When most companies contemplate a cybersecurity attack, their thoughts immediately go to the obvious network hack or email virus. The one item that rarely crosses their mind is their office copier. Unprotected copiers and printers provide some of the easiest ways for hackers to access your business data. As part of Cybersecurity Awareness Month, here are eight critical security features your copier should have to protect your business.
Why does my copier need security?
A copier on your network presents a variety of data security vulnerabilities. Once your copier is connected to your network, it becomes an endpoint. Endpoints provide an entry point for hackers to get into your business. Once a hacker enters your network, they can easily travel to other places on the network.
Copiers and printers also store the documents you print, fax, scan and copy onto their hard drives. If someone gains access to that hard drive, they can now access any documents stored on it. In an area like HR or accounting, this data could include personally identifiable information (PII) such as social security numbers, credit card numbers and more. In the wrong hands, this information could wreak havoc on employees' and customers' lives.
Finally, people print documents and forget to get them from the device output trays. Imagine your HR or accounting departments again printing out sensitive information and leaving them open for anyone to see. Sensitive data could be left lying out for anyone to view or worse, steal.
With all of these vulnerabilities, how can I protect my print devices?
While today's copiers and printers are more connected than ever, many are equipped with security features that provide protection from prying eyes. Let's look at some of these features and how they safeguard your business data.
- Data Encryption. As stated earlier, most copiers and printers have hard drives. Any time you scan, copy, print or fax from your device is saved on that hard drive. Business data is constantly in motion to and from your devices through normal operations like printing and faxing.
Through data encryption, your device encodes the data it sends and receives so that it stays unreadable by unauthorized users. - Firmware Attack Prevention and Self-Recovery. Basic firmware is used to operate the copier when a device is connected to a network. Hackers target firmware to gain access to the device. If a hacker were to gain access to your network, IT professionals would notice anomalies that would show when the intrusion occurred. With this firmware attack prevention and self-recovery system, the copier detects the intrusion and resets the device to its original state.
- Secure all communication ports. Because copiers are connected devices with fax functionality, they contain communication ports. If you aren't using a communication port, disable it. An unattended port is an open gate for a hacker.
- Application whitelisting. Connecting your copier to your network allows applications to be downloaded onto the device. With application whitelisting, only authorized applications and files can access the device. This prevents malicious software from causing issues with your copier.
- Pull printing. We talked before about employees leaving sensitive info in print jobs lying in the output tray of the copier. To avoid this practice, pull printing should be implemented. Pull printing requires users to scan a badge or enter a pin code to authenticate before a document can be released.
Pull printing cuts down on unwanted printing by around 30%. This not only provides a security benefit but a cost-savings benefit as well. - Audit log. The audit log becomes your best friend if you have issues with your printer or copier. By looking through the audit log, you can track and monitor usage and search for anomalies that may have caused your problem.
- End-of-Life Plan. No business keeps a copier forever. When it comes time to get rid of a device, it is essential to have an end-of-life plan in place. This plan will outline what needs to happen to erase any remaining content still in the device's memory and on the hard drive. Many businesses have discarded old printers and copiers with tons of company data on the hard drive. This can lead to massive data breaches. Make sure you have this plan in place.
- Implement Company Security Policies. Your IT department or managed IT provider has policies for your employees, such as multifactor authentication and password rules. You can implement company security policies with your copier, such as deploying scheduled administrator passwords.
Copiers and printers are hardly the first places IT departments look for security policies. But having a security plan for your print fleet is critical to your business's data protection. The proper equipment with the most helpful security features will help make this process easier.
Are you unsure if your copier is secure? Reach out to Fraser today for a Managed Print Security Assessment (MPSA). Our MPSA will examine your print fleet to find security vulnerabilities that may put your business at risk.
If your business is looking for a new device to provide upgraded security, Sharp has a brand-new suite of color copiers with all of the features discussed in this post. Contact us today to learn more.
Fraser Advanced Information Systems is pleased to be a Cybersecurity Champion for the National Cybersecurity Alliance's Cybersecurity Awareness Month.
You can download Sharp's IDC Analyst Connection Security White Paper to learn about copier and printer security and how to create a copier security plan.