Blog Posts

Best Practices for Printer Security

Best Practices for Printer Security

There’s one overlooked device that can result in a security or privacy breach: the printer. 

Printers aren’t always considered in a company’s cybersecurity strategy, despite their presence in every office (and often home offices for all of us who are working remotely). Yet, all manner of sensitive information passes across them every day. That creates a weak point in your cybersecurity strategy.

If you want to know how to secure the printers on your network, and keep them from being hacked or the entry point for a virus, this post is for you. Read on to learn about protecting your printers to protect your devices and data.

Printers: The Overlooked Backdoor to Your Network

Did you think about how your printer is effectively a computer? Most people don’t – except hackers. You might be skeptical about fancy new IoT devices, but printers are a ubiquitous internet-connected device. Modern digital printers contain firmware, processors, hard drives, and an internet connection. That’s everything they need to become a security risk in your organization.

In 2017, a teen hacker wrote a program that hit 150,000 internet-connected printers around the world, including restaurant point-of-sale receipt printers. That same year, printers at several universities, including Stanford, Vanderbilt, and the University of California Berkeley were targeted in a similar exploit.

We often overlook printers as a potential entry to our networks because we don’t interact with them directly. Instead, our computers do when we hit “print” at our workstations. In most cases, users don’t think twice about printing invoices, proprietary product designs, customer data, or other sensitive materials.

However, what many don’t realize is that network connection between our printer and computer runs both ways. In addition to malware that can steal jobs that pass through the printer, hackers also frequently use printers for lateral attacks. In other words, they hack the printer to access your computer, because it’s less likely to have as robust defenses as your computer does. 

5 Best Practices to Avoid Printer Security Breach

Printers can unwittingly introduce a weakness into your business security strategy. In coworking spaces, where you might be using shared printers, you’ll want to check that printers have security measures like unique passcode and holding printed items until a user is physically present to pick them up. Eliminate this vulnerability with best practices for printer security. We recommend that you:

1. Deploy Stricter User Access Controls

Not every employee needs access to printers. Likewise, printers don’t need access to the network 24/7. You can adjust both employee permissions and printing preferences to limit exposure. You can also set your printer to shut down during off-hours, reducing the amount of time it is online.

2. Keep Your Printer’s Software Updated

Printers often have firmware that helps them function, but they might also have an antivirus or malware software built into them as well. Consult your device’s manual to get a sense of what your printer possesses and what needs upkeep. You also want to know if your printer has security patches or regular updates that should get installed, since outdated software is often a top cause leading to data breaches.

Just last year, security researchers at the Def Con security conference demonstrated how they could brick printers, hijack them, and exploit other vulnerabilities to gain network access. A number of the printer companies they contacted ahead of the Def Con demonstration issued security patches to address the vulnerabilities identified and issued security advisories (though some printer manufacturers did not).

3. Don’t Allow the Printer to Store Its Print History

Many printers like MFPs come helpfully equipped with settings that allow users to store print histories or other sensitive information. While that improves speed and performance, it also makes it easy for hackers to swipe if they access the printer.

4. Require User Passcodes for Shared Printers

In an office setting, you will need to think about physical security too. You don’t want someone to print sensitive documents from across the office, which they forget about or the wrong person grabs from the printer. Printers that hold documents and require users to enter unique passcodes to “release” their documents to the printer can help prevent sensitive documents from getting forgotten, taken by the wrong user, or thrown out.

5. Use Printer Tracking and Monitoring

Print tracking software lets you monitor all of the printing activity that occurs in your organization. By seeing who is printing what, when, and where, you’ll be able to better monitor the movement of sensitive information in your organization and spot suspicious activity before it has the chance to harm your business.

Start a Security Program that

If you need security compliance with HIPAA or other regulations, preparing for a SOC 2 audit, or proving your information security program to enterprise customers, printer security is a topic you can get covered in your policies and procedures. It feels like there are a thousand details that go into building the security infrastructure to keep your company safe, which is why we built an easy-to-use platform for information security management.

Let’s get your printers secured so you can keep up with industry compliance expectations and enjoy the peace of mind created by having a mature information security program.


Share