PRINTER NETWORK SECURITY
For small- to medium-sized businesses (SMBs), cybersecurity has necessarily become a priority as it has become clear that cybercriminals will target any business of any size – and the consequences of a breach could prove disastrous to an organisation that doesn’t have a large amount of capital behind it. But while the focus of cybersecurity measures is often on IT and the PC and laptop fleet, the printer network also needs careful attention as, given they are connected devices, are just as attractive to cybercriminals as other devices. Yet, as Jonathan Wells, solution consultant, partner channel, at Ricoh UK, notes, printers are often overlooked as network endpoints. “Most IT system administrators assume printers are automatically safe because they sit behind the office firewall,” he says. “However, printers left with factory default settings and passwords or outdated firmware and applications significantly increase the risk like any other network endpoint. “One of the most common threats involve print spooler and legacy protocol vulnerabilities. Many printers leave outdated protocols like File Transfer Protocol, Telnet or older Simple Network Management Protocol versions enabled by default. These protocols can provide attackers open pathways to sniff network traffic or execute malicious remote code.” Jonathan adds that another major concern are physical data leaks, which is the result of user error rather than technical compromise. “Confidential documents may be printed to incorrect devices, left unattended in output trays or scanned to the wrong destination,” he says. “For example, a bank was auditing its retail branch network for information security compliance and discovered multiple instances of completed customer loan application forms that were printed by staff and left in output trays on printers placed in high traffic, customer facing areas.”
Gary Organ, head of device technology sales (office) UK at Fujifilm Business Innovation, agrees that SMBs often overlook MFPs and printers as a device that could be an onramp for a cyberthreat. “The sophistication of a modern print means these are as important as a PC sitting on the network with access to the infrastructure and sensitive documents being the immediate threats,” he adds. Ian Fox, channel solutions and services specialist at Xerox UK & Ireland, says that cybercriminals are increasingly looking for overlooked or underprotected devices that can provide access to a business network,” he says. “MFPs can become a target if they are running outdated firmware, using default passwords or connected to unsupported software. “As printers have evolved into intelligent, network-connected devices, organisations need to ensure they are included within their broader cybersecurity strategy rather than viewed as standalone office equipment.”
Most IT system administrators assume printers are automatically safe because they sit behind the office firewall... “ ”
Hybrid impact One complicating factor in printer network security for SMBs can be hybrid working. Ian notes that hybrid working has expanded the number of locations and devices that organisations need to secure. “Employees may be printing from different offices, shared workspaces or remote locations, creating additional considerations around access control, document security and device management,” he says.
CONTINUED
printinthechannel.co.uk
43
Powered by FlippingBook