Safe from harm
Cybersecurity threats are growing for businesses of all sizes, and steps must be taken to ensure devices such as multi-function printers are kept as safe as possible – something resellers have a crucial part to play in.
Businesses of all sizes and in all sectors are facing more cybersecurity threats than ever before. Quocirca’s recent Global Print Security Landscape Report 2023 found that IT decision makers are less confident in the security of their print network than they were a year ago. Only 19% are completely confident that their print infrastructure is protected from security breaches and data losses today, a drop from 23% in 2022.
Multifunction printers (MFPs) are an important part of the print network of many businesses and keeping them secure plays a vital part in keeping the wider network secure too. But keeping them secure is a challenge.
“If we follow the core security principle of protecting ‘product, policy and people’, MFPs present several security challenges, not least at a time when print has been identified by hackers as a prime target,” says Steve Holmes, EMEA & Americas regional director and GM, PaperCut.
“From a product perspective, unsecured, web-connected MFPs provide bad actors with a viable entry point to an organisation’s network and to all the confidential information that resides within it. From a policy perspective, not setting rules about who can print what and to which device can be a source of data leaks. From a people perspective, not having clearly defined policies on how physical documents are disposed of can see printed output – and the confidential information they may contain – fall into the wrong hands.”
Steve adds that the effects of a breach can vary. “The NHS is, sadly, a high-profile target and has been subject to some crippling attacks, some of which impacted its ability to function,” he notes. “The knock-on effect there is its ability to deliver patient care when the core IT systems it depends on have been compromised. In that instance , the worst possible scenario plays out – patient lives are at risk.
“In other cases, brands need to consider reputational damage when clients’ confidential data finds itself on the dark web, or company’s payroll has been printed off and left on a train. Each event has its own consequences; and that’s before the Information Commissioner’s Office steps in to assess the situation and penalise companies for breaches.”
Aware of threats
However, while there are plenty of threats, Steve adds that businesses are now much more aware of the risks that MFPs can pose than they were 10 years ago. “There’s a combination of factors contributing to that greater understanding,” he says. “First, the print ecosystem – including the channel – has done a great job of communicating print-related risks and working to mitigate them as best it can. Second, we don’t just use tech at work, but it’s an intrinsic part of our personal lives, too. As consumers, we know the importance of staying safe online and that security mindset now shuttles back and forth from the home to the workplace.
“Third, the GDPR mandate – and the penalties for breaching it – still echoes through organisations, ensuring that many of them follow good security practice at all times.”
Trevor Maloney, product marketing manager – TASKalfa, at Kyocera Document Solutions UK, agrees that the introduction of GDPR in 2016 caused many users to look at potential threats to their businesses. “Manufacturers have also taken time to make users aware of the risks that MFPs, as end points, pose and most have responded by introducing security features to their devices such as being able to lock USB ports down and restrict access to the MFP and/or printer,” he adds.
But there are plenty of ways to mitigate the risks posed by MFPs. “Annodata’s managed end point detection and response product is available, also Kyocera as a manufacturer offer a managed print service enabling us to lock down the USB host ports remotely and ensure the latest firmware patches are installed through patch management,” says Trevor. “Many of Kyocera’s device also incorporate our ‘K-Level’ security suite, which includes firmware validation and hard drive encryption and erase.”
Arjan Paulussen, managing director, Western Europe & English-Speaking Africa at Lexmark, adds that managing MFP fleets across various locations can be challenging, so they need a streamlined and efficient solution to maintain device compliance and security posture. “Moreover, with the prevalence of remote work, ensuring the security of MFPs outside the office network has become a significant concern,” he adds. “What’s more, remote access can introduce vulnerabilities if not properly managed, putting critical data at risk. Often overlooked, the security of documents themselves is a vulnerability within businesses as unauthorised access to printed documents can lead to data breaches and compromise sensitive information.”
He adds that Lexmark’s Cloud Fleet Management and Markvision Enterprise offer comprehensive tools to efficiently manage and secure MFPs, empowering businesses to protect their critical data across multiple locations and remote work settings.
“For example, Cloud Fleet Management streamlines fleet configuration, keeps devices up to date with recommended firmware and ensures compliance from anywhere in the world,” he adds. “This eliminates security gaps, even in remote or hard-to-access locations. Furthermore, Markvision Enterprise provides robust print management software, which enhances business security policies, offering a user-friendly solution to configure device settings and update security policies.”
Steve adds that security should be considered before, during and after the print process. “At Papercut, we believe it’s the most effective way to protect our customers and their confidential information and help them ensure that they are adhering to mandates like GDPR or other compliance and legal obligations,” he says.
“PaperCut MF, for instance, addresses the complex issue of BYOD and print security. It includes the print enablement feature PaperCut Mobility Print. This takes the headache out of connecting the myriad of devices that you can’t control — users can now print in a consistent and intuitive way, without calling the help desk to get things set up. Even better, when linking PaperCut Mobility Print with PaperCut MF, it is possible to apply all the other benefits like user management, policies and secure print release to the otherwise unknown devices on the corporate network.”
When talking to customers, resellers need to reiterate the ‘people, policy, product’ message, Steve adds. “The good news is that the message is increasingly falling on more receptive ears,” he says. “Security needs to be looked at holistically, so resellers are working to understand more about the network the MFP will be connected to; they’re working to understand how the device will be used and what third party print hardware or software products will be added to it; they are working to review customers’ existing print policies to see if they are robust enough and address the security and print challenges posed by hybrid workers as well as those that are office-based.
“I think we should recognise the commendable and on-going effort the channel puts into keeping its customers as secure as they can be.”
Rick Dove, pre-sales technical specialist at Epson UK, adds that making significant investment in a solid IT infrastructure is the first and most important step in mitigating against these risks. “IT is often seen to be working on a shoestring budget, which keeps existing systems operational rather than updating and improving software and hardware,” he says. “In the ever-evolving world of IT, investment must be made in updating old systems that lack modern security functions.
“As well as keeping systems up to date, employing IT staff that have network security experience is also extremely important, as is ensuring non-IT staff are also trained and literate in the fundamentals of IT security. Simple procedures such as regular firmware updates for devices, operating system updates for computers and servers and performing regular network security checks can help mitigate attacks.”
MFP security is something that resellers should be talking regularly to customers about, he adds. “The best place for resellers to start a conversation with customers about keeping MFPs secure is document security,” he says. “If a customer allows jobs to be printed with no authentication for print release, printed documents can sit endlessly on the printer output tray, often with confidential information, exposed to many people until the user has the chance to collect them.
“Document security is just as important as IT security and there are many solutions in the marketplace that can be implemented to tackle these security challenges, so it is very important for the reseller to communicate these to the end customer. For example, applications that are compatible with certain Epson printer models such as Epson Print Admin bring secure print release and job management, which can massively improve a customer’s security.
“Discussions around aging devices are also important to have with customers. Resellers should communicate to customers the importance of keeping old devices up to date with the latest security measures. And to be wary of the manufacturer no longer supporting the device with updates and to consider a replacement.”
He adds that IT end of life planning needs to be encouraged to help businesses remove such obstacles and ensure all devices have a planned lifetime alongside a replacement plan, thereby minimising the risk of a potential threat.
Security for MFPs will continue to be a focus in the future for manufacturers as new MFPs come to the market, Rick adds. “Manufacturers understand the importance of advancing security measures in a device as well as other areas of innovation,” he says. “Manufacturers are at the forefront of innovation to introduce measures such as anti-malware engines that will fool-proof devices to any potential intrusion.
“New solutions protection measures paired with guidelines on data handling and network security will undoubtedly increase awareness among customers and end users, and therefore result in an increased focus on security all round.
“As intrusion methods and tools become more streamlined and readily available for hackers, customers need to be ready to meet ever evolving threats. Manufacturers must also remain vigilant when responding to security threats and provide the tools customers need to secure their device in full.”