to keep data secure, they often overlook an important risk category: printer security vulnerabilities.
The old-fashioned office printer has moved aside for fleets of internet-connected multi-function devices. These machines come with many advantages, but they also increase the attack surfaces for cybercriminals looking to disrupt operations or steal sensitive data.
In a recent study by the NCC group, security researchers tested popular models from six of the largest enterprise printer manufacturers. They found security vulnerabilities in all of them.
In this article, we’ll take a look at the most common security vulnerabilities in printers. We’ll also explore some of the most effective ways to mitigate printer security risks.
Three Main Attack Vectors
These attacks may seem varied, but all attacks on enterprise printers focus on three primary attack vectors: devices, data, and documents.
Cybercriminals exploit security weaknesses to carry out denial of service attacks that cause printers to crash. They can also cause physical damage to the devices. Another favourite tactic is to use internet-connected printers as a back door into the company network. Once they’re in, these criminals can steal information, route print jobs outside the company, and infect other devices with malware.
The biggest prize for cybercrime organizations is sensitive company data. They often access it by attacking print software to spy on print jobs. Cybercriminals can forward the data to external accounts, replace print data with new content, and delete data so that it is never printed. Another widespread attack is to use printing software to send fraudulent emails containing malware or spyware to company email addresses. Fax data delivered to a printer over telephone lines is also vulnerable to attack.
Proprietary documents are often left sitting on office printers for long periods before being picked up, and sometimes they’re never picked up at all. These abandoned print jobs can be a significant problem for organizations with a large remote workforce who may print at many different locations as they travel. Abandoned print jobs are both wasteful and a severe security risk. Sensitive documents left sitting on the printer can be stolen or copied and replaced without anyone noticing the theft.
Printer Security Solutions
Security professionals are just as creative as attackers. There are solutions they can use to protect their organizations across each of these attack vectors.
Device security starts with firmware assessment tools. The most advanced solutions include self-healing BIOS protection, whitelisting, self-healing network anomaly detection, and run-time intrusion detection. These tools automatically assess the printer firmware and memory to check for malware intrusions and other anomalies. If anything is detected, the firmware is reset to a secure state. To find out if your print fleet has firmware assessment tools, you can do your own research on the printer models in use or have a print assessment done by an MPS provider like WBM.
Encryption and access control are crucial to protecting printer data. Strict access controls including regularly updated passwords keep hackers out. Strong encryption of all data passing through the printer protects company data during a security breach. Other best practices include erasing secured storage so that attackers cannot steal information after a device is decommissioned. Another effective solution is to eliminate fax lines in favour of more secure fax over IP (FoIP) solutions.
Follow-you-print protects essential company documents. This solution allows users to release print jobs to a secure network. The documents are not released to a printer until the user walks to an approved device and enters a personal authentication code, taps a card, or uses a form of biometric scanning to prove their identity.
An essential benefit of partnering with a best-in-class MPS provider is their expertise in identifying and mitigating enterprise printer security risks. At WBM, we have a dedicated team focused on enterprise secure print, fleet management and security solutions, and cloud and on-premise fax solutions. Our team considers the security of our customers’ print devices and data a top priority. We design custom print security plans that are compatible with the most up-to-date and advanced solutions on the market.