Print in the Channel - issue #9


Safe from harm Cybersecurity threats are growing for businesses of all sizes, and steps must be taken to ensure devices such as multi-function printers are kept as safe as possible – something resellers have a crucial part to play in.

Businesses of all sizes and in all sectors are facing more cybersecurity threats than ever before. Quocirca’s recent Global Print Security Landscape Report 2023 found that IT decision makers are less confident in the security of their print network than they were a year ago. Only 19% are completely confident that their print infrastructure is protected from security breaches and data losses today, a drop from 23% in 2022. Multifunction printers (MFPs) are an important part of the print network of many businesses and keeping them secure plays a vital part in keeping the wider network secure too. But keeping them secure is a challenge. “If we follow the core security principle of protecting ‘product, policy and people’, MFPs present several security challenges, not least at a time when print has been identified by hackers as a prime target,” says Steve Holmes, EMEA & Americas regional director and GM, PaperCut. “From a product perspective, unsecured, web-connected MFPs provide bad actors with a viable entry point to an organisation’s network and to all the confidential information that resides within it. From a policy perspective, not setting rules about who can print what and to which device can be a source of data leaks. From a people perspective, not having clearly defined policies on how physical documents are disposed of can see printed output – and the confidential information they may contain – fall into the wrong hands.” Steve adds that the effects of a breach can vary. “The NHS is, sadly, a high-profile target and has been subject to some crippling attacks, some of which impacted its ability to function,” he notes. “The knock-on effect there is its ability to deliver patient care when the core IT systems it depends on have been compromised. In that instance , the worst possible scenario plays out – patient lives are at risk. “In other cases, brands need to consider reputational damage when clients’ confidential data finds itself on the dark

web, or company’s payroll has been printed off and left on a train. Each event has its own consequences; and that’s before the Information Commissioner’s Office steps in to assess the situation and penalise companies for breaches.” Aware of threats However, while there are plenty of threats, Steve adds that businesses are now much more aware of the risks that MFPs can pose than they were 10 years ago. “There’s a combination of factors contributing to that greater understanding,” he says. “First, the print ecosystem – including the channel – has done a great job of communicating print- related risks and working to mitigate them as best it can. Second, we don’t just use tech at work, but it’s an intrinsic part of our personal lives, too. As consumers, we know the importance of staying safe online and that security mindset now shuttles back and forth from the home to the workplace. “Third, the GDPR mandate – and the penalties for breaching it – still echoes through organisations, ensuring that many of them follow good security practice at all times.” Trevor Maloney, product marketing manager – TASKalfa, at Kyocera Document Solutions UK, agrees that the introduction of GDPR in 2016 caused many users to look at potential threats to their businesses. “Manufacturers have also taken time to make users aware of the risks that MFPs, as end points, pose and most have responded by introducing security features to their devices such as being able to lock USB ports down and restrict access to the MFP and/or printer,” he adds. Mitigating risks But there are plenty of ways to mitigate the risks posed by MFPs. “Annodata’s managed end point detection and response product is available, also Kyocera as a manufacturer offer a managed print service enabling us to lock down the USB host ports remotely and ensure the latest firmware patches are installed through patch management,”

Steve Holmes EMEA & Americas regional director

Unsecured, web-connected MFPs provide bad actors with a viable entry point to an organisation’s network and to all the confidential “

information that resides within it. ”


Powered by