Secure Printing (Part 2 of 3)

The protection of data has taken on an increasingly important role for businesses. More resources than ever before are being given over to ensuring this security. In this three-part series on our blog, I’ll show you typical dangers in printing and general ways that they can be prevented. In this part, after human error and organizational deficiencies I’ll introduce you to two further risk factors in the printing process.

Risk Factors in the Printing Process

Technical Failure

Modern printing systems are active network participants communicating over diverse protocols and ports, with memory, integrated hard disks, and even their own operating systems. From this, many dangers can result, such as:

• Interception of print data, user passwords or log-in information of system administrators
• Unauthorized access over unused and insecure ports in print systems
• Manipulation of configuration and log-in data, without the user’s or the IT department’s knowledge. Hackers use this to access the data processed in print systems and MFPs.
• Unencrypted printer communication. Data transmission, from the application to output device via print server, is encrypted only in the rarest cases. Print data streams can thus be intercepted and misused.
• Lack of isolation. Incoming and outgoing connections to the printers from the Internet are not refused by security gateways, by which sensitive information can leave the network. The spectrum of transmitted information can range from error messages, to statistics, to entire documents. Furthermore, print systems can also received unwanted data from the Internet and distribute it. This includes malware, which not only limits the device in its function, but also can influence other IT systems.
• Special print server services and operational environments. Email and fax functions of printer systems have address book functions at their disposal for the integrated sending of emails and faxes. When using these functionalities, it is difficult to rule out that personal data may be distributed by the printer without authorization.

Deliberate Acts

The primary security focus of IT administrators and IT security experts is concentrated mostly on protecting servers, clients and network printers from attacks over the company network and over the Internet. “Trivial” security risks arising from disloyal employees, service technicians and cleaning personnel with access to print systems are neglected, although “inside jobs” make up the largest group of dangers to print systems.

This primarily includes

• access to documents in output trays and their misappropriation
• Digitization and anonymous sending of documents via scan function
• Unauthorized data reading of printer hard disks or the analysis of residual information
• Interception of data streams from the network
• Manipulation of information or software: Information and software can be manipulated in many ways: through erroneous data entry, changes to access rights, content changes to account data or correspondence, changes in the operating system software, and many more. If these manipulations are not recognized soon enough, the smooth running of business processes and specialized tasks can be seriously disrupted.

In the third part of this series you’ll learn how such dangers can be prevented.

Missed Part 1? Click here.