With recent changes in legislation, we thought it would be a great time to think about the printers and multifunction units our clients use on a day to day basis and think about how secure these devices are.
So, is your office photocopier secure? Is it compliant with the latest legislation and as secure as it could be?
It’s common knowledge and everyone knows that keeping our PC’s as up to date as possible is critical to keeping us safe. Your anti-virus need to be set-up correctly and kept as up to date as physically possible.
Logging in every time someone wants to print, or scan is not a great solution
Nobody likes having to enter a password or login each time they want to print or scan from the photocopier, so below is our quick guide on making your copier more secure without having to jump through hoops whenever a member of staff wants to print or scan.
In this short guide we’re hoping to dispel many of the rumours and hearsay around printer security and compliance, giving guidance on how to tighten up your security and become less vulnerable.
Why is your multi-function printer a possible weakness?
The multi-function printer which sits on your network has features such as scan to folder (smb), scan to email and also to a web server. You can print and store documents to it over the internal office network.
in order to allow all these different processes to efficiently happen the ports on the MFP are often left open.
An MFP device will often run an operating system such as LINUX and have an open architecture (opensource software or free software) to allow other software applications to run a “front end client“ (user interface) on the device to help you use its functions efficiently.
Possible weak areas of your photocopier
Depending on who the machine is managed by, they are often not updated to the latest firmware version which can include security patches along with updated software applications.
From our experience there can be as many as 15 firmware updates over the useful life of a multifunction printer. That’s a lot of potential security risks which your unit is not protected against.
Another commonly overlooked weakness is the default password on a machine. Each equipment manufacturer will usually have a default administrator password for an entire range of equipment.
This enables the administrator to alter all manner of network settings. These are often left as the default password, which can then leave it open to a possible breach.