It’s not the first thing to pop into your head when someone says “network security” or “business security” and yet, it should certainly be included in any security plans for your IT environment.
In 2020, Cyber Security engineers at CyberNews performed an experiment and managed to hack almost 28,000 printers across the globe, making them print out a guide to securing printers to raise awareness about printer hacking.
There was also the case of the user TheHackerGiraffe who hacked around 50,000 printers one weekend in 2018 and printed promotional content for the YouTuber PewDiePie. There are certainly people out there who are more than willing to take advantage of your insecure print network.
You might be wondering how this is able to happen. To break it down, printers connect to the internet and this means that without the right security in place, you are leaving your business with a vulnerability just waiting to be exploited.
There are 3 levels that need consideration:
The User Level:
Ensuring your staff have good security awareness training is a staple in any business. Making sure documents aren’t left lying around at the printer is often overlooked in a busy work environment, however it is the easiest way of stealing secure information. As we have mentioned before, your staff are your biggest risk and it is your responsibility as the business leader to ensure they are properly trained so as to keep your business secure.
The Device Level:
It’s always best practice to password protect your printer. This can defend your network against any cybercriminals looking to use your printer as a back-door to your business. Should they be able to gain access to network information, this could then aid them to accessing the rest of your system. It can also prevent them from getting any stored sensitive documents or data from your printers memory. It’s best to use a passphrase or generated password when changing the default admin credentials. Rename the default administrator account for the device as well as update the password. This drastically reduces the attack surface due to not having a publicly known default value. You can also set up a PIN system so all your staff have individual log ins.
Make sure all devices have the latest firmware updates as any new update will ensure that any security vulnerabilities the manufacturer has found are blocked up and not available to be exploited.
The Network level:
The two main points on the network level are policies and locking down the IP addresses. You or your IT support team will be able to set policies so that no one without a password will be able to access the printer. You can also ensure that your printer does not accept any IP addresses that are not on an approved list. This will stop anyone from outside your network getting into your device. It is also recommended that any print or IoT devices be segregated from the core network, allowing only the necessary traffic to transverse networks to perform their role.
If you’re unsure whether your printer is secure, get in contact with us at ONGC and we will be happy help review your print arrangements. Remember to complete regular security reviews with your IT provider.
Call 1800 664 248 to schedule your security assessment today!