Document scanners can be overlooked when it comes to network security, but that can leave a business vulnerable to a cyberattack, especially when used in hybrid settings, so resellers need to emphasise the need for security to customers.
The digitalisation of business often goes hand-in-hand with hybrid working. Digital documents can be accessed by employees from anywhere they are working. Likewise, by using scanners, they can digitise and upload documents wherever they are too, meaning they can work equally as well at home as in the office.
But with the increased use of networked scanners in the office and at home, it can increase a business’ vulnerability to cyberattacks. A cyberattack, particularly for a small business, can be devastating in terms of downtime, lost productivity and damage to its reputation, so the gravity of the situation cannot be underestimated.
“In today’s hybrid work landscape, document scanners are often essential for digitising paper-based documents and records, allowing access from home and office locations,” says Andrew Cowling, channel marketing manager, PFU (EMEA) Ltd, a Ricoh Company. “However, using scanners can open businesses to security vulnerabilities and significant cyber risks, particularly if confidential documents are scanned.
“Document scanners, like any networked device, are susceptible to cyberattacks. Their potential network connection, plus the fact they often run on embedded operating systems, which may have known vulnerabilities if not regularly patched and updated. Older or less sophisticated scanners may also lack essential security features like encryption, access control and intrusion detection.
“Home networks in particular may be more vulnerable to compromise, and users may be less aware of security best practices, increasing the risk of malware infections and unauthorised access.”
Differing threats
As Mark Davies, Northern Cluster Sales Manager at Kodak Alaris, notes, the threat can differ depending on whether it is a standalone scanner or is part of a multi-function printer (MFP).
“Security features are among the many differences between the scanners on MFPs and standalone document scanners,” he explains. “Most document scanners contain both nonvolatile storage and volatile memory. Nonvolatile memory stores program data, scanner settings, and calibration data, while the data from scanned documents is stored in volatile memory.
“The scanners that are built into many MFPs often retain scanned image data, which can introduce serious information security risk.
“Scanners from Kodak Alaris do not store any document data. Instead, the data is stored in volatile memory and is deleted as soon as it’s delivered to its destination or when the device is switched off. It’s also important to ensure that the computer you connect a scanner to conforms to the organisation’s information security policies.”
Risk awareness
With the number, type and complexity of cyberattacks constantly growing, businesses are now generally much more aware of potential risks, although scanners can still be overlooked. “Many businesses are unaware of the security risks associated with document scanners,” says Andrew Cowling. “They often focus on securing traditional endpoints like computers and servers, neglecting peripheral devices like scanners.”
Mark adds that scanner security is crucial. “In the constantly evolving fight against cyberattacks, IT peripherals such as printers and scanners are key elements of businesses risk management policies,” he says. “This risk has contributed to an increase in the outsourcing of printing and scanning processes.”
Tony Moor, senior director of Silicon Lab Services for IOActive, adds: “In general PCs, servers and networking hardware would naturally be prioritised above more ‘passive’ hardware like printers and scanners,” he says.
“However, that does not mean that there are not serious risks posed by any device that is connected to a home or office network. The attack surface of hardware can also be increased when the device uses consumables such as printer ink and toner, which are in turn composed of electronic hardware capable of harbouring threats.”
Secure solutions
With increasing threats out there, solutions must be put in place, and there are various ones that resellers can recommend to customers.
“There are several measures that businesses can take to secure document scanners, including implementing a firewall to control network traffic to and from scanners, regularly update scanner firmware and software to patch vulnerabilities,” says Andrew.
“PaperStream software included with Ricoh scanners offers some robust features to help mitigate security risks, such as access authentication, ensuring jobs can only be accessed by those with the right profiles, and scans can only be sent to authorised locations. Data encryption helps to prevent data leakage and enhance security.”
Mark agrees that document scanners are an important part of a secure corporate network. “Minimally every scanner should secure the network data path from the scanner into an enterprise system via TLS encryption,” he says. “In addition to encrypting the data path, scanners from Kodak Alaris also use a secure boot process that validates ‘trusted’ firmware before executing; this process eliminates a potential security vector to help protect critical business information.”
Reseller conversations
When talking to customers about scanner security, there are various things that resellers should be mentioning.
“Resellers can play a crucial role in educating customers about scanner security by offering services such as risk assessment to help customers assess their specific security risks,” says Andrew. “They can also educate customers about the security features of different scanners and explain the importance of keeping software and firmware up to date.”
Mark notes that it’s important to convey differentiating security features. “Network security depends on several factors that are independent of the devices on a network; resellers should focus on the device’s built-in security features that contribute to a secure environment, such as TLS encryption and a secure boot process,” he says.
Continuing threat
All commentators believe that the threats to document scanners will continue to grow in the coming months and years.
“Cybersecurity risks are likely to grow in the coming months and years due to increasingly sophisticated attack techniques, including ransomware and convincing telephone or email scammers,” says Andrew. “Businesses and resellers must be proactive to help mitigate these evolving threats.”
Mark notes that cyberthreats are always evolving. “But most of the effort by black hats is centered around social engineering, because it’s easier to hack people than it is to hack secure code,” he says.
Tony adds that they will continue to be a target for attackers if they are not secured properly. “Highly confidential scanned or printed documents could be recovered from scanners/printers,” he says. “Malware can potentially be loaded onto cloned or non-genuine consumables such as printer ink and toner. 3-in-1 printers, scanners and copiers especially are relatively low value items and are replaced regularly in homes and small business environments, so steps need to be taken to limit the attack surface for nefarious actors.”
