22nd September 2019

Data breaches you may have neglected

Source: Pexel

When we talk about security in a company, most people will look at network hardening (network security), computers, smartphones and tablets. An area often overlooked is printer security. Where is the best place for an enemy to hide? In the last place you would ever look.

More than 70% of the companies in the world have experienced data breach through printers. You might be wondering how a printer could cause such damage, here are five ways:

1. Saved document images on the internal storage: Since 2002 most printers have Hard Disk drives installed in them. A recent security study showed that images of a lot of the scanned, copied and printed documents are stored on the HDD and if left unchecked, an intruder may have access to said HDD and retrieve everything on that hard drive. How many personal documents would they find in your printer?

2. Document theft or snooping: How many times do you send print jobs and immediately have to rush to the printer just to avoid your prints from getting mixed up with those of other colleagues? Getting papers mixed up is not the real problem, we have page numbers
for that. The real problem is when those few crucial pages go missing. A person can simply walk over to a printer and pick up a document that belongs to someone else.

3. Unauthorized changes to settings: We are after all, naturally curious. If your printer settings and controls aren’t secure, someone may mistakenly or intentionally alter and reroute print jobs, open saved copies of documents, or reset the printer to its factory defaults, thereby wiping out all your settings.

4. Small things Undetected: have you ever walked up to a printer only to find that the ink or toner had been depleted? You would then have to call your supplier or ask someone in procurement to get a refill. How much time does that take? Granted this may not be a threat per say but it does find its place somewhere in this topic.

5. Unmonitored/ Unrestricted usage: you have probably printed the same document several times because of some errors made such as forgetting page numbers. There ARE employees that are studying and it is possible that they printed their assignments, books,
questionnaires and dissertations without been noticed. Again, this may not fall under data breach threat but it is also financial threat.

How Managed Print Services will help 

Thankfully, there is a solution to these issues –Managed Print Services. In short, a managed print
service is a service offered by an external provider to optimise and manage a company’s printing fleet. More importantly, Managed print services will also make printing costs more predictable (financial projection), so even if an old device needs to be replaced, the organization’s capital expense budget doesn’t take a hit. The following are the ways in which MPS handles security:

Control

Basically, MPS give administrators full control over how much each person can print, can force prints to black and white, forced duplex printing and for the most part they can alert administrators when toner is about to be depleted and what part of the printer requires servicing. They can even control what time of the day a printer can be accessed.

Fig. 1 – Printer with Equitrac installed with a card reader by the side (if company uses access cards).

User Access

The lock the printer, only to be accessed by individuals with a PIN code or an access card.

Fig.2 – Access card near card reader

Document security 

With MPS, your print job will not be released until you go to the printer, login and press print. This way, you can send all the print jobs you want and even collect them the following day if need be. Even if the printer is restarted, the jobs would still be waiting for you.
Data Overwrite Security Software (DOSS)

All printing devices should be installed with DOSS which erases every image immediately after it is produced, and overwrites the hard drive throughout the day.

Images are not stored on Ricoh machines once the scanning, faxing, printing or copying process is completed. The latent images produced are converted from the application format to a proprietary format that is erased and overwritten through the DOSS process. So even prints sent to the hold queues, they would not be searchable if an unauthorized source was able to penetrate the network.

Hard drives do not need to be destroyed at the end of contract, as no data is stored on them. The DOSS installed software allows for complete overwrite of any latent images.

Summary of MPS

Industry estimates show that for every $1 spent on printing — for toner, ink and other supplies — organizations spend another $9 to manage the printing environment. This includes the time staff spends to place purchase orders or drive to suppliers to get consumables.

It might seem like an unnecessary expense for your business, but MPS can help overcome everyday obstacles and reap several far-reaching rewards at the same time too. Managing the expenses relating to print equipment and consumables becomes a lot easier, while the need to spend out on an engineer to fix faults is eliminated.

You can also boost productivity among the workforce, as members of staff will always be able to print whatever they need. If you happen to grow because of this increased efficiency, MPS can expand with your requirements too.

Written by Jonathan Nali.

4 thoughts on “Data breaches you may have neglected

  1. I really appreciate the insights into printer security. Printers are often overlooked by most security experts. I am an IT professional and I admit that the printer is one area I often overlook when thinking about security.

  2. Thank you for reading. I am glad the article had brought some light. I think the most important security act we can all do is user awareness.

    1. Yes it is. But it has to be done. I think that’s a business opportunity right there hey.

Comments are closed.