Printers are easily overlooked when thinking about the cyber security of your business. People commonly think of them as simple workhorses that sit in the corner taking up (far too much) space, drinking ink and occasionally spitting out the document requested some time ago. Usually distorted, with splotches of ink on. Printers are unloved.
However, many printers these days are complex, with embedded computing capabilities, that can store the documents that are waiting to be printed, as well as those that have already been printed. Think about the kinds of information that you send to your printer queue and think again about security.
Does your printer also make copies and scan documents? Is it connected via your office network to the internet?
Printers can be a weak point in a network, because they are typically available to many workstations, and rarely have antivirus protection or threat detection capability. Once an attacker has gained access to a network-connected printer, they can intercept files sent for printing, or find other insecure devices on that network. Compromised printers can also be used in a distributed denial of service attack, and a vulnerability was discovered last year in Microsoft’s print spooler (now patched), potentially providing attackers to execute code remotely.
10 tips for limiting the risk of an attack via your printer
- Remember to consider your printers in your security planning.
- This may seem obvious, but don’t leave printouts in the tray – do provide shredders for unwanted/unsuccessful printouts.
- Update the printer software and firmware alongside all other updates and patches.
- Change the default admin name and password on your printer.
- Configure your network settings so that the printer only answers commands that come via the network router, and not from the internet.
- Consider limiting access to the printer, perhaps by specifying particular devices (by IP address) permitted to connect to the printer using secure connections.
- Secure your printing ports—review the printer manual to find out which port it uses, and your router’s user manual to find out how to disable unnecessary ports.
- Turn off your printer when you’re not using it.
- Consider requiring a PIN before printing (if your printer has that option) to prevent unauthorised access.
- Make sure your firewall is on.
Need some help? Contact us or call the Click and Protect team on 0113 733 6230