October 22. Hardware: Printers

Printers are often overlooked, however, they can represent significant security vulnerabilities if not properly secured.  Modern printers are essentially specialised computers with network connections, storage capabilities, and their own operating systems, making them potential targets for cybercriminals.

How can a printer be a security risk?

1. Data Storage: Many multi-function printers (MFPs) have internal hard drives that store copies of scanned documents, print jobs, and faxes. If these drives are not properly secured or wiped upon disposal, sensitive information can be exposed.

2. Network Access: As network-connected devices, printers can serve as an entry point into your network if they have unpatched vulnerabilities. An attacker could potentially gain access to the network through a compromised printer.

3. Vulnerabilities in Firmware: Just like any other software, printer firmware can have bugs or security flaws that attackers can exploit.

4. Configuration Weaknesses: Default passwords, open ports, or unnecessary services on a printer can provide easy access for an attacker.

5. Information Disclosure: Attackers could potentially access printer logs that show network configurations or user activities.

6. Physical Access: If a printer is in an unsecured location, physical access could allow an attacker to connect to the network or retrieve sensitive print jobs.

How to secure your printers:

• Change Default Passwords: Always change the default administrative username and password for your network printers.

• Update Firmware: Regularly check for and install firmware updates from the manufacturer. These often contain critical security patches.

• Network Segmentation: If possible, place network printers on a separate network segment or VLAN, isolated from your main data network.

• Disable Unused Services: Turn off any unnecessary services (e.g., FTP, public SNMP) on the printer.

• Secure Data Storage: Configure the printer to overwrite or encrypt its internal hard drive after jobs are completed. When disposing of a printer, ensure its internal storage is securely wiped or physically destroyed.

• Physical Security: Place printers in secure locations, especially those handling sensitive documents. Implement a "clean desk" policy to ensure sensitive printouts aren't left on trays.

• Monitor Logs: Periodically review printer access logs for unusual activity.

Don't let your printer be the weakest link in your security chain. Treat it with the same cybersecurity vigilance as you would any other network device.

💡Today's Cyber Tip: Secure your printer admin accounts!

If you have a networked printer at home or work, today try to access its web interface (usually by typing its IP address into a browser) and change its administrative password from the default.

Make sure any admin accounts your printer uses only have the bare minimum access to other network resources and data.  Don't use a super admin account!

Review DPE's previous articles about printer guidance:
{article title="Why we recommend using PIN codes on printers"}[link][title][/link]
[readmore]{/article}

DPE Knowledge Bank Guidance and Support:

For schools and colleges, six of the DfE Digital Standards are now mandatory. We have a DfE Digital Standards Tracker tool help you track your cyber resilience and your progress: 

   

Review our Cyber Security Best Practice Area for micro learning, support, guidance and policies:

Cyber Security Best Practice Area

Why not have a look at our 'specialist' trainer Harry the Hacker :