Can printers be a security solution or are they a point of vulnerability?

Can printers be a security solution or are they a point of vulnerability?

David Barnes, Head of Regional Printing Product Management and Business Development, EMEA, Zebra Technologies, says it is vital organisations implement printers that can support staff to maintain the most up-to-date security protocols, making it easy to remotely manage, troubleshoot and configure fleets of printers from a single location.

In today’s digital age, everything from coffee makers to cars are now vulnerable to hacks. It may be surprising how a printer – with a main output of sensitive data – could be seen as a security solution, rather than being simply a device protected against security threats.

A recent global printing study from Smithers found that printing volumes for businesses are forecast to run 49.5 trillion sheets between 2019 and 2024. These businesses include hospitals, factories, grocery stores and warehouses where people are coming and going all the time.

It’s not unusual for workplaces such as these to have papers lying around to be easily seen, such as inventory and pricing lists, personnel or sensitive customer and patient information.

It’s easy to imagine that you might print something that contains sensitive data on a printer accessible to everyone in the office and then it might take a few minutes to retrieve those papers. Perhaps a colleague stops you for a chat on the way to the printer. Or you might want to submit multiple print jobs at once, meaning you are still sitting at a desk initiating those requests while the papers – full of sensitive data – are sitting in the printer tray.

Anyone within the building could walk up and take those pages off the printer. Assuming the papers were picked up by accident, most people might not put them back or try to track down the owner and might potentially discard them in an open trash bin without giving any attention to their sensitive nature.

It is hard to predict, much less completely control, how people are going to handle printed sources of sensitive information, whether it is a piece of paper, an ID or credit card, a RFID label or a patient ID wristband. Even if you implement strict policies governing workers’ retrieval and handling of printed assets, it’s unfair to assume that those processes will be followed with 100% precision every day.

After all, isn’t that why we were so eager to digitalise everything, to try gaining better control over data access and security? On the other hand, we shouldn’t ditch printers and revert to simply handwriting everything.

Printers: A security risk or asset?

In today’s world, printers don’t just print paper. They also print the RFID tags that are used to track valuable assets as they move across each supply chain touchpoint. They print the barcoded labels that are critical to inventory management and loss prevention – and the shipping labels that improve accountability and traceability as packages speed from a warehouse shelf to your front door. They print access cards, ID cards, credit cards and many other valuables that we need.

Organisations are prone to countless points of vulnerability every day. All businesses should make a concerted effort to identify the threats and take measured steps to mitigate them. More often than not, the focus is on the cybersecurity climate. Businesses must learn from the past and carefully assess current threats to anticipate and protect against new tactics that someone might use to breach a network broadly.

With an increasing number and severity of data breaches, businesses should not have to worry about security when adding a new device or printer to their networks. Whether in a wired or wireless fashion, every device they connect should have mechanisms built in to help prevent, detect and fortify against cyberattacks such as a data breach or denial of service.

Printers are no exception. Since they are capable of transmitting sensitive data across a network that, if not secure, could be accessible to unauthorised parties, printers could be a cyber-target. That is why it is so critical to assign security controls to printers specifically.

Implementing the right software

There are printers out there that have several new features that make it easier for customers to configure their printers to use secure connections, block unwanted access and ensure that data and infrastructure are protected.

Zebra security assessment tools and features such as protected setting modes are now available to ensure that only authenticated changes can be made, allowing users to block unintended printer software updates.

Security for printers is becoming so prevalent that it is vital organisations implement printers that can support the staff to maintain the most up-to-date security protocols, making it easy to remotely manage, troubleshoot and configure fleets of printers from a single location.

For any business looking to implement new printers in the workplace, it’s important to make sure that any printer you select, especially one that claims to be a secure printing solution, was developed in alignment with the guidelines and best practices established by globally recognised security organisations, including ISO and the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

You should also refer to the printer administration guide frequently. Most look at it during the printer configuration process but will never look at it again. However, it can be an invaluable resource for understanding and applying the proper security-related settings on the printer as well as best practices for printer security. It’s really up to organisations – or their IT administrator to install certain cybersecurity tools and ensure those tools are being fully utilised.

The cybersecurity climate is unstable. New threats are emerging every day and you have to adjust for those just as you would adjust your other network settings on occasion.

Click below to share this article

Browse our latest issue

Intelligent CIO Middle East

View Magazine Archive