Four Essential Steps to Secure Your Printers
As an IT professional, office manager or business owner, you know that data security is a top priority for your organization. With cyber attacks on the rise, the question is no longer if data will be compromised, but when. One very important area of vulnerability that may not be on your radar is the security of your office printers.
Hewlett Packard research reports that 90% of enterprises say they have suffered at least one data loss through unsecured printing. Organizations take steps protecting data on networks, computers and servers, yet overlook the network printer. A recent Spiceworks survey of more than 300 enterprise IT decision makers found that just 16% of respondents think printers are at high risk for a security threat/breach. Moreover, only around 40% of organizations deploy user authentication and use administrative passwords. The risk is real, as hackers have used vulnerable printers to send messages to a variety of organizations, as you can see in the video below.
Here are four steps to take in securing your printer environment:
1. Conduct a Printer Security Assessment
A basic risk assessment report provides a glimpse into your print security vulnerabilities. A team of secure print professionals can install printer utility software that verifies your fleets security settings against a set of secure policy guidelines. The process will identify and report any non-compliant features.
2. Set Up Authentication Controls and Limit Access
Authorizing printer use only for designated staff using badge scans or pass codes, and tracking printer use is essential in the event of a forensics investigation. Software that implements these processes will show who has been printing, what and how much they printed, when they did it and prevent unauthorized usage.
3. Implement a Secure Release Solution that Eliminates Abandoned Print
In many organizations, people use the "print and sprint" strategy – send a file to the printer and then run so no one sees their output before they reach the printer. Software solutions exist that allow jobs to be held at the server level and not released until the user authenticates at the device via a badge scan or pass code. At that time, the user can choose to print or delete the job, eliminating lots of abandoneed print that may contain sensitive information and lead to a security breach and jeopardize compliance laws. These solutions also allow for automatic deletion of print jobs held longer than a specified amount of time (ie: 3 days or you determine that limit), eliminating confusion at the printer when accessing files.
4. Utilize new technology that constantly monitors printer threats
Instant notification of security issues can prevent potential attacks and enable immediate action to be taken. Newly developed solutions will allow users to:
- Automatically monitor threats
- Detect instrusions
- Validate operating software
Unmanaged printers and multifunctional devices that copy, print, scan and fax are gateways to a breach in your network. It's essential for data protection and organizational security to identify the gaps in print environments and take action to secure all devices.
JT is Loffler's Director of Managed Print Services and the resident baker; he treats everyone to his home-made goodies on Fridays!