Press "Enter" to skip to content

Print, copy, scan, secure

Too many businesses are leaving their MFPs unsecured and vulnerable to attack, warns Sharp

More than half of small and medium-sized businesses are leaving themselves vulnerable to a serious data breach by not adequately protecting their office printers, according to new research from Sharp Business Systems UK. The pan-European survey shows that despite a great deal of publicity around the topic, office workers remain blind to the possibility of unsecured MFPs being used by hackers to access printed, scanned or faxed documents or launch sophisticated attacks across a company network. As many as 95% of UK workers surveyed do not consider printers and multifunctional printers (MFPs) as an IT security risk and only 18% are aware that printers can be hacked. More than half (54%) say that their printers can be used without any form of user authentication. To find out more about the survey and what Sharp is doing to help protect customers, ManagedIT spoke to Sharp Business Systems UK Group Product Marketing Manager Julian Hodges.

ManagedIT (MIT): Why did Sharp undertake a survey into printer security?

Julian Hodges (JH): The project was instigated and run by our European colleagues as an education piece, looking at the knowledge gap around security and MFPs, both network and hard copy security. We wanted to create a reassuring message around security, rather than something that is driven by fear, with some really positive messages about our technology and what it has to offer. We also wanted to make the point that we are here to help SMBs and our partners to protect the things that are important to them.

MIT: What were the findings that really stood out for you?

JH: The research was quite comprehensive, involving 5,000 office workers in seven countries, so there were a lot of interesting findings. One that stood out for me was that 95% of those surveyed didn’t recognise printers as a security risk. People think of network technology, like computers, as something criminals might want to hack, but don’t associate that sort of threat with MFPs. From that point of view, this research is a really useful reminder that MFPs are vulnerable and you need to make sure you have the right partner and the right solution in place to protect yourself.

MIT: Don’t you find it surprising that awareness is so low, because there has been a lot of publicity about the security risks of MFPs?

Sharp MX-M4051
Sharp MX-M4051

JH: It is surprising, but people make a lot of assumptions when it comes to security. They tend not to worry about the details and just assume IT security is to do with computers or maybe their phone. Historically, they have looked at printers simply as bits of equipment that produce paper documents – nothing more than that. In fact, they are quite complex pieces of technology and obviously vulnerable in various ways to data breaches and document security.

MIT: What do you think SMBs should be doing to secure their devices?

JH: We worked with an ethical hacker called Jens Müller and he came up with three very simple tips for businesses to consider. The first is to enable encryption on the devices. Nowadays, most print devices and MFPs come with encryption, but you have to enable it. It’s simple to do and just by doing it you are improving your security. The second one is to change the default password on your network printer. The majority come with either no password or a default one, and the bad people out there in the world know what those passwords are, so if you don’t change the default password, you are leaving your door wide open. The third one is to put in place user authentication as a simple way of protecting equipment from malicious activities, as well as unauthorised printing and unauthorised activity on machines. Three simple tips. In addition, try to engage with a partner that’s working with a reputable manufacturer with a full set of features and functions on their devices to make sure your business and your
systems are secure.

MIT: Is there anything unique or special about the security capabilities of Sharp devices?

JH: Our latest CR4.5 series devices have a number of market-leading security features. These include whitelisting – the ability to create a guestlist of applications that are allowed to interact with the MFP. If an application is not on the list it won’t be able to interact with a device. We have introduced a new self-healing system on the firmware, which gives a device the ability to monitor malicious activity and revert to a safe version of the firmware should it be compromised. Uniquely, our devices will maintain activity while reverting to the original firmware. The business administrator or IT administrator would be notified of the activity that caused the firmware to revert to the safe copy, but from an end user’s point of view there is no loss of productivity or functionality on the device. There are some nice physical features on the new range as well, because data security is not just about electronic data but also about the physical data that can be lost. For example, if somebody leaves a hard copy document on the scanner after making a scan or copy, an LED light will indicate that the original document is still there and remind the user to take it away with them.

MIT: Have you been working with security companies on these features or has Sharp developed them itself in-house?

JH: All the features on the MFPs have been developed in-house by Sharp. We try to be at the leading edge of developments in print security and have a very strong heritage in this area. We were the first manufacturer to get the Common Criteria validation, back in 2001. More recently, we were the first to get the new Hard Copy Device Protection Profile (a new requirement for digital MFPs based on the security requirements specified by the US and Japanese governments – Ed). We are an award-winning manufacturer for our security and like to feel we are at the leading edge in this area.

MIT: Have you been working with security companies on these features or has Sharp developed them itself in-house?

sharp MX-M6051_M5051
sharp MX-M6051_M5051

JH: All the features on the MFPs have been developed in-house by Sharp. We try to be at the leading edge of developments in print security and have a very strong heritage in this area. We were the first manufacturer to get the Common Criteria validation, back in 2001. More recently, we were the first to get the new Hard Copy Device Protection Profile (a new requirement for digital MFPs based on the security requirements specified by the US and Japanese governments – Ed). We are an award-winning manufacturer for our security and like to feel we are at the leading edge in this area.

MIT: How do you plan to build on this research and increase awareness around MFP security?

JH: We’ve launched the ‘I am Secure’ campaign, which we are using as an education tool and a conversation piece for our resellers, our dealers and our customers; we’ve produced a report on the back of the research, which is available for people to use, as well as a number of white papers; and we have created a range of marketing collateral to promote the fact that print security is really important nowadays and that it is vital for customers and dealers to partner with an organisation that has the right technology and the right solutions to address this important matter.

www.sharp.co.uk

Readers can download Sharp’s free guide, Simple printer security for small businesses, at:

https://tinyurl.com/vktvydy

Please follow and like us:
2020