The Hidden Dangers of Unsecured Printers in Business Networks

730
Printers: the unseen threat hiding in plain sight 

Despite threats from cybercriminals increasing, many businesses are still overlooking the vulnerability of printers to be subjects of attack – and this needs to change, says Faki Saadi, regional director, UK at SOTI. In recent years, businesses have seen a rapid influx in the number of internet-connected devices in their networks; devices that must be monitored, managed and secured to protect confidential business data and improve the resiliency of organisations against cyberthreats.

But, while many companies actively secure laptops, mobile phones and even handheld scanners, some technologies are being overlooked. 

Six in 10 organisations have experienced a printer-related data loss over the past year, according to analysts QuoCirca. This is a worrying figure that highlights how printers may not be regarded by organisations as traditional targets for network hackers; something that was also discovered in recent SOTI research. 

SOTI’s study revealed that many companies lack visibility over the printers in their networks, with more than a third lacking the ability to access real-time location and status updates of printers or information about their settings. But what is the extent of the unseen printer threat and how businesses can better protect themselves?

What’s at risk?

Mobile, industrial and label printers all process and store much more data than ever before, including personally identifiable information, payment details, trade secrets and in the case of healthcare, patient records. This information is temporarily stored when there is a queue of print jobs or is captured by newer models, often equipped with internal hard drives, that save information when scanning or printing. This allows staff to store previous data for quicker retrieval, offers the ability to gain access when a device is offline and the assurance that if connectivity issues occur in the middle of a job, the printer can retain information and resume activity once reconnected. While this offers a level of convenience, all this data is appealing to hackers as it can be used to create sophisticated and personalised phishing scams, be sold on the dark web or facilitate identity fraud.

A lack of visibility and appropriate printer security can mean that any saved information that is sent to be ‘printed’ can be accessed by unwelcome guests. But it can also have a detrimental knock-on impact, as hackers use ‘lateral movement’ to encroach on the wider corporate network if proper segmentation isn’t put in place. 

It’s therefore essential that organisations look to incorporate end-to-end encryption to protect this data and ensure only authorised recipients can use these devices. Some may also benefit from restricting printer access to necessary services and users to minimise the possibility of a cyberattack or leak.

In tandem with this, organisations need to work to educate their employees on what they’re printing and the data at risk. This includes asking them to consider whether a document really does need to be printed to avoid unnecessary information being stored or not leaving the printer unattended when duplicating sensitive documents. 

Step back and take stock 

The same SOTI study showed that two in five UK businesses lack any form of real-time centralised management and do not know how many printers they have or where they are deployed. 

Now that we know what is at risk, this is a concerning statistic. IT teams cannot safeguard their organisations if they have limited or no awareness of how many printers they have and whether they need to be managed and secured. It’s a blind spot that also highlights another common issue: businesses often overlook and neglect outdated technologies leaving them vulnerable. 

To face this problem head on, companies need to step back and take stock. That includes all printers, old and new, so that they can confidently work towards tightening defences and protecting internal and customer data. It may be worth considering a solution that can detect and identify any authorised or unauthorised device connected to the corporate network. 

Close the gap 

A preventative approach that regularly encompasses software updates and real-time monitoring will always see an organisation in better stead. By drawing on real-time intelligence, IT and security teams can detect and diffuse a threat before it becomes a wider problem. 

While SOTI’s report showed there is some awareness around the susceptibility of printers to hacking due to outdated firmware, many organisations identified a lack of appropriate tools as the roadblock to remotely troubleshooting these problems. And fixing them in-person is time-consuming and costly, especially if in a different location to the IT team. 

If we look to our work with Rosti, the company’s IT personnel would spend a lot of time travelling from outside the region to address device issues. Since implementing SOTI MobiControl for remote management and support, Rosti has reduced downtime caused by hardware issues by more than four hours per device, per month and has saved on associated travel costs too.

Solutions like this can allow IT teams to modernise how they manage their fleets so that patches can be deployed from a distance, making it more convenient to implement protective measures and easier to conduct risk assessments. For example, by helping automate firmware updates so that they are automatically deployed to all devices at the same time, upping protection and alleviating pressure on staff.

Improving resiliency 

It’s well known that cybercriminals will always choose the path of least resistance and if printers continue to be left unprotected, we can expect to see them remain a perfect target. This is why printer management needs to be seen as an integrated part of a robust security architecture, where best practises such as encryption, location tracking and improved employee awareness is essential.

As businesses continue to refresh and adapt their cybersecurity strategies to reflect the current threat landscape, it’s essential that they look to safeguard every type of device, including the humble printer.