Security is becoming a huge issue with customers realising (sometimes too late) that all devices on the network are a risk and vulnerable to a cyberattack. As devices become more of a central information hub, they need the same level of protection that is given to your major servers. Trevor Clarence, head of professional services at ASL Group advises why securing network printers should be seen as a key part of an organisation’s overall security strategy.
Is printer security being taken seriously and are companies really aware of the risks?
Many organisations that we speak to, while they are aware of the risks, don’t consider implementing solutions to mitigate those risks.
The growth of IoT devices and their security vulnerabilities has certainly helped to raise awareness of the risks associated with connecting any device to a corporate network, but there is still a lot to do to drive home the message around network printers.
According to IBM, the global average cost of a data breach last year was $3.86 million. And on average companies spend around 10% of their IT budget on security, reports Deloitte. By investing more money up front, businesses can mitigate the huge reputational, operational and regulatory costs of a cyberattack.
Do you think the PewDiePie hack brought print security higher up the boardroom agenda?
The individual who was responsible for the PewDiePie hack claims it took him just 30 minutes to create the script that attacked 50,000 printers. The attack could have been malicious, but all he did was print out a message. The perpetrator claims that he did it to highlight the open network port vulnerability on hundreds of thousands of printers worldwide.
While PewDiePie received a lot of publicity, and some customers got the message, it is not certain that any single attack will ensure printer security gains traction in the boardroom.
Can anyone be hacked?
Yes, they can. Lots of organisations work hard to stop cyber-crime but many are not aware of their network vulnerabilities and the techniques that hackers use, therefore they are not protected.
We have recently been approached by a business, following a serious network intrusion (Emotet-TrickBot trojan ransomware) attack across their whole network. We advised on a secure printing infrastructure and recommended an ‘Isolated Printer VLAN’. With this configuration the print server acts as the MFD gateway so there is no direct access to the internet or any other device on the network. We carried out multiple security configurations including hard disk drive formatting, enabling user management and administration authentication management. By Host Hardening each MFD it reduces the opportunity for attack.
What can companies do to protect their network?
There are certain measures businesses can take to help secure their network and close any potential access points that printers may create. For example, ensuring that all printer firmware is kept up to date, carrying out an audit of IT assets and creating a plan to improve the security of printers and Multi-Function Devices.
Use a specialist printer management service that will ensure that patches are updated on all printers as and when they become available, passwords are changed and managed effectively, and all the other general best practice measures are taken. If companies don’t have the expertise in-house, invest in a partner who can ensure systems are secure from attack via networked printers.
The current print environment can be enhanced by using print release from existing ID cards or limiting how a user can print. This also helps businesses comply with GDPR. Look out for a printer management solution that supports full data encryption and ‘follow-me’ printing, so that confidential documents won’t print until the user authenticates the device.
What steps have you taken to educate customers about print security risks?
While some manufacturers are proactively educating the market around security, it’s really down to suppliers, who are trusted by their customers, to advise them on how to secure their existing infrastructure and equipment upgrades. Because we work with multiple printer manufacturers, we understand the differences in how all devices manage security today.
We ensure that our professional services team is formally trained in the latest IT security measures. We work with customers to identify their current security position – only then can we offer advice and support them in improving security for print devices. By seeking independent advice, customers can be sure that a security solution will work across their entire estate – whatever print devices they use.