404 Tech Support

Weighing printer security risks

This post brought to you by HP MPS. The content and opinions expressed below are that of 404 Tech Support.

In this month’s batch of Windows Updates, Microsoft included KB3170005 in Microsoft Security Bulletin MS16-087 to address a vulnerability that could allow remote code execution on most versions of Windows and Windows Server. The proof-of-concept shows this is done through a man-in-the-middle attack on a workstation or print server or by setting up a rogue print server on the network. The update prevents non-administrators from installing printers and warns when untrusted printer drivers are attempted to be installed. Without this update, a print driver could be installed that is actually malware such as a rootkit which then has deep access to the system.

While this Windows Update protects against a very particular vulnerability, it can serve as a reminder to reflect on the security of printers in your organization. This is something that was touched on last week with our post on HP’s Managed Print Service. The topic deserves deeper exploration as printers can be involved in the loss or leaking of confidential, sensitive data. Whether it is a printed document walking off with the previous print job or the data being sniffed as it travels across the wire, printers should secured with the options available to follow secure practices.

HP MPS tries to increase awareness of these weaknesses with recommendations of how to address the weaknesses. Through the SPA Tool, it focuses on such categories of topics as the device, network data, access control & authentication, monitoring & management, and securing input and output trays. Part of the HP Secure Print Analysis page, it includes a survey to evaluate your environment for your current practices. The results then show you how you might improve your security practices related to printing. You can view the results in your browser or save them to a PDF.

The survey covers a wide variety of topics and will certainly include some weaknesses that you may not have considered before. We previously shared when CBS News covered the data walking out the door when a leased copier caches documents to its hard drive without securely erasing the drive. The HP Secure Print Analysis page covers this topic as well as many others such as physical security, encrypting traffic to and from printers, and PIN/pull printing.

Physical security might make you think of preventing someone from walking off with the heavy, bulky printer but it could also prevent the much more manageable task of walking off with special paper from the input tray waiting to be printed on, like prescription or check templates. Encrypting printer traffic will make it nearly impossible to read the data if it is intercepted. PIN/pull printing can allow an employee to queue up their print jobs and only print them when they are standing at the printer. This prevents sensitive information from walking off intentionally or accidentally being carried off with someone else’s papers.

Especially as printers, copiers, and multifunction printers are doing much more these, it is important to secure the data and devices. You should check out the HP Secure Print Analysis Survey to learn about some of those vulnerabilities that can be mitigated. If your organization has over 150 employees, it might be a good fit to utilize HP MPS as a partner to manage your printing needs and secure these areas of concern.