Today’s columnist, Eric McCann of Lexmark, says security pros should make locking down remote printers part of their work-from-home strategies. TranceMist CreativeCommons Credit: CC BY-NC 2.0

As IT gets more decentralized because of the work-from-home culture caused by the pandemic, securing connected devices has become critical as organizations continue their cloud transformation journeys.

It’s especially true for printers, which can serve as an important entry point for attackers looking to gain access to sensitive information. Despite the increasing move to digitalization, many industries and teams still rely on printing as a vital part of their business processes, including the legal, healthcare, manufacturing, and logistics sectors.

The security question

Companies find it difficult to protect a print fleet against security threats in normal circumstances when offices are open and most employees are onsite. Tasks such as manual asset management and device configuration are often difficult and inefficient without the help of a service technician. Plus, installing device certificates individually takes valuable time away from other tasks, as IT staffers must continually monitor printers to ensure that security policies are met.

It’s not just human error that puts an organization at risk of a security breach. Just like any other connected IoT device, hackers can compromise networked printers remotely. Many businesses are unaware that data stored on servers or on a legacy printer’s hard drive can get transferred unencrypted via the network when printing and, without establishing alternative workflows, hackers could send data to printers in unsecured locations.

With a dispersed workforce and fewer people in an office, there’s an increased risk that important maintenance and updates to a print fleet might get missed, or else, that workers may leave documents containing sensitive information unattended in a printer’s output tray.

Security by design

For these reasons, there are clear benefits to moving print infrastructure to the cloud. A robust cloud-based print management software solution that’s secure by design makes it easy to manage device configuration for a fleet of printers across a network – scalable across an organization to thousands of devices.

With the latest software and hardware, IT admins can easily configure a fleet with device passwords or network authentication to secure remote management and change passwords across the fleet to meet rotation policies. However, ensuring conformance and enforcement also extends to user or role-based permissions. This may mean restricting device functions to only specified users or groups, as well as preventing unauthorized users from changing device and security settings. In addition, to reduce the attack surface of a print fleet, security teams can disable ports and protocols and then enable them remotely and set devices automatically for log usage information.

Remote working still requires a secure printing strategy even when staff are not physically in the office. With secure held print features available, employees can send a document to an office-based printer, where they can hold it until collected via a print release function. This prevents the accidental exposure of sensitive or confidential business information by holding jobs at the device until they are released by an authorized user.

Automate where possible

Many printers today also come equipped with automation features that make it easier to manage devices. Manual configuration of devices can lead to problems with inconsistent settings and firmware levels. Automating security tasks releases IT admins from having to run firmware updates overnight to avoid interrupting business. Furthermore, automation will let security teams audit devices daily or more frequently to check that no potential vulnerabilities are missed, and to ensure devices are always compliant. The security team can also schedule periodic scans to identify new devices on the network and automatically provide them with a base configuration to ensure they meet security policies, greatly relieving the pressure on IT staff.

Having a dispersed workforce – whether as a result of the pandemic or because staff must work flexibly – shouldn’t mean ignoring the protections for printers. By moving print infrastructure to the cloud and implementing a robust print management solution that includes security by design, remote printing can play an important role in supporting a company’s digital transformation journey and protect the organization from security risks.

Eric McCann, manager, software and security, Lexmark