FIVE STEPS TO SECURING YOUR PRINTER ENVIRONMENT

Multifunction printers (MFPs) are experiencing an identity crisis. Unfortunaltely, IT administrators don't always see them as the full-fledged networked computers they really are. But attackers so - and they are finding them increasingly very attractive. 

These printers, pushed in a back corner of the office and quietly going about their business of copying, printing, faxing and scanning, might not seem to pose any real security risk. But, like any networked device, if not properly managed, they can expose sensitive data to unauthorized access.

To secure your printers from unauthorized access, print configuration alterations and device compromise let's review printer security best practices:

1. Conduct a Print Security Assessement

Print security is one important component of understanding the costs of new copiers and printers. A basic risk assessment report provides a glimpse into into your print security vulnerabilities. A team of secure print professionals can install printer utility software .that verifies your fleets security settings against a set of secure policy guidelines. The process will identify and report any non-compliant features.

2. Manage Printer Access

Take to following measures to make sure that your printers are configured only to allow access from approved networks and devices and not exposed to the public internet.

• Configure the printer's access control list (ACL) to restrict access by subnet or device
• Remove the default gateway in the IP configuration to disable Internet routing, making printing only available on your local network segment.
• Use a hardware firewall to block public internet access to the printer
• Configure another machine as a dedicated print server with appropriate access controls.

2. Change the default password to the administration control panel webpage. If your printer's administrative panel is not securely configured, attackers can:

• Change the printer's network address and reroute print jobs
• Perform a (DOS) Denial of Service and render the device inoperable
• Use the printer as a platform to attack other systems on the network.
• Install malware in the printer allowing remote back-door access

3. Implement a secure release solution that eliminates abandoned print

In many organizations, people use the "print and sprint" strategy – send a file to the printer and then run so no one sees their output before they reach the printer. Software solutions exist that allow jobs to be held at the server level and not released until the user authenticates at the device via a badge scan or pass code. At that time, the user can choose to print or delete the job, eliminating lots of abandoneed print that may contain sensitive information and lead to a security breach and jeopardize compliance laws. These solutions also allow for automatic deletion of print jobs held longer than a specified amount of time (ie: 3 days or you determine that limit), eliminating confusion at the printer when accessing files. 

4. Update and Patch

Check for firmware updates on all printer and network devices as part of your regular patch management schedule. Updates can add new or improved security features, patch known security holes, and fix other issues.

5. Choose the Right Printer.  

For shared departmental printing, make sure to select a business workgroup printer. These printers store print jobs, passwords and other information on their hard drives, and provide disk encryption to protect sensitive data stored on the device. They can also erase data after the print job has run. 

Remember that everything printed, copied, faxed or scanned is stored on the printer hard drive - and make sure that when a printer is de-provisioned or sent offsite for servicing, it is wiped clean of any stored data.

Feel free to contact me through messenger or directly on my cell @ 432-349-1154 for a free assessment on your security and print environment!!