With security concerns surrounding so many technologies, it is easy to overlook printers as a potential source of data breaches.
Yet a November 2015 survey by IDC found that more than half of the companies surveyed had experienced at least one printer breach in the previous year. What’s more, the survey suggests, many organizations could do a better job of keeping printer security on their radar.
Printers in state and local government, of course, may receive, process, store and print sensitive data, from financial data to personally identifiable information. Accordingly, they represent a golden opportunity for attackers who want to commit data breaches, achieve financial gain or inflict reputational damage. In addition, networked printers can be a gateway to a municipality’s or state’s entire system.
Certain threats to printer confidentiality are strictly local; for example, someone stealing an unattended printout or gaining access to a printer’s storage to harvest sensitive data. But most threats can be either local or remote.
Many attackers use malware, printer attack tools or other means to compromise printers through their network connections. Once a hacker succeeds in compromising a printer, he or she can use it for many purposes. The most common aims are gaining unauthorized access to any information being sent to that printer and using the printer as a starting point to infiltrate connected systems. Given these risks, agencies should take stock of printer-related concerns and develop a realistic plan to address them.
New models offer a suite of security features, such as those listed below, that agencies can deploy for quick, inexpensive protection.
Although many older printers lack the most current security features, their comparatively fewer vulnerabilities can offset this deficiency. For example, a particularly old printer might not have any storage. Because there is so much variability among printer models in terms of their vulnerabilities, how severe these weaknesses are and how they can be addressed, it may be necessary to separately assess the risk for each printer model.
SOURCE: IDC, "The Business of Printer Security," November 2015
Staff usually can’t add technical security controls to older printers, so they may need to choose the best alternative course of action: add manual procedures to reduce risks to an acceptable level; replace older printers; or accept the risks and change nothing. Given the potential cost of a data breach stemming from a compromised printer and the labor involved in manually assessing and securing a fleet of printers, replacing older machines is often the most cost-effective strategy.
Agencies want to ensure that officials, employees and, in some cases, citizens can utilize their printing services. Increasingly, this means allowing printing from any type of device and any network location. Some agencies allow workers to print from their mobile devices on cellular networks and from cloud-based services and applications. Unfortunately, this degree of availability can make printers readily accessible to remote attackers, greatly increasing the risk of compromise and misuse.
Most printer manufacturers don’t intend for their products to be publicly accessible. Whenever possible, printers should be behind firewalls that prevent or restrict direct access. If an agency wants a printer to have broader access, then it’s important to develop plans for dealing with the potential consequences that may occur.
The risks related to networked printers can be easy to overlook, but they are also among the easiest loopholes to plug, given the proper tools and procedures.