The forgotten security threat in every organisation

Print security can be overlooked as a major threat to public sector organisations, so here are the five security protections every printer needs

Like a chain as strong as its weakest link, ensuring IT security across the infrastructure of an organisation involves knowing the fault lines and making them secure.

The traditional focus within many organisations has been on PCs and laptops, the network, and mobile devices and remote connectivity. However, a survey by research house Quocirca found that 61% of organisations reported at least a single print-related data breach in the past year[1].

Despite the prominence of the threat, the same survey found that 43% of companies ignore printers in their endpoint security practices. Further Quocirca research found that when it comes to the public sector, 37% organisations view a data breach through insecure printing practices as only a moderate concern, slight concern or no concern at all[2].

The presents an unsettling combination of high risks but lower acceptance of these threats. For resellers, this suggests they have to educate some public sector end-users, but opportunities are there to gain new business once the threats are fully understood.
The threat

Today’s printers are sophisticated devices with advanced connectivity, their own software and the capacity to store large volumes of data. This is what makes the threat from print security so conspicuous.

If sufficient security measures are not in place, it can result in organisations falling victim to cybercrime, internal breaches and compliance infringements. This can lead to expensive fines and lawsuits, damaged reputation and loss of revenue.

In Europe, the penalties for a data breach are even higher since the General Data Protection Regulation (GDPR) came into force last year, with companies that handle EU citizens’ data having new obligations, and regulators authorised to issue penalties equal to €10m or 2% of a business’s global gross revenue.

Due to the growing sophistication and perseverance of cybercriminals, network firewalls are proving to be insufficient security measures. Organisations need to fortify their endpoints behind the firewall, including network printers.
Case study

In March 2016, a hacker targeted 29,000 printers in several college campuses across the US to remotely print multiple copies of flyers featuring nationalist propaganda.

Students and staff at universities reported finding the offensive flyers in the output trays of their printers and fax machines. The hacker used just a single line of code to scan the internet for unprotected printers that were connected to the web.

The hacker identified more than a million such printers – many of which were on university campuses, which tend to have large public internet networks – and estimates that he forced “tens or hundreds of thousands” of them to print his flyers.


Five security protections every printer needs

One vendor has become synonymous with high-quality print security – HP. According to IDC’s MarketScape vendor analysis, HP is positioned as a market leader and are described as “the de facto industry standard for printing, managed print, workflow, and security”[3]. HP JetAdvantage Security Manager – a streamlined, policy-based approach to securing HP printing and imaging devices – does the hard work of securing a print fleet. Here’s how HP’s offerings provide the protections every printer needs.

Layering defences
Public sector organisations need to build layers of defence from the inside out, based on overall security best practices. HP Secure MPS assists organisations to deploy a customised strategy to secure data and documents, monitor for threats, and maintain print security over time. This process will start by securing printers, then building out to monitoring for threats, access control, custom requirements and overall network security.

Boot-up security

Through HP Sure Start, HP boot up code is a set of boot instructions used to load fundamental hardware components and initiate firmware. Secure boot works behind the scenes when a printer powers on – helping to safeguard it from attacks. Secure boot validates the integrity of the boot code at every boot cycle by ensuring the code is HP-signed and genuine. If the code has been compromised, the device is placed in recovery mode with limited functionality until HP genuine code can be reinstalled.

Whitelisting
Because compromised firmware could expose a whole network to an attack, whitelisting helps ensure the code that coordinates a printer’s functions, controls, and security has not been tampered with. Firmware is automatically checked during startup, and if an anomaly is detected, the device reboots to a secure, offline state and notifies IT.

Run-time detection
HP’s run-time intrusion detection helps protect printers while they are powered on and connected to the network – right when most attacks occur. This technology checks for anomalies during complex firmware and memory operations, automatically stops the intrusion, and reboots.

Inspecting network connections
This function stops malware from “calling home” to malicious servers, stealing data, and compromising a network. HP Connection Inspector evaluates outgoing network connections to determine what’s normal, stop suspicious requests, and automatically trigger a self-healing reboot.

For more information on Ingram Micro’s range of HP printers, please head here.

 

 

 

[1] Quocirca, “Managed Print Services Landscape, 2016” quocirca.com/content/managed-print-services-landscape-2016

[2] Quocirca, “Print security: An imperative in the IoT era, 2017” quocirca.com/wp-content/uploads/2018/06/Quocirca-Print-Security-Jan-2017-Report-Excerpt.pdf

[3] IDC MarketScape: U.S. Smart Multifunction Peripheral 2018 Vendor Assessment: http://idcdocserv.com/US43533617e_HP

 
Visit the Brother Boutique
Visit the Canon Boutique
Visit the Epson Boutique
Visit the HP Boutique
Visit the Kyocera Boutique
Visit the Xerox Boutique
Click to sign up to Ingram Micro's emails