Scaling print security for the remote workplace
For many, remote working is here to stay for the foreseeable future. However, claims of a resultant increase in employee productivity are off-set by the worry that endpoints – including printers – are secure from cyberattack. IT teams must scale print infrastructure security across the hybrid workplace – enabling both remote and office workers to print securely.
The growing threat landscape
The recent hijack of around 28,000 printers by a group of ethical hackers at CyberNews is a stark reminder of how vulnerable printers are to attack. Although this was a non-malicious attack which forced all the printers involved to print a five-step guide to securing a printer, a malicious attack on any exposed printer can wreak untold damage by potentially enabling hackers to gain access to the corporate network.
As remote work becomes the norm, cybersecurity teams are facing increased challenges in securing sprawling and vulnerable networks. Unless endpoints such as printers are protected by regular security monitoring and updates, they may be infected with malware and/or exploited as network access points
Although most businesses protect company-issued laptops with appropriate security software and provided securely configured remote network connections, the use of home printers for business purposes may have been overlooked as employees suddenly started working from home during the Covid-19 crisis.
Indeed, recent Quocirca research reveals that 83% of IT decision makers are concerned about home printing security. The research also shows that their concerns are valid, as just over three quarters (76%) of UK workers are printing in the home – mostly on printers they either owned already or have purchased to help them adapt to homeworking during the crisis. So, what should IT departments be doing to avert this risk?
6 steps to secure the hybrid print infrastructure
With remote work here to stay and the network perimeter disintegrating, IT teams need to maintain visibility through remote monitoring and threat detection. So how can organisations secure their print infrastructure – across the office and home environments – without impacting employee productivity?
The following measures should be considered, which follow the ‘people, policy and technology’ approach.
- Reassess the security of the print infrastructure. Security assessments should be extended to encompass remote/home printing. With offices operating at lower capacity, businesses can rationalise their printer fleet and ensure it meets the latest security standards.
- Re-evaluate relationships with existing managed print services (MPS) providers Review hardware and software security features of their portfolio along with any industry security partnerships and certifications. Evaluate capabilities such as run time intrusion detection, BIOS protection and whitelisting technology and SIEM integration, for example. Implement As a touchless model emerges in the office, pull printing (ensuring print jobs are only released to authorised users) should be a standard approach. Evaluate integration with print management solutions and look for capabilities that track and audit office and home printing. Functionality may vary and, along with print manufacturers’ proprietary products, third party products from companies such as EveryonePrint, Kofax, LRS, PaperCut, Pharos, Printix and Y Soft may support this.
- Include printing in cybersecurity training. Organisations need to understand how their risk profiles have changed and update training accordingly. Employees need to be informed of new print-related security risks that have arisen from remote working. Employees should receive guidance on how to print and scan securely and also how to securely dispose of confidential or sensitive documents in the home environment.
- Rethink remote working policies. Bring-your-own-device (BYOD) policies will need to be updated to incorporate guidelines for the use of employee-owned printers in the home. Use of unauthorised or outdated home printers which may pose a security risk should be restricted or at the very minimum discouraged.
- Implement secure cloud-based printing. Cloud print services not only reduce the cost associated with maintaining and managing on-premise print servers by passing this to a third party MPS provider, but also enable the full tracking and reporting on print jobs across distributed locations. The major public cloud vendors, such as AWS, Azure and Google Cloud all offer log, event and network flow data. This can be integrated with a centralised SIEM solution which monitors endpoint security events and provides visibility and detection across on-premises and multi-cloud environments. Cloud-based remote job submission also enables remote workers to securely submit jobs to office-based MFPs. Learn more about leading Cloud Print Services offerings in Quocirca’s Cloud Print Services 2020 report.
- Revisit data loss prevention (DLP). DLP stops any unauthorised attempt to access, copy, print, scan or share sensitive information. This may mean disabling or restricting access to home printers from certain applications. Also consider print management products that integrate with third party DLP products or offer their own content security capabilities. One example is Kofax, which offers ‘content-aware print and capture technology’. This analyses the content of a document and automatically applies business rules – for example automatic redaction of specified keywords or patterns.
An effective approach to print security must combine preventative measures with policy measures to ensure employees understand the risks of printing, whether in the office or home. The rapid shift to remote working means that print security cannot be an afterthought – and organisations must be vigilant about how cyberattacks could penetrate the network through blind spots created by unsecured remote home printers.