Printer Security Is a Real Threat. Here’s What to Do About It.

Closing This Security Loophole Is Easier Than Ever

What comes to mind when you think about workplace security? If you’re like most people, you’ll name things like physical access control or network protections like passwords or anti-virus software. Hand sanitizer and HEPA filters offer a different kind of security as workers return to the office after pandemic-related lockdowns.

Printers aren’t likely to be high on the list — if they’re there at all. But these devices present a dangerous source of workplace vulnerability. In many office environments, it’s not uncommon to see papers that include sensitive data lying near a printer. Printers can also provide a dangerous point of entry for fraudsters and cybercriminals. In this post, we’ll unpack the threats and explain how secure print solutions can help protect your organization.

Leaving a Paper Trail

Digital data breaches grab headlines. Paper records are the source of nearly 8% of the healthcare data breaches that are currently under investigation by the U.S. Department of Health and Human Services.

According to Ponemon Institute research, meanwhile, seven in 10 managers have seen or picked up confidential documents left in the printer, while only 29% say their organizations automate restrictions to print from specific devices and just 27% restrict the printing of specific files.

An Under-Guarded Point of Entry

Connecting printers to the corporate network is convenient for employees. It’s convenient for cybercriminals too, because it presents a point of entry that’s often left relatively unguarded.

Because printers are connected to the desktops, laptops, smartphones and remote printing services we use every day, they’re actually state-of-the-art devices for document and data storage. Keeping them secure provides critical network security. Skip the security and hackers can exploit common vulnerabilities to penetrate your network and steal sensitive information.

Throughout the years, security experts — and bored teenagers — have staged large-scale hacks in attempts to draw attention to the issue. In 2018, a hacker named Hacker Giraffe forced 50,000 printers to print a message in support of a famous YouTuber. In 2020, cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers and forced them to print a guide on printer security.

In fact, according to consultancy Quocirca, in the past six months, two thirds of organizations have experienced data losses due to insecure printing practices. This figure rises to 74% in the U.S. The mean cost per data breach is £1,023,168 (£1,238,411 in the U.S. and £825,243 in Europe).

How to Secure Your Printers

Printer security isn’t just about making sure each device is patched and protected — though that’s undoubtedly important.

It’s also about making sure sensitive documents don’t fall into the wrong hands. And the best way to do that is through secure print solutions that hold print jobs at the ready until an authorized individual verifies their identity.

The most secure systems do away with cumbersome passwords, instead relying on security credentials that are already in use at your company. Here’s how it works:

1. An authorized user sends a document to the printer.
2. It is not printed until that person authenticates their identity using the same card, device or biometric that they use for other access control systems (like building entry or parking permission).

What’s more, most multifunction printers include embedded OEM readers that can authenticate virtually every proximity and contactless smart card, giving employees the ability to use a single identification badge to access and interact with the printers.

Of course, other types of credentials and form factors can be used as well, from mobile phones to smart watches.

Reusing existing credentials is more convenient for your users and simpler for your organization. It also cuts back on waste — especially relevant when you consider that 20% of print jobs are never retrieved from the printer.

It’s never been easier to get started with secure print solutions. To learn more, read our white paper, Implementing Secure Print – How to Leverage Existing Credentials for Easier, Safer Printing >>

Christian is Director of Product & Program Management and responsible for the Embedded and Desktop RFID portfolio for the Extended Access Technologies Business Area, including iCLASS SE Reader Module and OMNIKEY. He has two degrees in electrical engineering and business administration and more than ten years of experience in product management for different industries.