Why Printers Might be the Single Largest Obstacle When It Comes to Secure File Sharing
by Michael Fiorenza on March 09, 2016
You have all the right monitoring and security tools in place. Your networks, applications, and users are properly cataloged in your asset management system, and you have taken steps to assure that systems are religiously backed up and firewalls settings are strong. You even have physical security in place to protect systems, devices, and users. Where is your weak link? It's likely in your printers, and most specifically, in mobile printing capabilities. Here's where your vulnerabilities lie.
Start by protecting your own, internal systems, and then expand your printer security policies to regulate the use of home printers and printers accessed via public hotspots.
Even in systems were computers, servers, and other devices and equipment are regularly updated with the latest firmware, it's common to forget to update the firmware for printers. This applies to all large printers in the mail room, as well as smaller units used by departments or individual workers -- such as the printer on the CEO's desk and the one workers chipped in to put in the break room for personal jobs. Just like any other antivirus software or device firmware, new updates are released regularly to address security vulnerabilities as they are identified by the manufacturers. Make sure all printers are up to date.
Insecure or No Passwords
Workers loathe to use passwords to print, because it slows down the workflow when customers or managers are waiting on a rush job. But these passwords are the last line of defense against unauthorized access to the corporate systems. Utilize long, complex, non-intuitive pass codes to protect printers, devices, and related networks.
Apps With Security Vulnerabilities
Printing apps are gaining in popularity as more mobile workers want to access printers to do their jobs. But these print apps -- just like other mobile apps by outside and third-party developers -- come with vulnerabilities. Backdoor vulnerabilities are always an issue with any mobile app, printing apps not excluded. You can help the situation by allowing only apps developed by your own team, or apps offered by only reputable companies like Microsoft, HP, Brother, etc. But this does not mean there won't be any vulnerabilities there to exploit.
Insecure Wi-Fi Networks
Just because users pay for Wi-Fi doesn't mean it's secure. Hackers can gain access to paid connections in hotels and other public places.
Even if your in-house Wi-Fi network is as solid as Alcatraz, mobile workers who use public Wi-Fi or print from public wireless printers can put your data at risk. Educate users on the dangers of free Wi-Fi offered at restaurants, cafes, and hotels, and make it clear that even paid hotspots can be dangerous. For example, a paid hotspot at a hotel can be at risk, just as the free ones can be. Paying for Wi-Fi doesn't guarantee it's safe.
Workers Who Use Mobile Devices for Work, but Don't Need To
You can eliminate much of the risk by making sure that workers whose jobs don't require mobility don't use open or public printers. This can be written and enforced via your BYOD policy. Some companies also require workers' managers to sign off on their ability to use their mobile device for work, so that anything that can be done without mobile access doesn't introduce unnecessary risks to data security.
To empower mobile secure file sharing, use a reputable tool like FAST™. You can see a demo video of how it works here.