5 Things to Do Today to Protect Your Printers, Copiers, Network and Data
Wed May 03, 2017 | Lasers Resource
Hackers are bolder than ever these days. Even Netflix shows aren’t safe from their evil, money demanding clutches. The worst part is, they don’t just get into your system in the classic ways, email and image attachments; now they attack you through things that used to be safe like your HVAC and POS systems. Well, believe it or not, your printers and copiers are a BIG target for these attackers. Make sure to protect your system from image device-related hacks with these 5 tips.
1. Securing Ports
Norse gives users real-time visibility into global cyber-attacks – a pretty sweet service, and a pretty scary service. Norse lets you see where attacks are coming from on a heat map of the world, along with tables that give more information. If you look at the borrowed table labeled “attack types”, the highest quantity of attacks hit Telnet (port 23) and HTTP (port 80 - although I would recomend moving this to the SSL/TLS port), both of which are unsecure on your printers and copiers, just sitting there waiting for information to come in. I want to also state the FTP (port 20/21) also makes regular guest appearances on this list.
Think that your printers and copiers aren’t a threat to your data? There are countless examples and articles out there, like this one from irongeek.com
Ransomware is also evolving, learning and becoming more of a threat. For example, an infected coupon gets sent to a member of your custodial staff; nothing happens because the ransomware see that this user does not have full permissions to all the data. One day, the custodian is having trouble with their printer, contacts IT which IPs into the device; however, the ransomware has established a “man-in-the-middle” protocol, emulating the embedded web server. Now IT, with all their permissions and data, is infected. Certificates on your printers and copiers can help to prevent this.
What’s worse is that the ransomware doesn’t phone home instantly anymore because it knows how antiviruses detect. It can lock down all your data, and then try to send the authentication code to the hacker, but if your antivirus software blocks that code from being sent, your data is now lost forever.
The best way to protect these port invasions are to shut them down and close them off when not in use.
2. Destroy Old Hard Drives
Did you know that most copiers have hard drives in them (and a lot of printers, too)? These hard drives store your print jobs and other information that runs through the device. This can be a big deal when you get rid of the device.
For example, patient information is held on these hard drives that can later be read by whomever stumbles across it. Imagine the HIPAA trouble you’d be in if years’ worth of patient charts and information suddenly emerged just because of a garbage copier - shudder worthy!
A little less threatening but still a concern is if you upgrade a copier and don’t destroy the hard drive. Say your competitor acquires the copier and suddenly has all your contacts’ emails and all the invoices, telling every detail about your deals together.
Corporate memos about a secret merger or other high end discussions get leaked and other forms of corporate sabotage… you get the idea. This can be bad news and is an easy fix – remove and destroy the hard drive when you get rid of a device.
3. Lock Down Your Printers and Copiers
This tip is more for internal security and sometimes it’s necessary. Locking down your devices can have a big impact on security and reporting/auditing. Having your users authenticate when they use a device means you have a report on everything they are printing or sending through email or other means. Big brother-ish, I know, but this also means that you can see all the resume.docx that are printed and by whom, get some good chicken recipes, and know if anyone is sending anything to anyone they aren’t supposed to. An easy solution to implement as well.
This can also eliminate poor office pranks. Hear of the one where a user went to a copier, sent an email to his friend from the president’s email address saying, “You’re fired”? Didn’t go over well for the friendship or his employment. Make sure that people are who they say they are and are doing what they’re supposed to be doing with user authentication.
It is also important to lock down your embedded web servers (“Securing Ports” section above), not only locking down entry into the server, but also the rights to the NIC settings.
4. Buy Hardware with Advanced Security
Some of the printer and copier manufactures are taking security very seriously. They are building their devices with protection built-in.
HP has come on strong with their built-in security. They have features that check the BIOS, implemented whitelisting, have run-time intrusion detection, and code that checks the integrity of the firmware. Along with some extra security software, HP boasts that they have the world’s more secure printers and copiers.
Xerox has partnered with Cisco and McAfee to give your devices the same level of protection as your computers and servers. Together, the three companies make an impressive security shield against attacks.
5. Implement Security Solutions
There are incredible security solutions that you can use to protect your imaging devices. There are some that monitor your fleet and allow you to make policy changes to every device from a single dashboard, some that eliminate the need for print servers and give you pull printing capabilities.
We would love to talk more with you about all the security solutions that are available. If you’re interested, please contact us to learn more.
Interested in the security topic? Of course, you are! Download our print and network security eBook below.
Subscribe to Our Blog
Enter your email address to subscribe to this blog and receive notifications of new posts by email.