Your IT security is only as good as its weakest link

A cliché maybe, but nevertheless true. While IT security experts focus on securing vulnerabilities in PCs, laptops, mobile devices and other components of your IT network, they negate one thing: the protection of your super-fast, multifunctional office printer. And weak printer security can easily be that weak link putting all your lucrative company data at risk of being hacked. 

As modern IoT devices, printers are capable of pretty much anything. They can print, scan, email and copy. What they are actually doing is processing and often storing all the data that passes through them. This data includes client contracts, confidential employee records, credit card details, financial transactions and a host of other classified information. So if printers retain all this critical data, why don’t we secure them? 

The answer is straightforward. Unlike the computing devices of an IT infrastructure, printers are seen as peripheral devices, often installed outside the network firewall. Nowadays, it’s easy to buy a printer, configure it to your network and you’re ready to go. Your online printer will deliver quietly in the background, out of sight, unlike your laptop or smartphone. But out of sight doesn’t mean out of mind. Here’s why… 

Hackers like to make a meal of any IT vulnerability that they can exploit. Unsecured printers are no exception. When printers are located beyond the perimeters of your network firewall, or if printer security is inactive, hackers can easily intercept documents which can be routed to their own cloud storage facility. Worse still, is that hackers can remotely control your printer, delaying printing, disrupting your business operations, and compromising data security. 

The Ponemon Institute, an organisation focusing on independent research on data protection and privacy, reports that 29,000 printers on university campuses across the United States were recently hacked. On this side of the pond, at the Ruhr University Bochum in Germany, 20 different makes of printer were put under the security spotlight. Each model was vulnerable to at least one form of attack. 

What can you do to improve your printer security? Check out these recommendations: 

  • • Make an inventory of all the printers in your IT network. As we said, printers tend to be ‘out of sight’ devices or hidden endpoints. They should be visible and accounted for.
  • • Decide which printers need internet access. You may have several machines online that are never used, increasing the vulnerability of your network. Disconnect them or switch them off.
  • • Many printers are vulnerable to hacking because they are online in a default configuration mode. Use non-default, strong passwords and change these regularly.
  • • Manufacturers tend to be lazy to build or release updates or patches for printers. Check that you have the printer firmware is up to date. If firmware updates are no longer available, it might be time to invest in a new printer.

‘Please don’t hack my insecure printer’, you cry out to a hacker. It’s unlikely that they’ll listen or care. Cyber-criminals are after money and your company data is an excellent source of cash. Be proactive about your printer security today. You’ll be keeping your data safe and your business out of the hands of hackers.