You're currently viewing, would you like to continue?

Yes, I want to view
No, take me to

Print Security: How to protect your organisation

Posted on Monday, March 06, 2017
Secure your printers
By Rhys Lawson
Head of MPS, DaaS & Collaboration

More News

This blog was updated on 4th December 2017

At the turn of the year, our CTO wrote about the three key areas we think will be most relevant to our customers – cloud, mobility, and security. This article aims to address the security piece in particular – but an area of security you probably haven't even thought about!

Businesses and organisations often take a commoditised view of their print estate. But just like the rest of the IT world, print services have had to adapt to the changes that cloud computing and mobile working bring, and this has resulted in a growing need for organisations to seriously consider how they secure their print estate. While most organisations have clearly defined security policies for their PCs, networks, and storage, print is commonly overlooked.

What's the worst that can happen?

Printers today are like PCs; they have an operating system, applications, and various functions connected to the internet. This means that they are a prime target for hackers to enter your network if not properly secured.

There have been incidents where a printer has been hacked to play videos game, a drone has posed as an open printer and accessed user documents, and malware has taken over a printer's operating system and gained access to the wider network. While we take care to lock down our networks and mobile devices, it's all too easy to leave printers wide open for those with malicious aims!

HP's 'The Wolf' video shows how printers are particularly vulnerable to attack and one of the easiest ways into a network for hackers. This video shows how hackers target printers and use them to extract company data with ease, if unsecured.

The Wolf ft. Christian Slater | HP

Why has it been forgotten?

Security in print is not often talked about when IT departments are looking at their security strategy. I recently attended a security event presented by leading EMEA Security Specialist, Howard Roberts. To set the scene, Howard presented some quotes and facts from Peter Kim, industry-leading penetration tester and author of 'The Hacker Playbook'.

Hacking unsecured printers is easy[…]I probe around for a multifunction printer and see that it is configured with default passwords. Great, I am in.

We've compromised a number of companies using printers as our initial foothold. We move laterally from the printer, find Active Directory, query it with an account from the printer and bingo, we hit GOLD… 

- Peter Kim, The Hacker Playbook

During Howard's presentation to a roomful of the industry's most knowledgeable and market leading print experts, he asked a few probing questions about security in print – you could hear a pin drop; not one person in this room could answer his questions. He stated confidently that he considers less than 2% of the world's printers to be properly secured.

Personally, I believe the reason organisations are not thinking about security in print is partially down to an old-fashioned view of print as a simple commodity, and a lack of understanding of the true extent of the threats or potential ramifications if not correctly protected.

GDPR is coming

As of May 2018, the new General Data Protection Regulation takes into effect. Companies who are found in breach of personal data can face a penalty for non-compliance of up to 4% of a company's global turnover. Unsecured print estates are an easy target for hackers – and one that organisations cannot afford to ignore with such severe penalties at stake.

How do we secure printers?

Our approach is to break it down into three areas of focus:

1. Securing the Device

By establishing and utilising print security software, you are able to set a fleet-wide print security policy that ensures any device added to the network must comply with the security settings agreed, if not, the device is blocked. The software also offers ongoing run-time intrusion detection that ensures any breaches into the device can be immediately actioned. If required, the software automatically protects the devices BIOS and installs a safe firmware.

This video demonstrates how HP have built 'runtime intrusion protection' into their Enterprise devices to automatically identify and remediate security threats in real time, with no management overhead. This is effectively like having Sophos/McAfee built into these devices to secure them; or the equivalent of Palo Alto/ Cisco intrusion protection features in networking terms.

Funny Business | The Fixer ft. Jonathan Banks | HP

2. Securing the Data

Protect data in transit to and from the device with data encryption and authentication solutions. You can also extend this protection to mobile devices with certain solutions.

3. Securing the Document

Aka 'Follow-me' print. Reduce unclaimed print jobs, protect confidential documents and improve efficiency with a print management solution. If further security is required around certain sensitive document printing, there are even counterfeit deterrent solutions available.

Speak to Softcat's print services team

For a confidential discussion on any of the risks raised in this article, please get in touch with the Softcat print services team via your account manager or using the form below. 

Secure your printers

We would love to hear any comments you have about this article!