Go back

Could your printer’s security flaw cost your business $2 million

By Simon Williams
·
February 23, 2018

From February 23rd 2018 it is compulsory for all organisations with an annual turnover of $3 million to report any data breach to the Australian Privacy and Information Office. According to the bill, a data breach is classified as an instance where there has been "unauthorised access to, or unauthorised disclosure of, personal information about one or more individuals (the affected individuals), or where such information is lost in circumstances that are likely to give rise to unauthorised access or unauthorised disclosure".

Any organisation that fails to notify a security breach can face a penalty of up to $1.8 million. This is in addition to any financial loss resulting from the data breach.

If your data was compromised, could you afford to financial impact from the fallout that would happen afterwards? An independent study from IBM showed that the average cost for a business that suffered from a breach averaged $2.64 million in 2016. It’s big business for hackers and it adds more financial risk to the organisations that suffer from the data breach. Hackers are becoming more creative in their ways to access sensitive consumer information that they can then monetise for their own benefit. Printers happen to be one of the portals that they are using.
 

The Wolf On The Prowl

 

How is this happening?

Although many organisations have already taken steps to secure data on their network an area that can be overlooked is a printer. But many printers offer security procedures to give protection to your network and data.
 

Securing Your Printer

Savvy computer hackers are able to find unsecured printers simply by doing searches on the web. In this Computerworld article, Michael Howard, HP's chief security advisor states that he could find 29,000 unsecured printers using different search engine queries. They can then attempt to access those printers without any password protection or attempt to access those printers with their default passwords.

Once these printers are found, the hackers can choose to do a couple of things.
 

Access the information that is stored on the printer’s hard drive.

The files that are saved for creating the prints are never fully erased. So the risk is that the attacker can use software to retrieve files that have been scanned or sent to the printer.
 

Gain access to the organisation’s LAN network.

They can access the LAN (local area network) for the organisation and get access to other devices that’s connected or even use it for DDOS or spam attacks on other web properties.

A printer can be a backdoor to your network unless you make sure it’s secure. Most companies make sure that their network is secure from intruders as awareness of the increase in computer hacking goes. No-one is immune it seems. More and more money is being spent on computer security but often the peripherals, such as printers, laptops and notebooks, are overlooked.
 

How can this be prevented?

All printers within the organisation should have a unique password.

  • Ensure that the hard drives on the printers either have encryption or automatic scrubbing.
  • Ensure that the devices are a part of a network.
  • Ensure that the printing software uses a digital signature (E.g. Cryptographic authentication)
  • Make sure the printers have firewalls.
  • Implement pull printing
  • Check the security protocols on each printer
     

How can Cartridges Direct help?

Cartridges Direct works with the Original Equipment Manufacturers (OEMs) in the printing industry.

Get in touch with Cartridges Direct to speak to a printer specialist who can help you. Now, more than ever before, securing your data is an imperative. Unless you take precautions are taken your printer can be an entry to your network and your dta. CartridgesDirect can guide you through the steps you need to take to avoid a data breach through your printer.

 

Comments