Why printer security should be a priority for your organization

Many times, people don’t see printers as being ‘high tech’ when in fact they were the original IoT device. I think part of the problem is that the name ‘printer’ belies what these devices have become; they have evolved from singular-purpose to multifunctional document hubs that can access nearly every point of an enterprise’s data, which is enormously helpful for workflow and document management, but can lead to security vulnerabilities if proper safeguards aren’t put in place.

Security breaches often start from a user clicking on malware embedded in an email, and then that malware is used to, among other things, gain control of other network resources including print devices. Unsecured print devices can then be used to gain social information such as names in an address book or device activity reports, which can be leveraged for additional phishing attacks. In fact, only recently a well-known hacker group made headlines for compromising a wide array of companies and NGOs with attacks that targeted unsecured printers to gain this information.

Furthermore, once a bad actor successfully establishes access via an unsecured printer, it’s rudimentary for them to perform a network scan to identify and attack other insecure devices, climbing higher and higher on the network ladder into more privileged, higher-value access. From there, they can cripple the system with a malware attack, or steal confidential information undetected. Meanwhile, those same devices can be converted into malware bots themselves and used to attack other organizations without your knowledge. If your firewalls and other cybersecurity measures are a fence, then an unsecured printer is an unlocked gate, leaving you totally vulnerable and exposed.

We do not currently have a bug bounty program; however we have contracted with IT services companies to test our security protocols and strive for continuous improvement. It’s an ongoing discussion at Brother.

Many of our products have the ability for Brother to push firmware updates directly to a network-connected device, meaning the user will get a notice on the LCD display that a firmware update is available and can be installed on the device. 

Besides our own internal testing, we also work with outside security consultants to evaluate our products. We also follow all the latest laws regarding connected and IoT devices and update our products to meet any new regulations.

Speaking of the products, first and foremost, Brother’s printers are intentionally designed without hard drives so that they do not retain any data within the device after an action is performed. On so many other printers, anyone with a thumb drive could walk by and upload whatever documents had recently been processed; far too many businesses spend enormous amounts of money protecting data when it’s on servers, and then leave it totally exposed on printers.

Furthermore, Brother printers have IP filters that can restrict or grant access to a user based on their IP address, automatically blocking unauthorized requests without the proper credentials. We offer password and PIN protection to safeguard customers’ sensitive information, and also ensure compliance with all 20 CIS controls. 

But, hardware is only half the picture for Brother when it comes to device security. How the product is installed and maintained is equally important. For large enterprises, that usually means the Brother team or its authorized channel partner visits its customers onsite, assesses their setup and needs, then works with the customer to tailor IT operations for maximum usability and workflow as well as security.

Change the default administrator password! It’s a slap-your-forehead mistake we see time and time again. Just because something’s super simple doesn’t mean it’s not super important.

Big picture, any IoT security problem needs to be addressed with a two-pronged approach. First, a lot of security issues are actually caused by accident, so teaching the members of your organization how to be responsible with their devices is step one. The second prong is to make sure that you’re always staying current with the firmware and implementing software updates. As a corollary, you want to do your research on what security measures are available for your specific device.

I see printers as a beachhead for digital transformation. An under-discussed component to digital transformation is that it can be costly, in terms of both money as well as time. For instance, step one is usually digitizing mounds of paper documents, and even that initial process is often out of reach for many SMBs and mid-sized businesses.

Brother is at the forefront of an industry trend in that we are retooling our lineup to allow increased integration with third-party apps. From approval automation to workflow tracking and analysis, our customers are increasingly able to navigate these mission-critical elements right from their printers, scanners, and other multifunctional devices. This way, digital transformation isn’t such a binary proposition for businesses, i.e. you either shell out a bunch of money, or you don’t do it at all. The quote-unquote ‘humble’ office printer has a big role to play in digital transformation and knowledge management over the next five years thanks to its unique flexibility.