Why should security be such an important part of your decision when purchasing a copier?

Why should security be such an important part of your decision when purchasing a copier?

(Submitted by Gareth Stevenson)   In today’s world, while printers and copiers may seem like innocuous office equipment, they can pose some of the biggest security risks in an organization simply by being accessed by someone without proper authorization. Here are some statistics on printer security:
  • 59% of employees said colleagues leave printer pages in the paper tray.
  • 41% of office employees use their own unsecured devices at work because they are easier to use.
  • 23% said they used public file sharing sites without business approval.
  • 31% take information out of the office to complete work at home.
  • 8% of organizations have had employees access confidential information that they should not have had access to.
  • 24% of workers store information in the public cloud even though they are not permitted to do so.
When purchasing a new multifunction device, here are some key features to consider:
  1. Hard Drive
  2. USB Drive (“Thumb” Drive) Access
  3. Securely Managing & Sharing Documents
  4. Secure Printing
  5. Intrusion Security
1. Hard Drive Most copiers or larger networked devices have hard drives. The hard drive is basically a high-capacity self-contained storage device with a read-write mechanism. The purpose of the hard drive is to store images of all the documents you copy, fax, print, or scan. Please be aware that hard drives can be removed.   There are two types of Hard Drives:
  • HDD (Hard Disk Drive) – A legacy type of drive that uses spinning disks to read and write data.
  • SDD (Solid State) – A newer type of drive which is faster and more powerful. It is also more compact with less moving parts and uses flash memory.
An important feature related to MFD hard drives is “Data Overwrite.” This feature is standard and included on most MFDs. “Data Overwrite” is using random numbers to rewrite or replace files and other data that is stored on a hard drive. The use of random numbers in this rewriting process stops unauthorized users from retaining information from the MFD internal memory and trying to access it later.   Key Data Overwrite features:
  • Your MFD’s hard drive should have, at minimum, up to 8 times data overwrite and 256-BIT AES (Advanced Encryption Standard) data encryption to ensure that your data is unrecoverable by anyone other than you.
  • Additional image overwrite features like a “Data Security Kit” provide extra layers of protection and encryption so that even if the hard drive is removed, it cannot be recovered.
Lastly, when you return your copier back to the leasing company, you should always have an “End-of-Lease Erase” performed on the hard drive of the MFD. This will ensure that there are no documents or information left on the device.   “End-of-Lease Erase” benefits:
  • Ensures that all confidential data is overwritten before the device leaves your facility.
  • Information will not accidentally get into the wrong hands.
  • “Certification of Wipe” documentation is provided.
2. USB Drive (“Thumb” Drive) Access You may be wondering how a USB drive, or “thumb” drive, could possibly be a security risk? The answer is this: these devices can allow unauthorized access to an endpoint and result in security breaches. Most copiers or multifunction devices have a USB port that users can plug a USB drive into to copy, print, or scan stored documents from or, in some cases, even take documents away from the MFD that may have been stored in the MFD’s hard drive.   Some ways to combat these risks are for you to limit user functions via the device control or print management software or to use the device homepage of your MFD to disable the USB port altogether.   Turn off USB Thumb Drive Access to stop intrusion or misuse of information via MFD device:
  • MFD Home Page
  • Remote Management Tools like HP Web Jet Admin or other Remote Device Management Tools
3. Securely Managing & Sharing Documents There are times that sensitive information will need to be scanned or faxed. With today’s MFD, there are several ways to securely transmit or access information, including the following:
  • Use of Encrypted PDF, which is a locked PDF document that is transmitted with an encrypted password.
  • Scan to shared folder or “Users” folder that is password protected with permissions enabled.
  • 3rd-party secure scanning and document management tools (Ex. Laserfiche; Softworks Square 9)
  • E-Fax or secure faxing through digital faxing software (Ex. Right Fax; Gold Fax)
  • Hot Scan Folders that can pull documents into 3rd-party applications
  • “Cloud Connector” for applications like SharePoint, One Drive, or Google Drive
  • Use of “Single Sign-on” or “Two-factor Authentication”
4. Secure Printing Some users may not need to print securely; however, some users may find this a valuable feature. For example, secure printing stops confidential printouts from being left unattended at the MFD. These printouts containing sensitive information could easily become mixed in with another user’s job and wind up in an unauthorized user’s hands.   “Secure Print Job Release” is just one way that you can print securely via the MFD. This feature is accessed through your Print Driver which can require the following to access the printout:
  • Pin or username along with a password, which would allow you to release the job at the MFD from the stored jobs
  • ID Card Swipe with 3rd-party integrations like Papercut
  • Serverless Print Release / “Follow me” Print solutions
5. Intrusion Security Believe it or not, hackers could possibly try to access your copier! Copiers can be an easy access point for a hacker to gain entry to your network. Think of the copier as an “on-ramp” to the highway of your network that hackers can use to deploy viruses, etc.   Because of this accessibility, here are some tools that you should certainly consider putting into place:
  • Device or Fleet Management Tool: Can be used to remotely control devices to ensure that they are secure by pushing configurations out through your network to either an entire fleet or a single device. Used for the following:
    • Turn off unused ports to ensure no endpoint is available for intrusion
    • Create security policies & centrally manage and monitor all devices
    • Greater network control system configuration
    • Remote front panel access for user assistance and troubleshooting
    • Remote firmware
  • Anti-Virus Software: Most MFDs in today’s advanced world have a way of monitoring and preventing attacks with anti-virus software such as Bit Defender or McAfee, which provide you with a firewall to stop intrusions or access from any unverified sources. Here is how anti-virus can protect you against hackers:
    • Stops “Malware” and “Spyware”
    • Prevents “Trojan” Intrusion
    • Provides “Worm” Protection
    • Protects against other unusual behavior
  • Application Whitelisting: This is a list of approved entities like email addresses or IP addresses that are listed on the whitelist. Entities that are not on the whitelist are denied access. Also, it checks which IP addresses have accessed the device by using a SYSLOG (system logging protocol). These are some of the benefits of using application whitelisting:
    • Block ransomware intrusion
    • Provides vulnerability management
    • List of secure IP addresses (static), emails, and applications
    • Improved Cyber Security
  • Firmware Self-Recovery Application: This is critical to MFD security as cyberattacks are being attempted on MFDs as an entry point to a network. Your device will update and install security patches. If the self-recovery identifies malicious intrusions, then it will restore the machine’s firmware to its original state and restart the device. These are some of the benefits of using a firmware self-recovery application:
    • Detect, stop, and recover a BIOS attack or corruption
    • No IT intervention needed
    • Stealth within your MFD
    • Not accessible as it is nonvolatile memory

    Share This Page

    Cybersecurity: What You Need to Know NOW!

    Cybersecurity: What You Need to Know NOW!

    (Submitted by Natasha McDowell)

    With a rise in the number of cyberattacks being reported in recent months, cybersecurity is catapulting to the forefront for many in the public square, whether they be business owners, members in the healthcare industry, or school districts throughout the nation.

    Organizations are often under threats that put sensitive information and business continuity at risk. The addition of mobile and cloud technologies, although essential and beneficial, extends security challenges.

    As trusted technology advisors, we at RITE Technology would like to take this moment to share some steps that businesses and organizations can take to increase their cybersecurity stance and stay safe.

    Common areas to evaluate, in terms of threat mitigation, are:

    • Access Control & Password Management
    • Network & Communication
    • Data Encryption

    With those in mind, here are a few guidelines your business or organization can implement right away to combat cybersecurity threats:

    1. Evaluate the strength and frequency of your passwords. In other words, make sure that the passwords that you are using are significantly complex enough not to be easily guessed. If need be, use a password generator. These are easily found online through a simple keyword search. Additionally, do not use the same password for all your accounts and be sure to change your passwords regularly, at least once every 30 days is suggested. Worried about forgetting which passwords you used? Then sign up for a password management solution. Many can be found online by doing a search using your favorite search engine. All of this may take a little extra time on your part, however, when an online retailer or a website that you use gets hacked, though the bad guys may get access to the that particular username and password, at least they won’t gain full access to your finances and other accounts as well.
    1. Train Employees on Cybersecurity Best Practices. In terms of communications, a little education for yourself and your employees can go a long way in preventing massive intrusions into your systems. Know how to combat phishing emails by properly reviewing them before clicking or opening attachments. Ask some of the following questions:
    • Is this from someone whose email I recognize? (Be sure to check the email carefully! Hackers are very clever in these regards.)
    • Do I know other people who may have been cc’d on the email?
    • Was the email sent at an usual time of day? (Ex. 3 a.m.)
    • When I hover over a hyperlink in the email, does the link-to address match?
    • Are there any grammatical or spelling errors anywhere in the email? (In the email address(es), body of the email, or in any links included in the email?)
    1. Implement Multifactor Authentication (MFA) wherever possible. Data encryption is key to preventing cyberattacks! This layered approach to securing your online accounts is one of the best ways to ensure that the only person who has access to your information is you. Many banks, social media platforms, and even utility companies are encouraging the use of MFA. What is MFA, you ask? It is simply a system of requiring you to verify your identity in two separate ways in order to access an account. For example, you may request a code be sent to your smartphone via text message or an email be sent with a link that you would click on before access to an account is granted. In this way you are doubly protecting yourself and your data, making sure that you are not low-hanging fruit for hackers.

    Implementing a multi-layered approach to help safeguard your business’s multi-function printers (MFPs) against security threats is also a smart way to help prevent many unwanted outcomes, such as the following:

    • Loss of productivity
    • Large fines due to regulatory non-compliance
    • Loss of access to data and network
    • Loss of competitiveness due to stolen information
    • Lawsuits resulting from data breaches
    • Loss of business continuity

    To learn more about how to safeguard your MFP, download this MFP Security Checklist.

    Hopefully, you have found the information in this week’s blog to be helpful. If you are interested in additional guidance, please visit the Cybersecurity & Infrastructure Security Agency (CISA) website using the following link: https://www.cisa.gov/shields-up

    Share This Page