Printer security

Printers are part of our daily work routine. Without them, many activities would be a lot more complicated. Nevertheless, it’s easy to underestimate the need for security when using them.

A lot of data is sensitive

Most paper documents originate from printers. And that includes a wealth of confidential documents that are not meant for public consumption. Even in documents that are not categorized as “confidential”, one often finds personal data such as absences, telephone numbers or appointments.

Printers can store data

This data is not only on the print-out and the original document however. Modern multifunction printers (MFP) have internal memory that is used to store, or cache, the data to be printed. Under some circumstances, the data remains in the cache even after the print job is completed. The print job can originate from various sources: computer, USB stick, scanner, fax or a network connection.

General tips:

  • Deactivate unnecessary interfaces
  • Don’t leave print-outs lying around
  • Set up a firewall
  • Protect administrator access with a secure log-in
  • Restrict user groups
  • "Follow Me Printing"

Hackers will stop at nothing

Document cache makes printers an inviting target for hackers. Because many of the interfaces are similar to those on a conventional computer (network, USB), they have to be protected in the same fashion. Otherwise, it’s possible to use network access to manipulate the printer to make the cached data available, even though it should remain confidential. 

Another security-related issue that has nothing to do with modern multifunction printers is leaving print-outs in the printer, essentially making them available to anyone who simply passes by.

Security is also important for printers

It’s therefore recommended that you extend conventional security measures to printers as well. That means that a firewall is mandatory for network printers. Administrator interfaces should also be sufficiently protected against unauthorized access. There are a wealth of other measures, including limiting the utilization of network printers to specific users for instance. At some schools, it’s also possible to activate print jobs only after users identify themselves at the printing device, which is also known as follow-me printing.

Be aware of the risks

While there are many measures that can be implemented, the most important thing is to simply be aware of the potential risks. Observing the individual situation can reveal which steps are appropriate.

Further information

  • An article appeared in the IT Newsletter published on April 21, 2016, outlining issues related to illegitimate print-outs. The article contains further information regarding how to prevent these situations from occurring.
  • In late March 2016, numerous printers at universities across the US were used to create unwanted print-outs. Several newspapers reported the incidents, including The Boston Globe.