In the wake of recent security breaches, managers are seeking to ensure their businesses are as protected as possible – and printer networks should not be ignored.
The recent high-profile cyberattacks on retail giants Marks & Spencer and the Co-Op have focused minds in many businesses on cybersecurity. If huge businesses such as those can fall victim, then any can, so ensuring a business is as secure as possible is paramount – and this includes the printer network.
Printer networks can be overlooked when cybersecurity is concerned – especially among smaller businesses – but this needs to change as if it isn’t properly secured it can provide a way in for a cybercriminal.
Especially as the number and variety of cyber threats continues to grow. As Ian Fox, channel solutions and services specialist at Xerox, notes, according to the Government-backed National Cyber Security Centre, in 2024, 50% of UK businesses experienced a cyber breach or attack. “They also say that these can happen to any size of business and that the impact on the business and their customers can be significant,” he adds.
“Security exploits are much easier to leverage when networks and IT infrastructure are poorly patched, managed or configured. IT support teams tend to focus on traditional endpoints, such as servers and workstations, and print infrastructure is often overlooked. MFDs and printers may also contain vulnerable operating systems, default passwords or sensitive information that, if not properly managed, can be exploited by those with malicious intentions.”
Stuart Brookes, EMEA head of sales and channel at PaperCut. adds: “The growing number of bad actors are always looking for on-ramps to a network, so they pose an increasing threat to organisations of all sizes,” he says.
“SMBs are vulnerable because they often think they are less attractive to bad actors than a bigger or better-known business or brand; this can lead to complacency from a security perspective, aligned with few SMBs having a designated person onsite responsible for device security.
“To this, we must factor in that end point detection and response isn’t always installed on a printer, opening up a security compromise that can allow for remote monitoring or a backdoor into the network. Add in the move to hybrid working models and staff wanting to print from anywhere, and it’s getting harder to keep users secure on an SMB’s isolated network.”
Peter Dresser, product marketing manager at Kyocera Document Solutions UK, agrees that networked printers can pose a significant security risk to SMBs. “As limited IT resources mean printer security often gets overlooked,” he says. “As network endpoints, unsecured printers can unwittingly give hackers access to the network, allowing them to intercept or access sensitive print data or even deploy malware.”
Security checklist
When considering a secure print network solution, there are various things that should be part of the conversation. Stuart recommends that SMBs create a security checklist. “This should include the fundamentals of authentication procedures, robust access control, solid data encryption and advanced firewall configuration, as well as the ability to deal with network segmentation,” he says. “And, in the era of BYOD [bring your own device], it must support multiple operating systems, too.
“While most users accept that there’s always a trade-off between security and convenience, an effective security solution should be able to work efficiently in the background without compromising ease of use,” says Stuart.
“To that end, end users want robust security to work hand-in-hand with features like Find Me printing and Print from Anything. Nor do they want to compromise on cost effectiveness or hosting options (on prem/cloud/etc), nor impact their sustainability efforts.”
Peter adds that SMBs are looking for ease of use, simple installation and above all total peace of mind from their secure print network. “They need to know their print devices are secure in their own right, certified and independently tested,” he says. “This is standard stuff for Kyocera – for instance the cryptographic technology on board Kyocera’s A4 printers and MFPs is FIPS 140-3 certified to NIST standards to ensure that data is kept confidential; all devices are UK PSTI compliant.”
In addition, networked printers and MFPs need to protect print data across the network, and above all secure confidential or sensitive information in a device’s memory long after printed documents have been collected, Peter notes. “This security needs to be automatic, common and all-encompassing,” he says. “Security conscious manufacturers such as Kyocera know this – providing the same industry leading security on their consumer ECOSYS range as their high-end TASKalfa business devices – we call this K-Level security, which has been validated by BLI/Keypoint Intelligence for device penetration.”
Hardware and software
Ian says that businesses need to consider the security of the hardware and software that make up a print solution, as well as that of the documents that are printed, copied and scanned on them.
“With hardware and software, ensure device firmware, drivers and print management software are regularly updated to the latest available releases,” he says. “Only enable features and services that are essential for the functionality you require.
“Change default passwords and define policies that check and remediate against subsequent misconfiguration.”
Ian adds that the latest hardware comes with several features that can enhance the security of documents at a device level. “Support for latest encryption standards ensure that data is secured in transit and at rest,” he says. “Consider replacing ageing devices that no longer support the latest security and don’t let that device become the weakest link in the security chain of your network infrastructure.”
On documents, Ian adds: “We’ve all seen occurrences of unclaimed print jobs being left on printer output trays. Often these contain sensitive information and can represent a significant risk to GDPR compliance. Implementing an effective print management solution can ensure that jobs are not printed until the authorised user releases them at the device. A full audit trail will be provided, showing who printed what, where and when. It’s also possible to analyse the content of output, alerting key personnel when specific keywords are included in prints.”
Agility
It is also essential for solutions to be agile, as the threats to businesses are always evolving. “The pandemic taught us that businesses of all sizes need the agility to pivot quickly if a major event occurs,” says Stuart.
“But even beyond a global pandemic, SMBs can experience rapid growth or the need to change direction suddenly to meet demand. Therefore, their print solution needs to be able to adapt, while continuing to support hybrid workplaces and the ability to work on any device type, especially in the face of a fleet refresh.”
Ian adds that organisations need agile solutions to remain competitive. “IT departments are looking for print solutions that can be quickly implemented, easily and securely managed without having to invest in additional server infrastructure,” he says.
“Our range of AltaLink and VersaLink devices can act as IOT devices, communicating securely with our cloud based print management, allowing devices to be managed securely for the duration of the contract without the need for on-premises infrastructure.”
Reseller conversations
When talking to customers about secure print networks, resellers should be highlighting several things. “Beyond the security fundamentals, they should be able to share examples of real-world consequences of insecure installations as a stark reminder of what can go wrong, and the implications of when it does; from loss of brand reputation to breaches of mandates like GDPR,” says Stuart.
“They should also be able to outline how a secure install can still function without impacting user experience or cost, while adhering to compliance regulations.”
Peter agrees that resellers should impress on their customers the importance of securing their print environment. “As this will be a fundamental part of their data, network and ultimately their business security,” he says. “Printers and MFPs that are independently recognised and validated for their security technology will enable channel partners to differentiate their offer, add value and ultimately build trust with their customers.”
Ian notes that SMB customers can find it difficult to differentiate between resellers. “Particularly when the conversation is limited to feeds and speeds and the standard functionality that all vendors offer,” he says. “It then becomes price-driven instead of value-driven.
“We encourage our resellers to broaden their conversations, focusing on three key areas: security, sustainability and productivity. By applying this approach to the device, fleet, document and user, they can add value and over and above secure print functionality.”
Ian adds that resellers should make sure they are comfortable having security-focused conversations with their clients in relation to print. “Do they appreciate that print devices should be managed and secured just like their other network endpoints?” he says. “What are their policies and procedures going to be around ensuring that their print related solutions are properly audited, patched and configured. How will they handle password management? Would they like to relieve their IT department of these burdens and perhaps sign up for a managed service that provides this instead?
“This type of conversation opens the potential to sell other solutions and services that help the reseller replace lost revenues as a result of declining print volumes.”