In a constantly evolving cybersecurity threat landscape, the print infrastructure is not immune to security threats. Following the Print Nightmare security vulnerability in 2021, the recent news of a print management software security exploit reflects how vulnerable the print environment is to attack.
In Quocirca’s Print Security 2023 Study, 39% of IT decision-makers cite print management platforms as the top print security challenge, with just 20% reporting that zero-day attacks on print infrastructure is a top challenge.
Print Nightmare, a windows print security vulnerability that hit the headlines in 2021, brought attention to the security risks of printing. Quocirca’s Print Security Study revealed that 19% of businesses had been impacted by the vulnerability, rising to 26% amongst SMBs (249–499 employees).
The latest print management software vulnerability, known as an n-day exploit – an exploited vulnerability for which a patch is available – was patched in March 2023, over a month ahead of the exploit occurring. The exploit of this vulnerability allowed remote attackers to bypass authentication on unpatched servers and remotely execute code, such as triggering installation of malware on those servers.
As with any security vulnerability that requires patching, although many customers will have patched their systems, not all users will install patches as soon as they are made available, either waiting for a standardised patch window or avoiding installing the patch in case it impacts the existing environment.
While implementing patch management is vital to keeping a business safe from security threats, staying on top of an ongoing stream of patches that may leave an organisation exposed to potential cyberattacks can be challenging. Patching software can be complex, cumbersome, and time consuming.
Mitigating the risk
It is becoming harder and harder for a standard organisation to afford to attract, employ, and maintain the skills required for a solid security stance. Using a managed security services provider (MSSP) to handle vulnerability management and security patching can help organisations improve their security posture. MSSPs can provide specialised services around security assessments, ongoing remote monitoring through SIEM integration, and remediation.
Another approach is to use a managed print service provider with security and cloud expertise. In Quocirca’s forthcoming MPS 2023 study, cybersecurity expertise is the top requirement for MPS customers, cited as very important by 45% of respondents. Meanwhile, 35% say it is very important for an MPS provider to be able to support zero-trust security. In a cloud environment, this requires advanced technologies such as multifactor authentication, identity access management, and end-point security.
A cloud-based print infrastructure can help mitigate risks around on-premise print management. Quocirca’s research shows that 52% of organisations believe cloud-based infrastructure is more secure than an on-premise print environment. Cloud print management platforms take advantage of the underlying security of a public cloud platform such as Microsoft Azure, AWS, or Google Cloud Platform (GCP). In some cases, the most effective approach may be to eliminate print servers completely and utilise direct IP printing. Direct IP printing may also facilitate automatic security updates to mitigate risks associated with an on-premise print environment. However, cloud and serverless technology is not immune to risks and threats.
While direct IP printing offers a range of benefits, including lower IT burden and costs, for larger and more complex print environments, dedicated print servers may still be the best option. In fact, Quocirca’s latest MPS study shows that 48% of organisations have increased their number of print servers. The top barriers to cloud print management adoption are data security (36%), lack of demonstrable cost savings (29%), and performance (28%).
Ultimately, on-premise print infrastructure can give IT teams more control over printing, and also may offer more extensive functionality (rules-based printing, authentication, and reporting). However, reliance on print servers can also be costly from a hardware, software, and maintenance perspective.
The future of print security
The latest print-related vulnerability serves to elevate awareness of the print infrastructure as an attack vector. As organisations migrate more core systems to the cloud, on-premise print servers are increasingly attractive targets for cybercriminals to breach.
Ultimately, the longer vulnerabilities remain unpatched, the more exposed a business is to risk of an attack. Given that organisations take different approaches to print management, regardless of cloud or on-premise approaches, MPS providers should ensure that they can help customers more effectively detect, prevent, and remediate against the growing threat of print security vulnerabilities. It is also an opportunity for the industry – both print manufacturers and ISVs – to collaborate more closely on addressing risks across hardware and software security.
Find out more about the print security landscape in Quocirca’s Print Security 2023 report.