Dozens of high-profile data breaches occurred 2017, and organizations worldwide have responded by paying more attention to IT security. However, cyber security is a complex field and while organizations address one vulnerability, another pops up. There is a technological arms race between attackers and defenders going on at this moment, and it doesn't look like it will end anytime soon.
A Crowd Research Partners report shows that 53 percent of cybersecurity professionals discovered insider attacks against their organization in the last 12 months, and 27 percent reported that these attacks are occurring more frequently.
As cybersecurity professionals continually work towards staying one step ahead of the cybercrime industry, the resulting arms race is spilling out into other fields. Now, more than ever, print security is a prime battleground for supremacy in data security.
How Does Print Security Fit into the Larger Picture?
At first glance, it might seem like securing printers is not as important as securing financial records, archives of personally identifiable information, and cloud-based business resources. However, cybersecurity is not an isolated discipline – it extends to every instance where information is relayed, communicated, copied, or processed.
Printers are a tempting target for cybercriminals because business owners and IT security professionals rarely include them in their security assessments.
Network-connected multifunction printers represent a key security vulnerability because they are often factory-set to trust all incoming requests. This means that a tax accountant printing W-2 forms for an employer is very likely to be storing highly sensitive data on a multifunction printer.
An attacker who wants a list of employee names, addresses, and social security numbers does not have to break into a company financial database to gain access. This attacker would only need to intercept the print order and copy the documents remotely from there.
There are numerous other ways attackers can compromise printers, from installing malicious firmware to creating false documents with instructions for employees. Most employees wouldn't think twice about following orders printed from their local multifunction device – but they should.
This is why printer manufacturer HP began incorporating into its multifunction products and releasing firmware updates that address existing vulnerabilities.
Most printer manufacturers are following suit, but the responsibility for adhering to cybersecurity best practices lies with organization leadership.
How to Address Specific Print Security Vulnerabilities
The first step to addressing vulnerabilities in printer security is aligning your print policy with your IT security policy. In most organizations, different individuals or teams are responsible for implementing these policies. The time to bring these policies together into a unified security framework is now.
Ask these questions to determine how you can address common vulnerabilities:
1. Do You Have a Document Audit Trail and Are Employees Held Accountable for Cost?
Document audit trails allow supervisors to monitor printer usage and device activity. The primary goal of generating a document audit trail is to monitor employee printer usage and reduce waste. However, document audit trails also provide useful information for tracking down unauthorized printer activity.
An additional benefit of generating a document audit trail is the ability to hold individuals accountable for printer usage. Employee accountability lets you address who prints what, when they print, and where they are printing to. When unauthorized activity shows up, it's clear whether the offending order is internal or external.
Managed print services (MPS) vendors routinely incorporate document auditing software into their solutions because they allow supervisors to track documents using specific document attributes. These systems track job owners, order origins, print destinations, page counts, consumable usage, and more, generating an audit trail can help pinpoint the source of questionable printer activity. These solutions also authenticate the scan path to preventing anonymous scans or worse the ability to spoof another’s identity when scanning to email.
2. How Does Your Organization Handle Printer Firmware Updates?
It might seem hard to believe, but cybercriminals can and do create malicious firmware modifications to attack organizations and exfiltrate sensitive data. Attacking devices at the firmware level is a far more involved process than phishing passwords or exploiting operating systems, but as a Columbia University report shows, the illicit rewards can be far greater.
The reasoning is simple. An attacker that exploits a specific printer model's firmware can attack any individual printer of that make and model in the world. Furthermore, organizations rely on manufacturers to develop and update firmware, which can be more time-consuming than patching holes in organization-specific security systems.
Make sure a qualified printer security professional is responsible for updating your devices' firmware and verifying that each device is up-to-date on a regular basis. New multifunction printers often have the ability to verify their own firmware – a feature that you should incorporate into your print policy.
3. How Are Print Device Security Settings Managed and Are Secure Fleet Management and Audit Tools in Use?
Today’s smart MFP’s may have dozens of settings that need to be applied, configured and managed to ensure the device is compliant with an organizational IT Security Policy. Applying these settings individually at each device leads to unnecessary IT hours and room for gaps in compliance. Leading solutions like HP JetAdvantage Security Manager automates this heavy lifting ensuring compliance and audit that your Print Security is fully in alignment with your IT Security Policy.
Need help looking for vulnerabilities at the intersection of IT security and print security policy? Contact ImageNet Consulting and speak with one of our specialists about a security audit.
