Even as IT security threats are increasing, hardware security efforts often aren’t keeping up. According to a recent study1 conducted by HP, IT pros often overlook the most basic printer security precautions, such as updating firmware, with only about one-third making that a routine part of their compliance activities. This leaves the humble network printer to hide in the security blind spot, with the majority of them running under-protected.
Industry analysts agree. According to IDC, “Most printers have broad access to an internal network. An attacker who compromises a printer can have unfettered access to an organisation’s network, applications, and data assets.” Printers are typically not upgraded with the latest firmware because organisations so often underestimate the risk. In addition, they may not have the time it takes to review, test, and accept new firmware for printers across the fleet.
In fact, according to the study, printers are a big source of an increasing number of security threats. Today, a printer is 68% more likely to be the source of an external threat or breach than it was in 2016; it is 118% more likely to be the source of an internal threat or breach. Yet only 30% of IT pros recognise that printers pose a security risk. While this figure has roughly doubled since 2016, it is still too low, and reflects a dangerous reality.
Many IT pros seem to hold an outdated view of printer security, perhaps hanging on to the legacy perception that printers are safe inside the perimeter of the network. While it is understandable that printer security has taken a backseat to other endpoints in the past, it is critical that IT organisations start addressing the risks unsecured printers pose to their broader IT infrastructure and overall company risk governance.
No single solution is sufficient; a firewall alone is not enough, for example. As with any network device, printer security must be addressed from multiple angles. And as with any security strategy, the most effective solutions will be integrated, automated, and easy to use and manage. Exacerbating the challenge is the fact that each brand of printer has its own proprietary software and operating systems. Many IT pros may not have sufficient knowledge to configure printer software to meet their security policies.
IDC analysts have also found this to be true: “Printers are much more difficult to harden once they are shipped, underscoring the importance of selecting printers that are already rich in foundational and advanced security features.”
Fortunately for IT pros, today’s advanced printers offer dozens of embedded security features including threat detection, protection, notification, and self-healing, making it easier than ever to harden one of the most vulnerable endpoints on your network— the humble printer.
It's time to harden your print security.
Download this free eBook to learn more from the experts.
HP commissioned Spiceworks to conduct a survey in May 2018. This survey targeted IT decision-makers, including IT directors, IT managers, and other IT staff, to understand current printer security practices and identify areas of risk. Survey results included responses from approximately 500 participants in North America, EMEA, and APAC who work at organizations with 250 or more employees.