While many organisations don’t feel that printer security is a threat, ASL’s Managing Director Nigel Allen outlines why they could be putting themselves at risk.
Within the last year, 55% of businesses in the UK have experienced a cyberattack an reported the cost of dealing with such an incident on average is £200,000.
Increasing in both sophistication and scale, the threat of cybercrime is rising and is crippling businesses of all sizes. Securing your printer fleet is a priority that should be a key part of an organisation’s overall security strategy.
Whether carelessly or maliciously, employees act as the greatest threat to network security. Opening phishing emails, connecting unauthorised devices to corporate networks and creating poor passwords are all key issues in network printer security.
Often low down on the list of priorities, many organisations don’t feel that printer security is a threat, especially small and medium sized businesses. More concerned about malware and firmware vulnerabilities, companies enforce tight IT security policies yet ignore their printers suggesting that the severity of security risks in print infrastructure is not being taken seriously. With the rise of the Internet of Things, IoT devices including printers, employ powerful processors and run increasingly advanced operating systems making them highly vulnerable to an attack.
There are a number of measures businesses can take to help secure their multi-function devices. Ensuring that all printer firmware is kept up to date, disposing of printers correctly, carrying out an audit of IT assets and creating a plan to improve the security of printers and multi-functional devices are all simple steps that will help to protect your devices.
Current print environments can be enhanced by using a print release from existing ID cards or limiting how much a user can print. Looking out for a printer management solution that supports full data encryption and ‘follow-me’ printing will assure that confidential documents don’t print until the user authenticates the device.
For businesses without in-house expertise, using a specialist managed print service will help to ensure that patches are updated on all printers, passwords are changed and managed effectively, and general best practice measures are put in place. Partnering with a trusted MPS supplier that offers a comprehensive cyber security solution will help to save time, reduce costs, increase efficiencies and provide peace of mind.
A client of ours recently suffered a serious cyber-attack that resulted in network intrusion across all sites. Hackers used Emotet, a malware that fools users into infecting endpoints through phishing emails.
To isolate the complete network, ASL ensured that all devices were disconnected and then tested each device to ensure that they were free from any malware. We then devised a cyber defence strategy to minimise the risk of future threats and recommended that our client used an isolated printer VLAN to create a secure printing infrastructure. This helps to protect the corporate network against another attack, as it prevents the device from having any direct access to the internet or any other network device.
We also carried out a number of other security measures including the ‘secure release’ feature that ensures print jobs are only released when the user is next to the printer, eliminating waste and preventing documents from ending up in the wrong hands. Our client’s network infrastructure is now configured as securely as possible and downtime of their business was kept to a minimum.
Printer security should be taken extremely seriously and investing in the latest technology and ensuring that employees are properly trained, will dramatically mitigate the risks.
Read the latest edition of PCR’s monthly magazine below: