One of the most commonly overlooked resources in a network is printers. They may seem harmless and uninteresting to hackers, but printers are indeed a risk in an enterprise environment. So is my printer really a security risk?
Printers aren’t normally monitored in the same way as a critical server, router or desktop. Companies don’t usually place any security cameras on the printer, and no one thinks twice when someone removes a document from it. This leaves printers open to document theft. Theft could be done by a disgruntled employee planning to resign or a social engineering hacker who was able to gain access to the premises.
One way to stop document theft is to place printers in an open area where other employees can see who is accessing the printer’s documents. You can also place cameras on printers, but these devices are usually for finding a root cause after theft occurs rather than being a preventative measure. You can place cameras in obvious areas of a printer room to deter thieves. If they see the camera, they might be less inclined to steal documents from the device.
Most high-end printers have memory where documents are stored and then printed when the user is ready. Users can also print documents to memory and have them faxed. A hardcopy is never actually printed, but this makes the printer vulnerable to hackers who can gain access to printer memory.
Printer memory should be treated just like you treat security on a regular desktop. Password protect printer copies stored in memory. Some printers allow you to password protect configuration changes or access to any part of the control panel. This helps prevents hackers from redirecting printer memory content to another location such as the hacker’s hard drive or web server.
Eavesdropping on Printer Communication
Printer traffic is just as vulnerable to eavesdropping as regular network traffic. If it’s not encrypted network communication, a hacker can intercept it and read the document content. The hacker doesn’t need the full image of the document. He just needs the text contained within the file. If the hacker can obtain even a small portion of a sensitive document, he’s successfully breached your data security.
Eavesdropping can happen from the internal network or when a user connects to an insecure Wi-Fi hotspot. Always encrypt traffic that communicates across the Internet. internal network protection is a little more complicated, because it’s assumed that employees aren’t attempting to breach security. However, disgruntled employees are a prominent threat in the workplace. Encryption within the organization and using a switched network environment helps prevent internal eavesdropping.
One social engineering technique in the hacking world is a method called dumpster diving. You can probably guess what this means. The hacker digs through your trash to find sensitive documentation. While this isn’t a direct printer hack, it can be successful due to poor printer security.
When a user prints a document and isn’t satisfied with the result, he puts it in a trash can next to the device. The document isn’t shredded, because it’s not a full document printout or it wasn’t a quality print job. This means that readable information is still contained on the document and thrown away.
Even if the print job isn’t a full document, small snippets of information can be taken from it. Dumpster divers steal bags of paperwork, take them home, and sort through all of your trash. If the right information is found, the hacker can sell the data to your competitors or the black market.
Some hackers will actually ask for blackmail money in exchange for keeping the blunder a secret. For instance, suppose you run a HIPAA compliant healthcare facility. A user throws away paperwork that contains patient information and health records. The hacker knows that this is a huge HIPAA violation and asks you for a ransom to keep the mistake a secret.
The answer to this security issue is to place a shredder next to a printer and ask users to shred any documents that contain sensitive information.
How to Combat This Problem: Secure Your Printers
While you can’t completely ensure your printed documents are safe, you can take the necessary steps to improve security. Keep printers in open areas of the office or place a visible camera next to them to deter dishonest employees.
Don’t assume printer traffic isn’t important. Encrypt any communication across the network even printer data. Finally, keep a shredder next to printers and ask employees to shred documents if they decide to throw them away.
Need someone you can trust in Dallas and Fort Worth to secure not only your printers — but ALL devices used in your business? Look no further. Contact Kinetic Technology Group at (214) 269-1200 or email firstname.lastname@example.org and our IT Security experts will ironclad your network right away!