Following good IT practices can help safeguard data and protect the network from unauthorized access or intrusions. Yet, only 30% of IT professionals recognize printers as a high-security risk. Ensuring security features are enabled and effectively used on printers and multi-functional devices (MFDs) should be part of any optimized IT security practice to strengthen a firm’s data and business protection. Doing so protects against data security failures that could result in:
Here are just some of the capabilities many printers and MFDs have that should be enabled and used as part of optimized IT security practices.
The first thing to do is to change the default password on the device’s administration control panel webpage. The admin control panel is a standard feature of virtually every printer and MFD and is accessible through the operator panel of the device or as a webpage accessible by a computer with a browser. It is the portal through which setup and changes to the device’s network, features, and functions configuration can be made. Changing the factory default password (usually the same for every printer and MFD built by the manufacturer) to a unique password and entrusting this and administration duties only to authorized administrators help protect the device from unauthorized changes that can heighten security threats.
Data Encryption is standard on many printers and MFDs, with advanced encryption functions available through optional kits. Enabling encryption features and functions prevents data streams between the device and other computers or devices from being intercepted, stolen, or altered. Encryption features can encrypt data and documents stored on the device’s hard disk drive as well as encrypt and protect address book information, authentication credentials, and other important device information. Make sure AES-256 encryption is used.
Almost all office printers and MFPs use a hard disk drive (HDD) that acts as a buffer for print, copy, and fax documents or can be used to store documents for later access and printing directly from the device. While encrypting this data helps protect it, enabling HDD overwrite and erasure features ensure this data is overwritten or deleted, adding another layer of strong data security protection. This can be particularly important when the device is reassigned to a new location, returned at its end-of-lease, or disposed of at the end of its life.
Use the admin control panel to enable device access controls to manage who has access to the device and what functions they may use on the device. Using Active Directory and LDAP, an administrator can easily apply device authorization policies that fit within overall IT network security plans. Limiting device access to only authorized users and limiting functions to a need-to-have basis helps minimize threats from malicious actors or unintended security breaches.
When it comes to the print, copy, scan, and fax functions of a printer or MFD, here are some other basic security features that should be enabled:
Confidential secure printing – requires the user to enter a PIN, password, or some other form of authentication at the device to release a print job to be printed. Sometimes called “pull printing,” this feature, on some models, can also enable users to securely release print jobs from multiple supported devices on the network, establishing a level of convenience along with security. It can eliminate the risk of unattended prints left in the exit tray exposing sensitive privacy and security data.
Unauthorized copy control – This feature adds an “invisible” mark or message to a printed or copied document that only becomes visible when the document is recopied. In many models, it can be set to embed a warning message on the recopied document or create a pattern that makes the recopied version unreadable. Securing printed paper documents should be a key point in any optimized IT security plan.
Scanned PDF encryption and password protection – When scanning a document to be sent via email, a secure folder, or other destinations, the PDF created can be encrypted and password-protected to increase security against unauthorized use. Additionally, printing, modification, copying or content extraction privileges of the PDF can be restricted. That way the PDF can only be opened by someone with the password and printed, modified, or used based on the privileges set.
Fax destination confirmation and re-entering – When faxing, the MFD should at a minimum display a confirmation screen of the fax destination entered. An even more secure method is to enable a re-entering of the fax number or destination initially entered. This helps prevent sending sensitive information to the wrong fax destination.
The above are just a few of the security features and functions found in today’s printers and MFPs. Enabling and using these can be a good start toward strengthening your organization’s optimized IT security practice. For more detailed information on how printers and MFDs that Centric Business Systems offers customers can help you can go to Security functions for Ricoh devices or the Sharp Security Guide. For more specific support, you can contact the experts at Centric at (877) 902-3301 where we’re focused on helping you based on your specific IT security needs. You can also visit us at www.centricbiz.com.