Printers continue to pose a significant and often overlooked cybersecurity risk to businesses in the UK, as only 14% of employees who have had training on new cyber threats have been specifically trained on printer security, according to a new European survey of 11,000 office employees, including 1,000 in the UK, conducted by Sharp Europe.
The survey reveals that despite the growing concern over cyber threats, many businesses are failing to secure critical endpoints like printers and multi-function printers (MFPs) or provide sufficient training to employees, leaving organisations vulnerable to data breaches and cyberattacks. In fact, according to these employees, 29% of UK businesses have no specific IT security measures in place to cover printers.
It seems that many office workers, having adapted to remote work, have developed poor printer security habits. As 28% admit to printing files sent via email from home on work printers, while 21% print files downloaded from non-work related websites without considering the associated risks.
Worryingly, only 18% of employees are aware that leaving printouts in MFP output trays can present significant cybersecurity threats that include disclosure of sensitive information to unauthorised individuals, enabling information gathering for social engineering as well as data compliance violations.
The research found that only 8% of employees see MFPs as the greatest IT security threat in the office. This highlights that businesses aren’t recognising and addressing the security risks posed by seemingly innocuous office devices, emphasising the urgent need for businesses to rethink their approach to office cybersecurity.
“Printers are frequently underestimated in UK businesses by daily users who perceive them as posing no cyber threat, making them an easy target for cybercriminals,” said Matt Riley, director for information security at Sharp in UK and Europe.
“Our findings underscore the urgent need for businesses across the UK to secure all office endpoint devices, and to ensure that employees are properly trained to recognise risks and prevent breaches. In the current cyber landscape, securing overlooked endpoints such as printers is vital to ensure a comprehensive IT security strategy.”