Printers age. And while over many years they may perform their printing, copying and scanning tasks just fine, there may be something missing as they get older that makes them a vulnerability to an organization’s entire network.
“The problem is that once a printer reaches end of life, it might still print but they no longer get critical firmware updates,” says Jeremiah Wagner, Branch Manager at Blue Technologies, Inc. “That makes them a significant cybersecurity risk.”
Smart Business spoke with Wagner about the problem older devices pose to an organization’s network, and what to do about it.
What risks do older printing devices pose?
Organizations tend to believe that a printer or copier’s useful life is as long as those devices continue to perform their core functions. However, as these devices age, they reach a point when they no longer receive the needed security patches from a manufacturer. That presents an opportunity for bad actors to exploit that vulnerability to get into an organization’s network.
Older devices don’t encrypt data like newer devices do. And without critical firmware updates from the manufacturer, the devices are not capable of combating the latest cybersecurity attacks. Organizations often aren’t aware that this can happen.
All printers and copies are connected to an organization’s network — whether that’s hardwired into a network or connected wirelessly. And with a significant number of people working on laptops and moving from building to building — from their home office to headquarters and elsewhere — people from across departments are connecting to the organization’s printers and copiers, creating many access points into an organization’s network that a bad actor can breach.
What can be done to close this security gap?
Organizations should plan and budget for the replacement of their obsolete devices, otherwise they’re leaving a large security risk sitting on their network. Unfortunately, it’s rare that organizations know that their devices have reached end of life. It’s one of the most overlooked areas in cybersecurity. In fact, most organizations don’t know how many printers they actually have on their network because they don’t properly track and manage them. Further, these assets tend to get lumped into general office expenses, so there isn’t necessarily a line item for organizations to track and manage them — especially since printers are sometimes bought piecemeal rather than as a fleet.
It’s important to ask manufacturers how their devices protect against cybersecurity breaches. It could be that they have a sophisticated, proprietary operating system, or they have a dedicated team that actively monitors for breaches to their devices and releases patches quickly so they can stay ahead of those who would use those vulnerabilities to exploit organizations.
Who can help organizations avoid these attacks?
If managing a print fleet and ensuring these devices are safe isn’t something an organization can do on its own, they can partner with a service provider that can keep an eye on the entire printer fleet. They can identify where each device is in its lifecycle, ensure the necessary firmware updates are made, and schedule hardware for replacement before it reaches end of life.
A good service provider will keep an organization informed on every aspect of an organization’s print environment, making recommendations proactively rather than reactively so that budgets can be planned and replacements scheduled. This helps mitigate vulnerabilities that could put a network at risk.
For companies that do not have internal IT support, this is a great way to ensure a printer vulnerability does not lead to a business interruption. And for companies with internal IT support, working with a service provider that is concerned only with an organization’s print fleet allows that internal team to focus on mission-critical activities while other dedicated experts manage these tasks.
Bad actors are working every day to get past organizations’ security measures. By being proactive, it’s possible to maintain a much stronger security posture while mitigating any damages that might occur if there is a breach because there is professional support in place to react. ●
INSIGHTS Technology is brought to you by Blue Technologies, Inc.
