Top Print Security Measures to Shield Your Network from Cyberattacks

304
Keep it safe

With cyberattacks increasing, secure print networks are paramount for businesses of all sizes, especially in businesses with hybrid working arrangements, which can be a weak point in the chain.

For UK businesses and charities, cyberattacks are a very real threat. In 2023, 32% of businesses and 24% of charities recall any breaches or attacks from the past 12 months, according to government figures. 

The government research found that the percentage was much higher for medium businesses (59%), large businesses (69%) and charities with £500,000 or more in annual income (56%).

This means that network security should be paramount, including the print network. Yet as Trevor Maloney, product marketing manager at Kyocera Document Solutions UK, notes, print security is still one of the most overlooked aspects of securing a network. “Any device that is connected to a network should be considered an ‘end point’ and this includes printers and MFPs,” he says. “As a result, any network could potentially be infiltrated by a cyberattack via these devices if they do not offer the most appropriate levels of security.

“In this new world where home working is the norm, printers and MFPs are connected into the home network but rarely, if never are the same levels of security applied to a home network as those applied to a corporate network.

“Therefore, it’s vital to setup the device correctly during the initial installation to ensure all the security features of the device are enabled to eliminate as far as possible any cyberattacks via a homeworker’s own network. As part of Kyocera’s dealer certification program engineers are trained on how to do this, including the firmware upgrade process. Also, in line with our philosophy, Kyocera makes things simple by providing the tools and support for users to update their device security.”

Some of the most common breaches include forgotten printouts, unprotected access to a device and shared passwords, along with customer and partner contact details, adds Trevor. “However, cyberattacks continue to evolve, and as such companies cannot afford to be complacent. Therefore, it is very important when purchasing print devices that customers consider the security features available and the credentials of the supplier.”

Older risk

Deyon Antoine, product marketing manager at Toshiba Tec, adds that any device connected to a network is a potential entry point for cybercriminals. “Just like computers, unsecured printers can give hackers access to your home network and data,” he says. “Older printers which are no longer supported, and firmware that is out of date are most at risk, as they are not prepared for new potential vulnerabilities, hackers may exploit vulnerabilities in these older firmware versions.

“Home network security may not be as robust as those within the office and do not follow the same stringent IT policies enforced in the workplace.”

Deyon adds that security threats are always present, and hackers are always looking at ways to infiltrate networks to steal data or disrupt business. 

He says the most common breaches are:

• Ransomware locks or blocks users’ access to their own data or devices. Hackers often demand a ransom to restore access

• Using weak or recycled passwords poses a significant threat. They can compromise security tools like firewalls and VPNs

• Unencrypted file sharing can expose sensitive information to unauthorised parties

• Unsecured home Wi-Fi networks can leave them exposed for cybercriminals to exploit

• Using personal devices for work can introduce security risks, especially if they are not part of the office IT policy.

Solutions

But there are a range of solutions available to businesses with hybrid working arrangements. “Using a VPN encrypts internet traffic, protecting sensitive data from hackers and cyber threats,” says Deyon.

“Use remote/cloud management tools to manage printer’s firmware update to patch security vulnerabilities. Businesses should also use strong passwords for printer access and ensure the Wi-Fi network is secure. Enhance print and network printer security by using MFA or other strong authentication methods.

“Businesses should also configure firewalls by disabling unnecessary ports to limit printer access from external sources.”

He adds that hybrid working should be included in company IT policies, as well as being part of a managed print service arrangement.

Trevor adds that Kyocera offer tailored security solutions based on a range of security features and industry expertise. Key security features include Digitally-Signed Firmware, Secure Boot and Run Time Integrity Check. “As a matter of course, Kyocera monitor global security trends and legal requirements, ensuring compliance with regulations like GDPR, ISO/IEC 27001 and others,” he says. 

He notes that Kyocera designs and develops its MFPs and printers with awareness of three key security attributes: 

Confidentiality: Authorised access to information assets 

Integrity: Ensuring data remains unaltered 

Availability: Reliable access to information assets. 

“Kyocera earned the BLI Security Validation Testing seal from Keypoint Intelligence after our devices passed a rigorous penetration testing protocol involving automated and manual cyberattacks on the device firmware and underlying operating system. K-level was validated as exceeding industry standards and verified to be free from any high-risk vulnerabilities from outside attacks. K-level enables all our customers to benefit from our highest level of security and provides optimal data protection at the point of print or scan.” 

Agility

With cyberthreats continuing to evolve, it is important that solutions are agile. “Malicious hackers and those intent on penetrating unauthorised networks do not stand still,” says Trevor. “Constant evolutions of malware, ransomware etc. require manufacturers to ensure they design security features and security software that also evolves to meet these challenges.

“It is also vital that security patches and updates are assigned to users’ devices as soon as they become available. Kyocera’s Fleet Services software enable devices that are connected to this service to have security updates applied remotely as soon as they are available.” 

Deyon adds that moving to cloud-based device management like Toshiba’s e-BRIDGE Cloud Connect will ensure that devices are monitored in real-time, firmware is updated to fix newly discovered vulnerabilities. “Using cloud print solutions like Toshiba’s e-FOLLOW.cloud and e-BRIDGE Global Print can ensure encrypted print security,” he says.

What to highlight

When talking to customers about securing print networks, there are several aspects that resellers should highlight. 

“Where possible, customers should choose a vendor with a good security reputation, a vendor that actively monitors global security trends and legal requirements, ensuring compliance with regulations like GDPR, ISO/IEC 27001 and others,” says Trevor. 

“Kyocera applies its K-Level not only to its business products (TASKalfa series) but also to its consumer range (ECOSYS series) of products. Our printers and MFPs incorporate all the latest security standards to make sure their communication across the network is encrypted for maximum network security. 

“Unused USB interfaces can be locked, unused protocols can be closed down and for the home user IP filtering can be applied making sure their PC, tablet and phone are the only devices allowed access. Security settings are protected by a unique, highly secure password making sure all Kyocera users, in the office or working from home, can do their work and protect their printed documents with total peace of mind.

“Still, the biggest threat to a customer’s print security is unauthorised access to the device and the documents produced on it,” says Trevor. “Open access to a device, shared passwords and forgotten printouts are all potential security risks. In the worst-case scenario, print jobs could be intercepted across the network or retrieved from a device’s hard drive.  

“Resellers should be discussing these potential threats with customers and showing them how good operating practice together with the security functions of the right device can significantly reduce and even remove these risks. Choosing the right device from the right manufacturer is key for customer peace of mind. For example, many of our home-user type products have work from home functionality such as “Default Printer Confirmation” to remind users which printer they have set every time they click print, greatly reducing the chance of printing confidential documents on a network printer in the office.

“The latest network protocols make sure that all network communications going to and from the MFP are encrypted. Key security features include Hard Disk Drive encryption, Digitally-Signed Firmware, Secure Boot, and Run Time Integrity Check. Kyocera K-Level security has been independently tested, verified and awarded the BLI Security Validation, Device Penetration award, confirming Kyocera’s security credentials.  

“Kyocera devices can be set to pin/password protect printed documents with ‘secure print,’ they have operator panel locks and our HyPAS devices can be integrated into full document management solutions to benefit from the security they provide. Protected by unique passwords, the internal webpage of a Kyocera device (Kyocera Command Centre) can be used to limit device access by locking ports, close down unused protocols and apply IP filtering to control PC/tablet/phone access.”

Removing complexity 

Deyon adds that resellers should recommend that customers opt for a managed print service to manage their print infrastructure. “At Toshiba, we audit the current fleet and make recommendations for rationalisation and optimisation, to remove any complexity from a company’s infrastructure,” he says. “The more streamlined it is, the simpler it will be to manage its security. Then, we implement and integrate new devices, maintain their operation, monitor risk and ensure the print fleet is meeting business requirements and security standards. 

“Likewise opting for a managed IT service to audit security provisions can ensure a business is up to date and compliant, identifying and patching any vulnerabilities.”

Deyon adds that resellers should recommend upgrading print fleets or having a single vendor for them. “Older devices will likely have outdated hardware-level security, weakening your multi-layer protection,” he says. “With a single vendor, security credentials and functions are likely to be similar across all devices, with a consistent standard of compliance.

“Also, look to implement print software for multi-layered print security and greater flexibility for users and consider moving from on-premise to cloud-based solutions such as e-FOLLOW.cloud, to ensure software is consistently up-to-date.”