October is coming to and end which means it’s time to wrap up Cybersecurity Awareness month. To close out this year’s cybersecurity-focused blogs, it’s time we talk about how our people can put our businesses at risk. While this year’s theme of ‘See Yourself in Cyber’ is supposed to promote simple, effective ways to keep Americans safe online, we also need to look at the theme another way – and that is, sometimes our own actions are what create printer security risks that can lead to data breaches.
According to a 2021 Egress’ Insider Data Breach Survey, 94% of organizations have experienced an insider data breach in the last 12 months. What’s more, human error was identified as the leading cause of serious insider data breaches, with 84% of organizations experiencing a security incident caused by a mistake.
https://www.parmetech.com/wp-content/uploads/2022/10/Common-Printer-Security-Risks-600×400.png
Often printer security risks are overlooked – after all, printing, copying, scanning, and faxing are basic business functions we perform every day without much thought. However, there is a lot of sensitive and confidential information on these printed, scanned, and faxed documents. Being careless with these documents means your leaving a huge potential hole in your organization’s security.
We already discussed earlier this month about printer security and how secure our print devices are, but now we’d like to focus on 10 common printer security risks made by workplace employees.
Risk #1: Paper gets left on the printer or copier tray
While it might be a common sight in your office and not seem so threatening, leaving printed documents on the printer tray is not only a bad practice, but a major printer security risk.
What happens if the document left on the printer tray holds confidential information? It only takes one person to pick up the document and next thing you know, you’re dealing with a potential data breach. It can happen, so it’s best not to leave documents lying on printer trays unattended!
If you’ve ever suffered from this issue, it might be worth looking into authentication to release print jobs or follow-me printing solutions through print management software.
Risk #2: Everyone in the office, including visitors, can access the device without authorization
Most brands of copiers or multifunction devices (MFDs) have the ability to scan to folder, email or fax. If the device is not properly secured, an individual could maliciously or inadvertently email or fax data to an inappropriate recipient.
Risk #3: Anyone, including visitors, can access the scan to/print from USB function on MFDs
Scanning to USB could be a vulnerability as the information leaves the office network and is outside of its control. USB pen drives or hard discs are very easy to lose due to their portable nature. USB drives can also carry viruses and the MFD could serve as a point of entry that infects the entire network.
Risk #4: You can’t currently track printing, copying or scanning activity
Without tracking print/copy/scan activity, you won’t have the proper analytics to pick out anomalies and if something does happen, be able to pinpoint what happened, who it was, where it was etc. Print-related analytics are crucial to combating printer security risks, and managed print services can help organizations gain the insights they need into their print environment.
Risk #5: Employees can access stored scanned files
Much like putting user permissions in place to access confidential information, it’s important to ensure not everyone can just access stored scanned files in case they contain sensitive data.
Risk #6: MFDs are taken away or disposed of without triple-overwriting the hard disks
Whether your contract ends on your current MFD or you’re looking to upgrade an older machine, when you are getting rid of your existing device you need to make sure it’s completely wiped. You never know who might gain access to it once it’s been removed. In order to do this properly, you can’t just delete files; you need to overwrite them and ensure there is no possibility of accessing data previously stored on the hard drive.
Risk #7: Network printing and scanning data isn’t transferred securely (i.e. no SSL) on your network
Encryption and network security are there for a reason and should be applied to printing among other digital business functions. Consider how the data for printing transfers to your printer; now think about the type of data that might be printed by another department.
Are you sending sensitive financial or personal information? What if someone was to intercept the data being sent to the printer? That would be bad. Printers are like computers, keeping them secure is crucial!
Risk #8: Anyone can access your fax machines/fax capable MFP’s and send a fax to anyone, anywhere
Unfortunately, unprotected fax connections in multifunction devices can be an open “back door” into the network. Learn more about cloud fax solutions as an alternative to analog fax lines.
Risk #9: Employees can print sensitive documents and information on their printer at home
With the rise in remote and hybrid work, it’s possible that employees have been able to print important documents on their home printers or the office printers they have in their home. By using a cloud print management software that extends to all devices, whether remote or in the office, it’s possible to track and restrict what people are printing. For example, Xerox Workplace Cloud comes with Xerox Home Worker Print Tracker that extends print management to the home. Anytime someone clicks ’Print’ on any brand of printer, whether it’s personally owned or company supplied, job details are recorded in the cloud, ready for analysis.
Risk #10: Device firmware isn’t updated automatically
Out of date firmware can become a printer security risk, leaving endpoints open for cyber criminals to access your network and data. It’s best to implement security systems that ensure all devices are automatically updated to the latest firmware version.
Stop Printer Security Risks in Their Tracks
If any of the above risks sound familiar in your organization, it’s time to do something about it! Data loss can become much more than just an inconvenience and there can be major implications when a large amount of data is lost. According to the University of Texas, 94% of companies suffering from a catastrophic data loss do not survive – 43% never reopen and 51% close within two years.
It’s important to make sure your devices are secure – so if you haven’t already, take our printer security quiz to see how secure your print devices really are. This is crucial to stopping data breaches from happening – whether through human error or malicious activity.
Parmetech has a number of solutions that can help your organization reduce your potential data loss and help increase printer, document, and organizational security. Contact us today for more information!