The issue of printer security isn’t a new one. Businesses at risk for social engineering have been hearing reminders from security personnel about the importance of maintaining tight controls over physically printed documents for decades. But what many fail to realize is that even a company that jealously guards its printer trays and enforces prudent shred bin practices can still be wide open to attack as a result of poor wireless security measures.
Multifunction printers are just as susceptible to viruses, malware, and hacker attacks as computers. Maybe even more so, and not entirely because printers aren’t seen as typical hacker gateways. The reality is that many of today’s workplace printers are connected to wireless networks that enable employees to send print jobs to centrally located print stations. It’s the very nature of these wireless connections that renders any data sent to a printer via Wi-Fi vulnerable to interception from outside forces.
Even after a document has been successfully printed, the risks are still present. In fact, one of the greatest security risks companies face in these scenarios lies in the printer’s inherent ability to store print jobs in its internal queue, even after the printing has been completed. This could give anyone with the ability to hack into the wireless network the ability to access and view highly sensitive internal information—and turn around and use that information for their own financial gain, or for the gain of a competitor company.
Maintaining an encrypted connection between workstations and printers is critical. This is why it’s important to ensure all internal Wi-Fi connections are safeguarded with WPA2 encryption and that other wireless security measures are closely adhered to. But even this may not be enough to keep prying eyes with ill intent at bay.
Businesses that want to exercise strict control over access to their internal data should take further steps to ensure their printers aren’t inadvertently leaving the proverbial back door open. These extra steps include:
- Disabling all physical ports to ensure only authorize persons have access to the printer and its functions.
- Relocating company printers to more secure areas that can be easily monitored and locked down during off hours.
- Ensuring the printer is only configured to allow access from preapproved devices and your company’s network.
- Installing firewalls to block internet access to the printer.
- Disabling automatically enabled protocols like FTP, which can give someone with the know-how to do so the ability to use a printer’s internal hard drive as a server to house non-work-related data.
- Routinely downloading software patches provided by printer manufacturers. This requires a strict adherence to following a calendar of regular maintenance to make sure software is kept up to date.
- Following strict protocol that requires employees to have special permissions to send print jobs over Wi-Fi.
- Accessing the printer’s internal settings and turning off or disabling its ability to store print jobs after they’ve been successfully completed. This is also known as automatic disk wiping. If it’s decided that print jobs have to be stored for any period of time, companies should seek out a printer with the capability to encrypt stored data. The internal hard drive should also be wiped any time the printer is returned to the manufacturer for service, or when it’s retired and recycled or returned to the leasing company.
- If the printer is equipped to do so, password protection, PIN authentication, or smart card access should be enabled for all print jobs. This is an extra step that may seem like an inconvenience to employees, but it can go a long way toward keeping “eyes only” documents from being left unattended in the printer’s feed tray and falling into the wrong hands. By enforcing PIN authentication, print jobs will not be physically printed until the requesting employee has keyed the digits into the printer, therefore ensuring they are present when documents are produced.
- Making use of administrative features that record all printer activity. This can be especially useful in the event that a security breach does occur, it will be possible to trace the originator. At very least, it can be helpful in identifying inherent weaknesses in the company’s print chain.
- Seeking out printers that focus heavily on security measures, including features like built-in firewalls that can prevent unauthorized access. Additionally, physical ports on a printer may be disabled to exercise greater control over how it is used.
Today’s wireless work environments have the capacity to boost productivity while decreasing employee work load. But without a culture that places heavy emphasis on wireless printer security, those same conveniences could pose major threats.