Businesses have been facing increasing security pressure in recent years, and the transition to remote work in 2020 due to the pandemic only served to exacerbate matters. As shown by the recent Colonial Pipeline hack, no industry is outside of the danger zone and the impact can be wide-reaching. There are many things businesses can do – some of which are relatively easy to implement – to help protect a hybrid workforce. Many new trends arose in 2020 from business response to the newly defined workplace, including a new appreciation of just how important securing your data is, a movement which will no doubt continue into the future.
A COVID-19 shift in workplace dynamics
Research from gap intelligence showed that, with the majority of the workforce operating from their homes from the last year, online purchases of notebooks, affordable inkjet printers, and document management, cloud and security solutions rose dramatically – peaking in August 2020 and continuing to maintain an increased level throughout 2021. The impact this had on the market was that more data is being stored on home office devices; there is increased data exchange across unsecured networks and expanded cybersecurity vulnerabilities.
Anticipating the future state of work
With decentralized working looking like it will be the main business model at least for the rest of 2021, these impacts are producing their own requirements to effectively support employees while keeping business data safe across environments, such as:
- How to enable users to securely access and share data from both remote and in-office locations
- How to allow users to print from mobile devices
- How to provide user access control with multi-factor authentication
- How to provide adequate network protection and configure secure Wi-Fi settings
- How to consistently monitor for suspicious activity across networks and devices
All these risks and requirements, plus the associated costs in rectifying them, have lowered confidence levels in the print security infrastructure. Quocirca’s January 2021 research found that only 21% of IT decision makers say they are completely confident in the security of their company’s print infrastructure, a decrease of 12% from pre-COVID-19. They also found that 64% percent of businesses have reported data loss in the past six months due to unsecure printing practices, with reasons including improper disposal of confidential information and device malware.
All this can be recovered by comprehensive actions inclusive of policies, processes, technologies and analyses to protect this new print environment. Essentially, you need to be securing your business and how you manage documents and networks ASAP. There are three key phases to consider in the approach for managing documents: measure, reduce and secure.
Step 1: Measure remote work
While we are still living this ongoing experiment into remote work, take the opportunity to study employee behavior in order to understand their needs and deliver appropriate, cost-effective support. You can’t manage what you don’t understand. Through measurement, you can deliver cost-effective solutions to home-based employees that address their needs and keep them productive. This may be needed for quite some time; permanently, in some cases. And for compliance and data security, maintain logs of records and management activities across both clients and employees.
Step 2: Reduce infrastructure requirements
To reduce the burden on on-premise needs, the move to the cloud is in full swing. To accommodate an increasingly decentralized workforce – both on and off the network – there’s a tremendous opportunity to eliminate the unnecessary infrastructure associated with print at this time, and make sure the devices you have are secure and protected.
You should also consider the extra devices connecting to your network, and whether they are needed. IoT devices and phone/tablet apps often have no added security, meaning many of these are potential entry points for actors with less than good intentions. For example, electronic door locks, fitness trackers on employees’ wrists, cheap security cameras and more can all be hung on and/or possibly provide access to a company’s network. Devices are not always properly secured because people don’t tend to think about it.
Step 3: Secure your infrastructure
Cybercrime has soared since the start of the pandemic by 600%. It has never been more important to secure your organization’s sensitive information, and printing is an extraordinary threat vector (both the devices and the process) that needs to be addressed.
Implement secure pull printing to ensure there is no unauthorized access to devices, no need to have specific drivers or third-party applications installed, and most importantly increase employee productivity by introducing the freedom to print anywhere. The days of leaving Protected Personal Information (PPI) open in the office are over (remember when an incoming fax would be left in the machine until the recipient was notified?)
The multifunction printer (MFP) is an endpoint on the network and users are beginning to realize that they could be subject to attack. One of the biggest lessons we have been trying to communicate to our customers is that just because an MFP may not have been successfully hacked, it doesn’t mean it can’t happen – that’s why it’s important to have the security protocols in place.
Why is an MFP an easy target for hacking?
Printers, as well as MFPs, are an underestimated source for data breaches. Sure, when you think about a hack attack, traditionally your mind would go to PCs, web applications, file servers, data centers, etc., because that’s where you can get access to file systems, credentials and crucial private information. A successful MFP breach can result in a hacker accessing all of the above. Your everyday office printer comes loaded with the ability to integrate with the corporate network to allow for scan to email and copy-and-scan accessibility. Most worryingly, breaches can happen without anyone knowing they have occurred. And a lack of MFP security and maintenance makes breaches even easier to execute.
With the understanding that in today’s corporate environment, communications and connectivity are indispensable, MFPs are designed to integrate into network environments. This scenario also means this office technology must cope with and comply with the same security risks and policies as any other network device, and represents a risk if unprotected. Yet despite security being high on the strategic agenda for most businesses, MFPs are often discounted as being a risk.
While some IT managers may be aware of the risk, they are often sidelined ahead of more pressing issues. This is especially risky for those MFPs and printers located in public areas, where they can be accessed by staff, contractors and even visitors. This leads to two main reasons these printers, which are such an integral part of our workplace activities, are vulnerable to attacks. First, many MFPs still use the default administrative login credentials with which they came. Secondly, they have been configured to use privileged accounts (such as Domain Administrator) for transmitting scanned documents to network locations.
Pairing these challenges together creates an entryway for a hacker to gain access to an administrative network password, not even via a password cracking tool but simply via a small modification to the HTML code within a web browser. Further, with the advanced features available on today’s MFPs designed to make it easy for information to be copied and distributed, once a hacker is in, getting the information they need is a quick and simple job.
Mitigating these risks is crucial
These risks are nothing new, and if not properly designed and secured, an organization’s endpoint devices can be an unlocked back door, serving as a pathway between the internet and corporate networks. In fact, in 2019, Microsoft Threat Intelligence Center researchers discovered evidence of Russian hackers communicating to several external devices, and specific attempts by the hackers to compromise IoT devices, including an MFP, to breach networks. Upon gaining access, the hackers were able to infiltrate other unsecure devices and move across the network to gather higher value data.
The first logical step then is to prevent unauthorized persons from being able to operate an MFP. Preventive measures are needed, first to control access to MFPs, and second to establish some kind of security policy reflecting how the devices are actually used in real life. Here are some ways to make sure you are protecting your business:
1. Always change the default device password to something complex, and do not reuse it elsewhere.
2. Understand the security capabilities that systems offer and utilize them to their fullest potential. For example, if your MFP device supports LDAP over SSL, use it. If your device supports TLSv1.2, use it. And if your device supports SNMPv3, use it.
3. Encrypt the MFP storage.
4. Be extremely careful with privileged accounts. Domain Administrator-level accounts should never be used on MFPs, workstations or other lower-privileged systems that have a higher likelihood of being compromised.
5. Use an independently tested machine.
What kind of testing, and what should you look for? Seek out devices built with security-based information technology that secure the network and network access, ensuring secure, authorized access to individual output devices, restricting functionalities where required, and protecting all personal user data and information content processed on the output systems.
With the right security protocols in place, your MFP doesn’t have to be an easy target for hacking.
Chris Bilello is Vice President, Business Solutions Development, Konica Minolta.
