The growth of the internet has offered businesses unprecedented opportunities in communication and commerce. But it's done the same for hackers. As the devices we rely on become more intelligent, so too, do the cybercriminals who aim to exploit them.
As any CISO will know, an attack can cause widespread and long-lasting damage to an organization and the individuals responsible for its security. A security policy that provides multiple layers of protection for each endpoint in an infrastructure is essential for businesses to properly defend themselves and ensure compliance.
Printer security is essential
In a recent survey by Spiceworks, it was revealed that most organizations see printers as less of a security risk than other devices in their infrastructure. Just 16 percent of organizations perceive printers as a high risk for security breaches, significantly less than their perception of PCs (65 percent) and mobile devices (61 percent). And while just 57 percent of organizations have security practices in place for printers, a considerable 97 percent have security practices in place for desktops and laptops, and 77 percent have security practices in place for mobile devices.1
What many organizations don't realize is that an unsecured printer connected to your network exposes your sensitive data—and business—to risk. As part of a deeper cyber defense strategy, security teams must continuously evaluate, identify, and take swift action in response to network breach alerts across every endpoint, including printers.
Always conduct constant monitoring
CISOs are challenged with ensuring their IT department has fully secured their network and that their business is compliant with increasingly complex security regulations. Take the EU's new General Data Protection Regulation (GDPR), for example, which will enforce new standards of compliance for any company that operates on the continent. With tougher sanctions for companies failing to adequately protect their data, implementing robust security policies, practices and processes is more urgent than ever.
Another EU regulation that could impact companies worldwide is the EU Network and Information Security Directive (NIS), which concerns the security of national, critical infrastructure. It requires that businesses operating in essential service sectors "must take appropriate security measures and notify serious incidents to the relevant national authority."
Organizations must implement appropriate security controls in their IT networks on every device, provide evidence of this, and report any breaches. If businesses can't see every single endpoint, they won't be able to see and report a breach. If printers aren't included in a security policy, a business could be found noncompliant.
Securing your print fleet
To help organizations make sense of recommended security steps, the Center for Internet Security has created a set of common controls that highlight the key requirements for any piece of network infrastructure, including printers. Follow these guidelines with your printer fleet to keep your business protected and compliant as part of your wider security plan.
CSC 4: Continuous Vulnerability Assessment and Remediation
Your IT team should continuously assess the environment for vulnerability and take action to remediate on results, minimizing the opportunity for breaches.
Cyber defenders need to monitor a constant stream of new information, software updates, and threat bulletins, which requires significant time and resources. Only businesses viewing system logs for all devices, including printers, can assess their full network. For remediation, a printer fleet security management tool that routinely checks your fleet of printers and automatically applies your security policy settings will ease the process of maintaining fleet compliance with regulations.
CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
Your IT team should collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.
Unmonitored network devices can enable attackers to hide their location, malicious software, and activities. Devices—like printers—need to be able to feed incident details to a Security Information and Event Management (SIEM) tool through a systems log. SIEM solutions can monitor and analyze activity across your network in real time and notify administrators when incidents occur.
IT teams should choose print devices that can generate specifically "incident" syslog messages to a SIEM tool for real-time monitoring, report generation for audits, and other compliance requirements.
CSC 8: Malware Defenses
Your IT team should control the installation, spread, and execution of malicious code at multiple points in the business while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action. They should choose print devices that will load only verified, signed code and will actively self-monitor and automatically stop attempts to load untrusted code.
Protect your company, customers, and reputation
A study by Spiceworks revealed that 3 in 5 organizations experienced a security breach in 2016. While 88 percent have a security policy in place, only 16 percent perceive printers as a significant threat—whereas over 60 percent see desktops, laptops, and mobile devices as significant threats.
IT teams are busy securing servers and PCs, yet hackers are now also targeting devices like printers, which often allow the same access to internal data but lack the same protection. Best practice standards, like these critical security controls, can easily be implemented as part of your multilayer defense policy to deploy security best practices to your print fleet.
- HPI Printer Security Research, Spiceworks Dec 2015