HP: Is your printer secure?
Mathew Thomas, VP and MD of Printing and Personal Systems Middle East, discusses the blind spots around printer security
Most thieves look for points of least resistance to get at your goods. They love easy marks, such as open doors and windows, unattended purses or keys left in automobile ignitions.
When securing a network, computers and servers tend to be the first technologies to be ticked off within any IT infrastructure, and most companies ensure that some security software is active on servers (including email), workstations and mobile devices.
It's the "behind-the-desk technologies" like printers that are often forgotten. In fact, in a recent Spiceworks study conducted on behalf of HP, only 18% of IT professionals surveyed consider printers to be a medium or high risk for security threats or breaches. This is despite the fact that, according to the Ponemon Institute, 92% of Forbes Global 2000 companies reported data breaches in the past year, with the average annual cost to resolve a cyber-attack amounting to $7.7m.
Printers it seems are security blind spots, which can leave organisations' networks and data dangerously exposed.
The year, 12 printers at US colleges were breached. The result? A stream of racist hate fliers spewing into printing trays. And the culprit? A hacker who had identified 29,000 printers that were connected to the Internet and could be exploited through an open port and then automated to complete any task he chose.
But the hacking of network connected printers doesn't stop at rogue print jobs. For example, cyber attackers can use printers to transmit faxes, change a printer's front panel readout, or settings, launch denial-of-service (DoS) attacks to lock it up, retrieve saved copies of documents or intercept data as it's electronically transferred to the printer.
Most worryingly of all, an unsecured printer is a gateway to your network, and can give hackers access to sensitive, private or confidential data. In one particular case in Denmark, a company was held at ransom, after a hacker entered through an unsecure printer and froze the company's entire IT system.
The threat of cyberattacks will continue to grow as global data mushrooms and the number of connected devices and entry points grows. In fact, in 2014, according to Forbes, companies reported a 48% year-on-year increase in cyberattacks on their networks. Yet security breaches or data loss can also occur from internal threats to unsecured printing. For example, sensitive documents being stolen from output trays or accidently being seen or picked up by the wrong person.
The changing regulatory environment, as well as cyberattacks and employee fallibility, regulation is also compelling companies to think differently about their printer security.
The EU General Data Protection Regulation (GDPR) now means much higher fines for any company who fails to keep EU citizens' personal data safe- regardless of where that company is based. For some breaches of the GDPR, companies could receive fines of up to 4% of global annual turnover or €20m (whichever is higher).
So when faced with external and internal threats to printer and data security, what can you do?
The 3 Ds of printer security: securing the device, data and documents. Any failsafe print security plan needs to address the document and data but that's not enough as the device is at risk as well.
Securing the device: reducing the threat of malware and cyberattacks is key to securing the device. At HP we've just designed our latest portfolio of HP LaserJet and PageWide Enterprise printers to offer increased protection against these threats. For us, this means detecting and thwarting malicious BIOS attacks, whitelisting which helps ensure only known, good firmware can be loaded and executed on a printer; and run-time intrusion detection, providing in-device memory monitoring for malicious attacks and detecting anomalies.
Securing the data: authenticate, encrypt and monitor, as well as securing printers from external threats, you need to protect the data. This should include user authentication when printing from either a PC or a mobile. This ensures that any user identifies themselves prior to using printers or changing printer settings. This can be done through PINs or other verifications and can eradicate the risk of the wrong person picking up a document.
Data encryption protocols can also prevent jobs and documents from being intercepted while travelling across a network or within the memory on the printer. Using advanced security controls and authentication through PINs, biometric solutions or smart cards that have to be used before access is granted, can also secure a device's control panel. The latest HP Enterprise printers with LaserJet and PageWide technologies will also automatically monitor for attacks, send information to the company's security event monitoring system and initiate self-healing through a re-boot if the device is attacked, further protecting the device.
Securing the document: compliance and anti-counterfeit. The use of managed print services solutions can also help you develop and implement a security plan that keeps apace with changing regulations and threats. This can also include pull printing and workflow solutions that can eradicate user behaviours that put hardcopy documents at risk. Pull printing works by allowing a print job to be stored on a protected server and only activate it once the sender of the print job identifies themselves at the printer.
Printers installed with physical locks and shielding on input trays can also help prevent theft, loss, tampering or forgery of hardcopy documents. According to the Ponemon Institute nearly 65% of breaches are accidental, or due to employee negligence or business process failures, so pull printing and physical protection could eliminate behaviours that may be putting your data at risk.
Defending your network improving the security of networked printers involves securing devices, data and documents. It's only by adopting this kind of comprehensive approach that you can improve protection against malicious hacks, accidental internal breaches, and the reputational and financial ramifications of regulatory noncompliance.