Copier Security Risk - What Your Need To Know

We hear every day about data breaches and security, and your business likely discusses it on a regular basis.  You deal with critical and sensitive information including customer credit cards, private medical records, client contact information or even banking account and routing numbers.  This information lives on your network, your computers and even on paper in your business.  If you're printing, copying and scanning this stuff, it lives on your copier too.  While most businesses at least have taken measures to protect their networks, servers and computers, often the printers and copiers aren't considered.  But your copier hard drive can be a huge security risk.

Any device that connects to the Internet can be hacked.  Cyber criminals have gained access to systems and networks via a number of crazy items including thermostats, dolls and yes, through printers and copiers.  If you're printing, scanning or copying sensitive information on your copiers and web-enabled printers, this could be a very easy avenue for cyber criminals to enter your business and potentially do great damage to your business.

Here are four basic ways that copiers and printers can pose a threat to your business:

1. Unattended sensitive documents - This seems obvious, but it never stops happening.  Someone prints a confidential document to the copier and forgets to pick it up.  Someone else prints their documents to the same copier and picks up the entire pile of papers in the output tray.  Back at their desk, the unauthorized person now has access to this confidential information.  They could easily scan the document or even take pictures of it before discarding it, and it could end up in the hands of people who could harm your business.
2. Setting changes - If your printer and copier settings aren't secure, you risk them being security vulnerabilities.  Printer and copier jobs can be changed or sent to a different machine, and saved copies of sensitive documents can be accessed and redistributed and used in a dangerous way.  Someone could also accidentally reset the device to its factory settings, causing loss of data and files as well as your settings and time it takes to fix the copier.
3. Stored information - Most copiers today and some printers have an internal hard drive that stores all of the jobs that are processed through it.  If you decide to get rid of a printer or copier or worse, if someone steals it, any documents that have been processed through it could be recovered and stolen.  According to the FTC, it is your legal responsibility as a business owner to ensure that you erase all stored data on your copier before disposal.
4. Hackers - If a hacker gains access to your network, they can capture documents that have been sent from your computer to your printer.  And if it's an older model printer that doesn't include the latest security features or isn't password-protected, it's even easier to break into and cause damage.

And the danger doesn't end there.  If your copiers and printers are connected to the Internet, cyber criminals can take over these systems to create new jobs, change settings and more.  They can even install malware on the copier or printer software, allowing for complete remote control of the device.

So how do you keep your connected copiers and printers secure and your business safe?  To truly be safe, all businesses  have to incorporate a copier and printer security strategy into the company's overall security plan.  Printers and copiers can no longer be the often-forgotten stepchild in the office.  In the meantime, here are some tips to secure the copiers and printers already in your fleet.

• It's all about location - Many people try to tuck printers and copiers out of the way because aesthetically we don't want them taking up prime office real estate.  Instead of hiding them, place them in high traffic areas.  The added eyes on the device can deter document theft.  Also, having a designated device for sensitive departments like HR and accounting that requires a badge swipe or PIN code to print will provide further security.
• User authentication - Many copiers now have some form of user authentication that forces a user to identify themselves to print, copy or scan.  This includes items like PIN codes, ID swipe cards and even fingerprint readers.  This ensures that documents don't print and stay in the output tray because a user prints and forgets about it.  When users need to print, they have to enter their credentials, and less opportunities exist for document theft.
• Mobile usage - If users are able to print via mobile printing through WiFi, make sure that all of the mobile devices are secure on the network.
• Password protection - A lot of today's copiers and printers allow you to password protect the control panel of the device, preventing users from changing the settings.  If you're unsure how to do this, you can refer to your owner's manual, and if your device is from Fraser, you may contact our Global Support Center for assistance.
• Use secure connections - When accessing the control panel of your equipment from a web browser, use https:// to utilize an SSL encryption instead of the standard http.  If you're using command line access, use encrypted SSH versus clear-text Telnet sessions.
• Removing a device - As stated previously, when it's time to retire a machine or your lease ends, it is your responsibility to ensure that the data on the hard drive is erased and doesn't leave with the device.  This can be done by removing the hard drive and securely disposing of it, or you can have your service provider handle the erasure.

No matter your business, data breaches both large and small continue to occur at an alarming rate.  At Fraser, we can help you to secure your printers and copiers to keep your data safe.  Contact us today to learn more.