You probably don’t think of your printers, scanners, faxes or copiers as risky. They generally look rather innocent – more functional than harmful.
But the documents they produce, the files they record (even temporarily) and the way they’re configured can all make them a major security risk. And the very fact that we often overlook our document-related devices can make them even more vulnerable.
Let’s start with the documents they produce. First up, a third of printed documents are never collected. What’s on those documents? Who gets to see them? And where do they end up? What’s to stop someone scanning what they find to create their own digital version?
Even if they’re part of the 45% of documents that are thrown away the same day, let’s hope they end up in confidential waste – and not the bin outside the office, which anyone can root through.
There’s an irony here. Companies invest millions on the security of a central IT infrastructure; then they let anyone print a document and walk out of the door with it.
I’ve seen this myself with our customers at Fujitsu – we’ve had clients where senior managers have left their businesses holding sensitive information. They’ve not been able to email it out of the business because of firewalls, they’ve not been able to save it to a USB stick, but they have been able to print it and walk out with a hard copy.
There’s a solution to abandoned print jobs: ‘secure release’ printing. This means employees need to authenticate themselves before they can print a job. They might do this with a password, a swipe card or – even better – a biometric sensor. For example, Fujitsu can fit palm-vein sensors to printers to recognise authorised users.
Plugging the gap
Secure release is exactly the kind of solution you can put in place with a managed print service (MPS). With MPS, an expert provider assesses how you currently use documents, and how you could change this to be safer and more efficient.
When Fujitsu creates an MPS, it puts rules-based printing in place. This controls who can see, create, edit or print particular documents. Considering 90% of large companies have lost data through unsecured printing, it’s worth taking precautions.
The weak spot in your network?
Physical documents that go walkabout are one thing. But what about the cyber threat?
If a hacker wants access to your network, he will scan it to look for vulnerable devices. Once he finds a device, he tries gaining access with default passwords. If the vulnerable device happens to be a fax, copier or printer, that’s what he’ll hack.
Should he gain access, a hacker can then:
- flood your network with unwanted traffic – slowing it down so people can’t work (denial of service)
- reroute print jobs to another printer on the internet (including their own)
- access jobs stored in the printer’s memory
- use the device to launch further attacks.
So, is your printer’s firmware up to date? Have you changed your printer’s passwords from the default? The less interest you take in your networked printers, the more interesting they become to hackers.
My colleague Alex Brown, from Fujitsu’s MPS practice, cautions: “If you just take a printer out of the box, give it an IP address, and don’t take any other security measures, it can create an easy way in to your network. No IT system works in isolation. An MPS ensures you have the most up-to-date software and a print environment that integrates with existing IT.”
Take another look at the copiers, printers and scanners around your office. Do they still look so innocent? With an MPS, you can take care of how your company interacts with documents with a single contract. You control costs, streamline processes and, most importantly, secure your organisation.