There's a threat sitting on your network right now. It's large, likely unprotected, and possibly sitting a few feet from your desk. No, I'm not talking about a ferocious animal—I'm talking about your printer security.
Printers represent some easily exploitable security vulnerabilities highlighted in just-released HP Studios video series featuring your new top villain, The Wolf. I helped develop the story lines based on real vulnerabilities I regularly see on my customers' networks. But unlike some of the other human-error-based vulnerabilities highlighted in the videos, securing your printers is generally an easy fix.
Watch the full-length video (6:22) here:
All the connection. None of the protection.
Just as technology upgraded from rotary to smart phones and from dial-up to Wi-Fi, office printers have also evolved. Say goodbye to direct-connect printers that carried little risk—and hello to devices with the completeness of a computer or a server, including memory, operating systems, processors, and hard drives. The advances are staggering.
At the same time, the way companies are monitoring and managing those devices has stayed stagnant. Printers are not being monitored in the same ways as other networked devices. It's unheard of, for example, for a company to hand out laptops that haven't been configured by IT. Yet networked printers, which often include many of the same components as a laptop, often receive "plug and play" treatment.
Outsmart The Wolf
Here are three immediate steps you can take to better secure your networked printers. Each will give you a broader understanding of the touch points potentially impacting your company.
1. Expand the idea of your network.
Networked computers are usually tracked by Security Event Information Management (SEIM) tools. Networked printers usually are not. If a user clicks an insidious link from a networked computer, the SEIM tool in place would notice the problem and work to fix it. Give printers that same level of coverage. Malware that's found its way onto your system can sit idle for months before executing. Without ongoing monitoring, you may not detect bad actors that have a foothold on your network until it's too late to contain them.
Also, develop a strong mobile security policy that fits with your overall printer security strategy. If your PC printing policy encrypts data in transit and requires users to authenticate at the device, use a mobile solution that does the same. This will allow your security team to educate, create awareness, and establish best practices.
2. You have tools. Use them.
HP LaserJet and HP PageWide printers are prepared to do a lot of the heavy lifting when it comes to print security. They only need to be told what to do. Just as you would add a common operating environment to a PC desktop that is fresh out of the box, configure printers as they are delivered.
Network-enabled printers come equipped with monitoring and management tools. In HP printers, for example, Security Manager can lock down a device that has been hit with a virus and isolate that threat to keep it from spreading. Additionally, SEIM tools communicate directly with the operations centre, letting it know whether memory has been affected and where the device is in the recovery process.
3. Watch your assets.
Asset management is critical, because each device represents a possible entry point onto your network. Customers often don't have an answer when I ask them how many printing devices they have. Know what's on your network. Know the model numbers and whether they've received the most recent firmware update to block security events.
Not just a printer
Today's printers are robust network-connected computers integrated into your infrastructure. They handle your most recent data—what I call the currency of business. It's what you're working on today, whether that be invoices, business plans, or IPO takeovers. Business-critical information passes through your printers on a regular basis, so you need to protect data at that level. Think about printers; don't ignore them.
Watch The Wolf short film (6:22), directed by Academy Award-nominee Lance Acord and edited by Academy Award-winner Kirk Baxter, at www.hp.com/thewolf.