There have been scores of downright scary stories in the media over the past few years regarding cybersecurity breaches. They have ranged from phishing attempts to large corporations paying vast sums of money after being held hostage by ransomware demands. While most people view such attacks as the fault of someone caught unawares and clicking on a dodgy email link – which is generally the case – few think of the vulnerability of printers.
In early 2020, as the government mandate to stay at home took hold, there was a surge in printer buying, mostly SOHO devices. As Brother UK General Manager Terry Caulfield notes, this means many printers were bought as a matter of urgency and were customarily not in line with standard corporate purchasing policies in terms of specifications.
“Those devices are still being used and have created somewhat of a headache for IT departments. It has moved print security up the stack in terms of concern.”
Plugging the holes
In terms of data security, modern printers encrypt data transmitted to devices and secure the link. “That’s not to say there isn’t a risk of the data being intercepted and decoded, but it’s incredibly difficult, if not impossible, to do with today’s level of encryption,” states Caulfield.
IoT printers, for example, may have a direct link to the internet, providing a stepping stone for cybercriminals to control computers and launch other attacks inside an organisation’s network. Older devices present particular vulnerabilities such as hardwired passwords, but often on newer models, default printer manufacturer settings are left unchanged.
Caulfield says it’s possible to target a printer that has an open IP address and potentially through open ports. “However, print vendors incorporate security features to detect breaches, such as denial of service attacks, with technology such as intruder detection helping to mitigate any problems. There are plenty of other built-in security features, including print release functions and user authentication using a PIN code or near-field communication card. But, they do rely on them actually being activated.”
With the permanence of hybrid working, one secure print environment option for IT departments to consider for the homeworker is a cloud solution. This offers several benefits, says Caulfield, for instance, reducing reliance on a local connection between computers and the printer. It also provides a modicum of assurance and control for monitoring and measuring print behaviour outside the office.
Importantly, notes Caulfield, cloud printing is more aligned with the principle of ‘zero-trust’. In other words, don’t trust the device. Ideally, utilising functions such as user authentication to release print jobs minimises vulnerabilities. According to IDC, 50% of organisations are looking to include printing within a zero-trust security network.
Cloud printing is a burgeoning market. Brother, for example, has partnered with Kofax which acquired Printix, a cloud-based SaaS print management software provider. The beauty of the cloud, explains Caulfield, is that all businesses can take advantage of the in-built security features: “SMBs typically use managed service providers – which is a growing area in our industry – as they don’t necessarily possess the expertise to run the IT infrastructure.
“By using the cloud, smaller companies are provided with enterprise-grade services featuring similar levels of security corporates enjoy.”
A cloudy future
He believes moving print to the cloud will continue to grow in popularity and replace a number of on-premises systems over time. Newcomers to the market – like Printix – lead the charge in cloud printing subscriptions.
In terms of channel partners selling such services, demand is growing fast, according to Caulfield, and there’s a great opportunity to provide end users with print device licences rather than single-user licences. “There’s little doubt the print landscape is heading in this direction and will become another cloud service add-on within managed print contracts,” he concludes.