Smart print devices present a window of opportunity for hackers, warns Annodata

Send to friend

As printers become more involved in organisations' networks, and begin to take on increasingly complex functions, new areas of vulnerability have appeared which threaten the stability of the entire network. Given the mounting threats organisations face, IT departments must address the possibility of internal and external breaches to their infrastructure or face costly repercussions, says Annodata.

The latest figures from the Department for Business Innovation and Skills (BIS) show that data breaches have reached near-epidemic proportions: 93 per cent of large organisations experienced a security breach last year, closely followed by small businesses, of which 87 per cent experienced a security breach. According to the report, a significant proportion of these attacks are opportunistic and target areas where the IT department fails to focus its attention.

Responding to the figures, Grant Howard, Professional Services Technical Manager at Annodata, said that although many businesses invest a significant amount of time and resources to secure their devices and their data, too often they neglect the security posture of their network and internet-enabled printers.

Grant said: "Printers used to be devices that just sat in the corner of the office churning out documents, but that's just not the case today. The technology has advanced to such a point that they are fully integrated with the IT estate and the network, capable of performing a range of new functions, with the ability to print from mobile devices, and to scan to email, network drives, and scan to web-hosted applications. This new functionality has had a big impact on day-to-day business operations, but it has also created new risks to data security that many organisations remain unaware of. Like any other networked device, multi-functional devices (MFDs) pose an opportunity for hackers, should they choose to take it.

"Many hackers will be able to access the entire network through tracking the metadata of printed documents, or by hacking the passcode of the MFP. Whether these breaches are caused by an attack from an unauthorised outsider, or internal factors, such as human error, systems must be put in place to resist disruption to the network," Grant continued.

"While IT departments are very careful when it comes to the protecting breaches to devices, user accounts and other areas viewed as traditionally vulnerable, as a device integral to the whole network, the MFD should now be treated with similar levels of caution. By introducing measures such as secure release printing, organisations can effectively guard against internal threats, while bolstering firewalls, turning off unwanted protocols and ensuring each device has an appropriate passcode can help protect against threats from outsiders.

"Just as burglars have the tools to break into someone's house, hackers may be able get round protocol and exploit network insecurity if they are determined enough. But to leave the front door open is asking for trouble, and not equipping your print device puts across the same message. So working with a print provider that has experience in designing and implementing secure print solutions and knows where the major vulnerabilities lie is critical," Grant concluded.

Comments (1)

  1. Pete Laplanche:
    Jul 30, 2015 at 04:54 PM

    Annodata is echoing an issue that we, as experienced providers of managed print services of back office printers have been saying for some time. About a year ago, we launched Reg. a remote engineer service to enable warehouse operators to minimise downtime of their mobile print devices. One real added benefit of Reg. is that it allows us to ensure printers are ‘locked down’ so that the clients’network security is not compromised. As part of the service Reg. can be preconfigured so that the printers can be set up locally by people with little or no IT experience, safe in the knowledge that any settings that could potentially cause security problems have been disabled. It’s worth noting here that the vast majority of IoT enabled printer repairs are done on a return to base (RTB) solution unlike Reg. and when they’re returned to the client the machines have most likely been reset to factory defaults, and if the original default is to switch on the capability to which Grant Howard refers then unless the user specifically turns it off again, the client is re-introducing risk into the network.

    Reg. is proving a great service to help folk on the ground stay operational, which, in turn saves them money and reduces their stock of pool printers, but additionally it reduces their risk of being hacked.

Add a Comment

This thread has been closed from taking new comments.