Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementPhysicalSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingPhysical Security

Printer security: Simplicity is the key to success

By Bob Burnett
printers
January 12, 2021

Earlier this year, an investigation team hijacked thousands of printers all over the world to show just how vulnerable these devices can be if left unprotected. Too many organizations and individuals do not properly address them when discussing security strategies, physical or cyber, but if left unsecured, these devices can be real vulnerabilities. In particular, with the ongoing decentralization of workforces everywhere due to the “new normal” brought on by pandemic-related social distancing requirements, the attack surfaces print devices pose have only increased.

However, the key to any successful security measure may be simplicity, and fortunately, with a few straightforward, proactive measures, enterprises and employees can safeguard sensitive data. Risks must be addressed at three different levels: the user, the device, and the network.

 

User Level

The first way to protect printing devices is to educate the user since most attacks are initiated by an employee unknowingly allowing an attacker to gain access. Whether this education takes the form of email alerts from the IT department, training during the onboarding process, or through regular teaching sessions, informing employees of the best practices for device security can go a long way towards improving the security posture around printers. 

 

Device Level

Information can easily be stolen from the device itself, as anyone with access can remove printed documents from the tray if the proper precautions are not taken to control accessibility. Relatedly, data stored on a hard drive in a printer can be a treasure trove if not properly protected or erased when the printer is decommissioned. For these reasons, ensuring the physical security of printers is an important step towards overall device security.

The easiest action users can take to uplevel their device security immediately is change the default or admin password. When updating the password, be sure to adhere to best practices, such as using eight characters or more that are a mix of both uppercase and lowercase letters, special characters, and numbers. In addition, avoid using common dictionary words and personal information in your device’s new password. Making this simple change is the first step to adding barriers for bad actors looking to gain access to the device. Again, just because it’s a simple step doesn’t mean it’s not important.

Users should also keep up with the latest firmware updates. These updates are shared by manufacturers for a reason, and being remiss in keeping devices up-to-date can open them up to attackers. Some updates are specifically meant to patch known security vulnerabilities, so you want to give your device a fighting chance by giving it the most up-to-date firmware protection.

IT staff should also set up pull printing in the office. Pull printing protects your data by limiting access to the files being printed. For example, pull printing will only allow a person to retrieve a document from the device once they’ve authenticated themselves, which can be done in the form of inputting a PIN or utilizing NFC ID card readers. These methods of authentication ensure that only the person authorized to print those documents is able to do so, minimizing the possibility of data loss at the device. Pull printing utilizing ID cards has the additional advantage of lowering risk for employees in today’s COVID world by minimizing contact.

 

Network Level

On the network side, printers can be the point of least resistance to enterprise-wide access. Once the network-connected device is compromised, bad actors can work their way through the corporate network, laddering up to ever-more sensitive data as they go. 

One solution that organizations can employ to protect data at the network level is IP filters. IP filters ensure that those outside pre-approved IP addresses are unable to access the device. This helps protect not only the data on the devices, but also the network as a whole.

Having security policies in place around print devices can also help uplevel security. For example, organizations should implement a policy around disabling unnecessary ports and protocols, which minimizes the number of access points bad actors can use to gain entry to device data and functionality by closing an easy to exploit gap in security.

Another important policy to consider is device permissions. Organizations should ensure that changes to device settings can only be made after inputting the admin password. Restricting access to device settings to only those that know the (newly strengthened) admin password can protect against insider threats and bad actors wishing to change settings. 

Smart, automated document management systems can also add an extra layer of protection by, for example, verifying identity so that the person authorized to print or scan the document is the one actually doing so. In addition to authenticating users for jobs, these systems can also manage what features of the device each user is allowed to utilize based on that authentication. This way, organizations can ensure that each user is permitted to perform an action, minimizing the risk of access by unauthorized users to certain features.

Newer document management software can also systematically redact personally identifiable information, which reduces the damage if a document does, in fact, fall into the wrong hands. Personally identifiable information that is stolen can be utilized later in phishing attacks, acting as yet another way that hackers can access the network and steal information or cause damage, so minimizing the risks of this type of data being compromised is paramount.

Ultimately, although printers can be a security weak spot if left unprotected, there are a few easy steps that can be taken on the user, device, and network levels to drastically uplevel the protection of data passing through printers as well as the protection of the network as a whole. Be it at home or in the office, when it comes to security, simplicity can always be the key to success.

 

This article originally ran in Security, a twice-monthly security-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: cyber security printers risk management security measures

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Bob burnett

Bob Burnett is the Director of B2B Product Planning at Brother International Corporation. Leveraging his decades of B2B technology experience, Mr. Burnett’s team of field engineers and business analysts partner with enterprises across the Americas to collaborate on their unique requests. This results in deploying Brother’s industry-leading office equipment technology and workflow solutions to help simplify company-specific business processes while maximizing cost efficiency and security. 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Risk Management Services

    How Strong IT Security Policies Improve Enterprise Mobility

    See More
  • Office documents

    Document protection and insider threats

    See More
  • Internet network

    The key to cybersecurity success: Unity

    See More

Related Products

See More Products
  • The-Complete-Guide-to-Physi.gif

    The Complete Guide to Physical Security

  • facility manager.jpg

    The Facility Manager's Guide to Safety and Security

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

See More Products

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!