Copiers (MFPs) and Printers are often forgotten when it comes to a company’s security policy.  As IT professionals continue to invest time and money into tightening their cybersecurity, it is vital to include MFPs and Printers in their policy.   Copiers of years ago were simple devices, not connected to a network and they only made copies.   As technology has advanced, so have MFPs.  These devices are just like any other device on your network and are a gateway to an enterprise’s most sensitive data.

According to a 2023 Print Security Landscape Survey by Quocirca, 61% of organizations have experienced a print-related data loss over the past year and 39% struggle to keep up with printer security.  

Below are the top MFP and Printer security risks and how to mitigate them:

1. Physical Access: Documents left on the output tray pose a significant security risk.  We recommend a “follow you” print strategy to enable the device to “hold” the job until an end user authenticates and releases at the device.

2. Default passwords: Factory preset credentials need to be changed by administrators.

3. Lock Down Scanning Access: MFPs are often used more for scanning than copying.   Scanning should be locked down at the minimum to scan only to your company’s domain.  To take it a step further, having users authenticate with their user credentials and enabling “scan to myself” is a best practice. If scanning isn’t locked down, confidential documents can be sent to “Gmail or Yahoo” addresses and your company wouldn’t even know it was sent.

4. Lack of Security updates: Your Vendor should work with you to ensure these devices have updated firmware and software patches.

5. Hard drive wipes: Before these devices leave your environment to either be shipped back to a leasing company or decommissioned, it is vital to wipe or destroy the hard drive.

6. Track and audit device usage: Many companies are investing in print management software to track who is using these devices and how they are using them.  You can limit what a user has access to and have audit trails of how each employee is using the device.

7. Home office printing: With the trend of a hybrid workplace continuing to grow, it is vital to make sure that home office printers are configured and set up with the same security settings as your in-office devices are.

8. Standard security features on devices: Many devices now come with SIEM integration, Verify System at Startup, SSD Data Encryption, and Encrypted Secure Print.  It is important to ensure that these security features are enabled and set up properly.

9. Cloud printing risks: Cloud printing services are on the rise, but it is important that your provider has robust security measures in place.  End-to-end encryption of print jobs, reviewing activity logs and reviewing access control all need to be in place.

MFPs and Printers are an integral piece of technology in organizations, but if left unmanaged can pose a high security risk.   Confidential data regularly moves between user’s PCs, Servers and MFPs/Printers, so it’s important to have a security plan in place to protect your print environment. 

Bio: Leah Seymour is the Senior Sales Director for Modern Office Methods (MOM) and has 26 years of experience in the Office Equipment Industry.  She specializes in working with IT Leaders in Healthcare, Manufacturing, Logistics and Higher Education to help them improve productivity, control costs and secure their devices.