How Print Dealers Can Help Clients Prepare for New Cybersecurity Requirements

Phishing-resistant multifactor identification (MFA) is the new standard for cybersecurity — and print management software dealers are in a great position to develop new revenue channels by cross-selling complementary solutions for secure authentication elsewhere within the office environment. RFID/NFC readers, which are commonly included in MFPs for secure print authentication, can also be deployed as part of a secure and simple passwordless, phishing-resistant MFA solution. Print dealers can help their clients meet emerging cybersecurity requirements by integrating employee access credentials and RFID/NFC readers as part of a total office equipment security solution. This not only expands the market potential for RFID readers in the office equipment space but also positions print dealers to be leaders in office equipment security. 

Total office equipment security with RFID/NFC+PIN

Printers and computers both exist as endpoints in the wider cyber infrastructure of an organization, creating vulnerabilities in terms of information security. A total information security plan must include protection of both printed and digital information. Identity and access management (IAM) is a critical component of information security, controlling who has access to endpoint devices (e.g., computers and networked multifunction printers) as well as files, networks and applications. 

ID badge-based MFA (using RFID, smartcard or mobile credential) is a highly secure MFA solution for IAM that meets Cybersecurity & Infrastructure Security Agency (CISA) recommendations. It can be easily implemented within a total information security concept, which might include user authentication and login for:  

  • Networked printers
  • PCs/laptops
  • Networked and cloud-based systems, applications and files (often via a single sign-on solution)

MFA solutions that employ RFID/NFC as the primary authentication factor bypass the most vulnerable, costly and time-consuming element of the login process: the user-generated password. Instead of entering user credentials (username + password) manually, a simple tap of an RFID badge or smartcard to a connected reader logs the user into the system with much greater security. To add true MFA, rather than hassle with the addition of a mobile phone app, only a simple PIN is needed. The resulting solution is more resistant to phishing and other forms of attack than phone-based solutions such as push notifications or one-time codes. Users do not know their password and, therefore, cannot be tricked into revealing it, and the credential must be in physical proximity to the reader to unlock the device or log in to digital files and systems. That’s what makes this form of login phishing resistant in compliance with modern cybersecurity standards. 

How to implement RFID/NFC+PIN 

Implementing phishing-resistant MFA with RFID/NFC+PIN is easy with the right reader. A universal multifunction RFID reader allows companies to implement the authentication system with virtually any transponder technology. This usually means leveraging the RFID card employees carry for identification and building entry. Some organizations may prefer to use a mobile credential on the smartphone or a combination of card and smartphone technologies, using the NFC function of the phone in place of a physical badge/card (not to be confused with phone-based MFA solutions such as one-time codes and push notifications). 

Here’s how it works: 

• Each Windows device — laptop, workstation or even industrial HMI — is equipped with an RFID reader, which may be embedded in the device or attached with a USB cable. The reader connects to the device’s login system for user authentication via a secure MFA software solution.

• Instead of entering a password manually, the user logs in to the device with their ID card or smartphone by simply bringing it into proximity with the reader. The reader authenticates the user’s card or mobile credential and sends the user information to the login system. 

• For MFA, the login system can be configured to require a user PIN in addition to the RFID/NFC credential. If the PIN is correct for the user profile, access is granted. In some cases, biometrics may be preferred as the second factor instead of a PIN — for example, by leveraging built-in fingerprint or facial recognition systems on a smartphone in combination with a mobile credential.

• RFID/NFC+PIN can be used in combination with backend software for single sign-on (SSO) to grant access to networked or cloud-based files, systems and applications with a computer login. User permissions can be customized for each user, so everyone has access to the files and systems they need and nothing they are not authorized to have. 

• Within a print security system, the same card or smartphone can be used to access the print management system on the computer and unlock the printer to pick up the print job, creating a simple and seamless system for managing both digital data and physical printouts. Future requirements for MFA at the printer are all but certain for many industries, so having the RFID reader option helps future-proof the solution as well.

Getting started for print dealers 

By adding RFID readers to their offerings, print dealers can help their clients implement a secure MFA solution for both print security and cybersecurity. Using the same type of readers for both print management and computer login/SSO creates a unified information security environment that can help organizations comply with emerging cybersecurity insurance requirements and regulatory or industry standards. At the same time, utilizing ID badges helps organizations reduce time spent in password management and login processes, enhancing employee productivity and reducing the burden on IT staff. 

An MFA solution for printers and laptops must fit within the organization’s broader cybersecurity landscape and the other software elements in place, such as VPNs and SSO software. Print dealers will benefit from working with a knowledgeable partner in the user authentication space who has the right partnerships in place to simplify implementation. Offering an RFID/NFC+PIN solution for both printers and computers will allow print dealers to lead the way in total office equipment security. 

Mike Harris
Mike Harris

Mike Harris serves as the senior manager of business development for ELATEC Inc. in Palm City, Florida. In his position, Mike is responsible for connecting ELATEC market needs and its internal teams, including Product Development, Engineering, and Sales. He has a Master of Science in Physics from Southern Methodist University and held global product management positions at Elo Touch Solutions and Ocular LCD Inc. before joining ELATEC.