Most businesses don’t need to be told about the importance of cybersecurity. But while the threat of malware, phishing scams and DDoS attacks is well known and well reported, one area often gets overlooked – printing.
According to Quocirca, 59 per cent of businesses reported a print-related data loss in the last year. This highlights the need for robust, secure printing solutions. However, for many large organisations, this requires rollout across multiple sites, adding a layer of complexity to proceedings.
With individual sites often responsible not just for their own personal data, but sending it between different sites, there is a lot of scope for things to go wrong. Especially with the added pressure of GDPR. In this article, I’ll explore some of the risks associated with managing print security across multiple sites, and introduce some ways you can keep your organisation protected.
1. External printer security threats from hackers
Network-connected printers are a must for most businesses. But as printers become increasingly advanced, this poses a risk. Printers are susceptible to malware, and can often act as a gateway to other devices on the network. If a hacker gains access via the internet, they could send faxes or phishing emails, alter settings and even launch DDoS attacks. In 2018, hackers managed to force 50,000 devices to print documents supporting a famous YouTube personality.
Mitigation tactic: Secure your printer with password protection
One of the first things you should do when you get a new printer is change the default settings. Most printers will have an administration web interface that allows you to set a new password. By setting a strong password you can prevent hackers accessing and changing your settings. You should also make sure you’re using a private IP address. A lot of printers operate from an external IP by default, and switching will help keep your device secure.
Mitigation tactic: Digitise documents direct to folders with secure scanning
If you want to ensure confidentiality when digitising documents, consider scanning direct to secure network folders. Not only does this maintain privacy, it also means an end to the risk of posting or emailing sensitive documents between different locations. Brother’s printers give your IT admins scope to prescribe specific scan-to folders, ensuring documents don’t get sent to the wrong place. There is also the option to scan documents to secure PDF, meaning they are password protected from the moment they’re scanned.
2. Printed documents could end up in the wrong hands
From invoices and contracts to HR files, large, multi-site organisations print a huge amount of sensitive information. If documents are left unattended on the printer or in the output tray, they could be intercepted. For organisations that have a lot of customers coming and going, many of whom can’t be watched at all times, this can be particularly problematic.
Mitigation tactic: Utilise secure print solutions like pull printing
Pull printing ensures the right person collects the right printouts by only releasing documents once a user verifies their identity with a unique PIN or NFC card. This works as a cost-saving idea too, reducing wastage and tracking usage so that every printed page is accounted for. Another way to prevent sensitive information ending up with the wrong people is to use manufacturer genuine supplies. Cheaper inks and toners suffer from poor adhesion, which can lead to imprints of information being left on print rollers. This can then end up being reprinted onto the document that follows. I’d recommend using high-quality genuine supplies to avoid this.
3. Unsecure printer settings
Many manufacturers leave most settings open by default to make them as accessible as possible to new users. But these unsecure settings and controls could allow users to alter and re-route print jobs or reset printers to factory defaults. It’s not just new printers that can cause problems, either. Printers that use internal storage like hard drives can be hacked by those in the know. If a printer is stolen or not disposed of properly, your information may be accessed and used fraudulently.
Mitigation tactic: Physically protect the device
A simple solution is to situate your printer where it can be easily observed. For a multi-site organisation though, this can be complicated and inconvenient to apply everywhere. A comprehensive, multi-location managed print service (MPS) can help. For instance, Brother’s managed print service benefits you through what’s known as ‘balanced deployment’. After an initial assessment, it ensures the right printers are in the right places for the right people. This could include things like separate desktop printers for HR departments, with a freestanding multifunction device for everyone else to use. You could also take advantage of special features like secure function lock, which restricts certain device functions to specified users, helping you counteract misuse.
Mitigation tactic: Dispose of old printers properly
Printer disposal can be particularly difficult to organise across multiple, varied locations. It helps to have an organisation-wide policy that everybody can follow. Start by ensuring hard drives on outgoing devices are wiped to protect confidential information. Some may actually have to be physically destroyed, as hackers often visit recycling centres to pick up old, unsecure printers. Speak to your print provider about the best way of staying protected.
Simple steps to secure printer management
For any large company, especially those spread across multiple locations, print technology is a serious investment. With the average cost of cyberattacks to businesses hitting £25,000, it really does pay to protect that investment. This might seem daunting to organisations with such large footprints, but as I’ve outlined above, there are practical steps you can take to bolster your defences. And with the right partner at your side, you can develop a secure, future-proofed print environment. To discover more about secure printing solutions, download our ‘The print security blind spot’ e-book now.
Keep up to date with more useful content by signing up to the newsletter below.