Maksim Kabakou - Fotolia
Security Think Tank: Steps to a coherent print security strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account?
A few years ago when trying to fix a problem with my home multi-function printer (MFP), I Googled the build ID on the configuration page. I was slightly surprised when I only got one clear hit, but then more surprised when I clicked on it and found myself looking at the configuration pages for a printer somewhere on the other side of the internet. However, it is not that difficult to find unsecure printers on open Wi-Fi networks by simply using a mobile phone app.
Printers often sit disregarded in the corner of the office, but are of course computing devices, with storage and a network connection like any other endpoint, and MFPs may also have a modem connected to the phone system to support fax capabilities. They therefore need to be protected as much as any user terminal, server or network-connected device and there have been many examples of printers being exploited in cyber attacks over the internet.
There are also physical risks such as sensitive print-outs being left on the printer, re-printing of other users print jobs stored on the device, or maintenance personnel who may have access to plant malware on a printer or change a hard disk by taking away the old one with recoverable print jobs from the previous weeks or months. Printing and printers consequently need to be addressed in any security strategy.
The advent of pull printing in larger organisations can bring security benefits as well as convenience if implemented well. First, it means that users need to authenticate to the printer before receiving a print-out, very much reducing the risks of print-outs which contain sensitive personal or business sensitive information, or being left on the printer.
Using a print server rather than printing directly from a user host to the printer also means that the printer and hosts can be placed on separate sub-nets as part of a zoning strategy, making it more difficult for an attacker with a foothold on a printer to move to a user host without being detected, and vice-versa.
Also, internet connectivity to the printer should be blocked – except where necessary for software updates and so on – so that any malware on the printer cannot be directly controlled by an attacker. For smaller organisations, this may seem like a lot of additional hardware, but such zoning can often be achieved using VLANs and a containerised print server on an existing platform.
Other things to consider with MFPs are emails and fax. In the case of scan and send emails, ideally printers should be configured to only send emails to the logged-on user doing the scanning. This can prevent accidentally sending sensitive documents to the wrong email address, as well as bring files within the data loss prevention regime on user’s workstations.
Many companies still use fax as a means of communication, particularly in the health and legal sectors, with one reason being that they can provide proof of receipt. However, using a network-connected device which also has a built in modem and phone line can provide a back door into the network.
Moreover, one of the most common breaches with faxes is unguarded documents left on the fax after transmission or receipt. Where only a few people need access to a fax, a cloud-based fax service may be an alternative, dispensing with the paper.
In summary, any printing security strategy needs to address the digital risk posed by a printer as an unmonitored network endpoint as part of a zoning strategy to create a hostile environment for the attacker, along with exploiting the access control benefits that come with pull print solutions.
On the physical security side, moves to minimise paper documents and – in particular – unattended paper documents such as pull print and cloud-based fax can improve both productivity and security.