The unusual suspect: How to ensure your printer isn’t a hidden threat
From firmware updates to the latest cybersecurity training, we outlined the ways to keep your printer – and your business – secure.
Over recent years, the topic of cybersecurity has gained momentum. The vulnerabilities of hybrid and remote work have unfortunately paved the way for increasingly sophisticated cyberattacks. According to our research, 37% of European small and medium-sized enterprises (SMEs) are more worried about IT security breaches than they were 12 months ago.
Despite the focus on the virtual world, there’s a very real risk lurking in the physical sphere that many are overlooking. In fact, it’s a long-standing, staple feature of the traditional office space: the printer.
One-fifth (19%) of European SMEs we surveyed have been impacted by a printer security breach – but currently, only 5% of them are most worried about this particular threat, and a third have no IT security measures in place (that cover printers) whatsoever. This issue is only exacerbated by workforces now using home printers or scanners when working remotely, increasing the range of potential access points.
The truth is, any connected device can potentially pose a threat – and printers are no exception.
An overlooked threat
Your trusty printer-scanner may look innocent enough. Yet printers – much like PCs or laptops – have a hard drive, CPU and memory, which can be an entry point for bad actors to access your network. To make matters worse, they are rarely turned off – meaning that they can potentially be used to access your network, 24/7.
And the most convenient features of modern printers are also the biggest ‘risk factors’: for example, Wi-Fi connectivity, cloud storage, and mobile printing capabilities. Crucially, unsecured connections, cloud service connectivity, and outdated software can all create vulnerabilities and provide opportunities for attack.
Many larger, business-wide attacks start at the printer: whether through malware, or ‘man-in-the-middle’ (MitM) attacks. Printers can potentially contain significant amounts of sensitive data. Hackers are now using these vulnerabilities as an entryway, stealing files or documentation that can compromise intellectual property.
Crucially, many IT professionals aren’t taking the necessary steps to suitably protect the business from threats. In fact, less than a quarter of firms in Europe cover scanners and printers as part of IT Security training.
What can you do to stay protected?
Thankfully, there are multiple steps you can take to secure your printers and increase your business's cybersecurity resilience:
Firstly, just like you update your smartphone, your printer’s firmware could easily need an upgrade. Older printer models, or models chosen by employees for their home offices, may not be compatible with the latest security technology. Some updates can even fix security issues.
For the majority of devices – certainly older models – users are often not able to update the firmware without the help of a service technician. For office-based models, it’s worth checking in with your supplier to ensure you have the latest firmware installed.
It may be tempting to opt for a run-of-the-mill model, but it’s worth spending the most you can afford to ensure watertight security features.
Invest in a printer that has all the necessary security protocols to help ensure your business complies with GDPR . By doing the research and treating your printer like all other endpoint devices – such as tablets or laptops – you put yourself in the best position to reduce risk.
Printers and MFPs have come a long way in terms of capabilities – but that doesn’t mean you’ll need to use every single feature.
Disable unnecessary features, such as Bluetooth and USB drive printing, if they’re not needed for your business. Removing these applications or this functionality means there are fewer ways for someone to hack your printer and therefore access your sensitive data.
Make use of security services and prioritise education
Your printer might be an overlooked threat but your systems and employees don't have to be:
Ensuring your printer is secure 24/7 doesn’t have to get in the way of business productivity. Print security services can manage, identify threats, monitor and mitigate suspicious activity, and support and remedy low-level or severe threats.
Not every member of staff will understand the threat a printer can pose. Extend your staff security training to include printing policies – particularly for younger staff who may not be as experienced. In fact, make sure to include this information in your new employee handbook.
It’s worth outlining guidance around specific practices, such as how often staff should update passwords, making sure not to leave confidential documents in the output tray or scanner, and not using a USB device that you don't trust.
Taking positive steps towards a more secure future
It’s time to stop overlooking printers. To successfully reduce this insidious threat, IT leaders should look to prioritise security measures and focus on strengthening cybersecurity resilience.
To give you a helping hand, Sharp offers a comprehensive family of tailored security services and solutions, providing SMEs comfort in knowing their business is protected around –the clock.
What’s more, our Complete Print Security service offers a fully managed subscription that gives you peace of mind 365 days of the year by proactively monitoring your print environment. It’s print security made simple.
Find out more about how our Security services and solutions can support your business.