Printers CAN be hacked. If they are part of your business network, as most are, they are just as vulnerable as any other network device, such as your computer or your phone.
You may wonder why a hacker would want to target your printer. But consider what you print while at work. Financial statements? Customer data? Legal briefs? How much of what you print would be considered “sensitive”? What could a hacker do with that information? And if they already know that most organizations implement little or no printer security – it makes printers an appetizing target.
What you should be doing
Passwords: There are millions of printers in use that have little or no password protection whatsoever. Many still utilize the default password provided with the printer. Make sure your password is strong and updated regularly.
Manage Printer Access: Configure the printer access settings so that only approved networks and devices are able to access the printer(s). As with passwords, review access points regularly. Immediately block access by employees that leave the organization.
Don’t Run Unnecessary Services: Many printers have insecure and unnecessary access tools (HTTP, FTP, etc) loaded on them at the factory. By leaving these tools enabled, hackers can gain to access the printer’s hard drive, where they may not only access sensitive information, but they can store their own (malicious code, pornography, etc.). Unless they are needed, disable these services during initial product installation.
Update and Patch: Your computer regularly asks you to update it. Printers and multi-function devices, while they may not always ask for it, also need updates and patches. Be sure to check for firmware updates available for your printer as part of your regular patch management schedule.
Sound like a lot to remember? Depending upon your organization’s size, printing demands, and classified nature of your documents, you might want to consider outsourcing the printer security management. The experts at Capital Business Systems can focus on securing your printer’s vulnerabilities while you focus on your business.