The Big Security Risk You’re Overlooking

Take a look around your office and what might make you vulnerable to cyber attack. You've got your laptops, your desktops, your mobile devices, but did you stop to consider your printer?

With the numbers of companies experiencing data breaches on the rise—and the money each breach costs reaching eyebrow-raising dollar amounts—it's important to consider cyber security for your own business, whether you're a Mom-and-Pop store, a mid-size business, or a Fortune 100 enterprise. So take a look around your office and what might make you vulnerable to cyber attack. You've got your laptops, your desktops, your mobile devices, but did you stop to consider something you use every single day and never think twice about… until it runs out of ink?

In early October, we hosted a webinar with Senior IT Security Consultant Ron Chestang of HP, and Staples Business Advantage Business Development Manager Patrick Boyd to discuss this vulnerability and others in the workplace, and there were several key takeaways to consider.

Printers are vulnerable in many different ways. Printers are unique in that they are vulnerable in both digital and analog ways, and they are vulnerable in the office and through remote users. Print security concerns range from the basic—hard copies of sensitive information are all too often abandoned in the output tray and left for anyone to grab and—to the complex, with malicious entities using printers with default passwords and network options as an entry point to the company's entire network. As printer technology continues to develop, making printers more and more like PCs, it's important to consider all their potential exploits and issues as you evaluate your company's cyber security. "You have to think about printers as PCs that print," says Chestang of the capabilities (and vulnerabilities) of today's printers.

But many companies are overlooking them. Despite high-publicity, printer-related breaches like STUXnet in 2010, a foreign attack on the U.S. Chamber in 2011, and the recent hijacking of college printers to spew hate language just this year, printers still rank low on the priority list for most companies as they evaluate their tech security, with PCs and laptops, mobile devices and servers all attracting at least four times as much attention as printers.

Updates provide more than functionality; they provide security. It can be difficult to determine when and how to update your office technology, and cost is always a concern. As a result, many companies tend to focus on technology that's ceased to function or has become too outdated to keep up, leaving obsolete printers in operation with the hope of updating them on some hazy date in the future. But older printers (and other hardware) can bring with them increased security risks and big gaps.

MPS providers can help manage these risks, but they should meet expectations. The time, manpower and expertise required to keep printers functional, updated and most of all, secure can be a huge investment for any company of any size. Managed Print Services providers can help fill that gap—but it's important to know what to expect of them. "If your provider tries to convince you to swap out for older model printers to save money, that's a big warning sign," says Boyd. "Your MPS provider should have security protocols in place, and they should be visiting regularly to look for any breaches or issues."