Six Steps to Protecting Your Office Network and Printers
Hackers and cybercrimals are using networked MFPs and printers as a route into organisations to steal confidential data stored on hard drives and other networked devices, cause malicious damage or disrupt business activities. An IDC report found that 25 per cent of IT security breaches that required remediation involved printers. The impact on productivity and profitability can be huge.
The risk posed by unsecured MFPs and printers is often misunderstood and ignored, or businesses simply lack the expertise and resources to start tackling the problem. A lack of awareness among users is also exacerbating the problem, as bad practices can expose documents and data to the risk of being compromised.
The steps that businesses need to take to create a consistent network security system, or print security policy, can be a time-consuming process. However, we feel that the following six steps offer a structured way to develop and introduce your own consistent network security framework.
1: User identification and authorisation
One of the most important steps to network security is to only allow known users to access networked devices like the printer. This can be achieved through user administration and authorisation.
User identification: This is the process through which administrators give only registered users’ access rights to MFPs and printers. They must identify users using either local authentication based on the local user list, or network authentication through the authentication server. They also need to decide who belongs to their business groups by creating a user name and password, as well as enforcing a bespoke/unique password policy.
User authorisation: This is used to grant access to the organisations network assets and control their usage. Based on each user’s credentials, they can limit the access to specific people, restrict access to device functions, or completely block access. The administrator can also configure access to the device through access cards, which hold the user identification data.
For more complex environments, administrators can use complex Output Management solutions to control fleets of multiple devices that are connected through an Output Management system.
2: Secure the network
Any devices connected to the network are only as secure as the most vulnerable point on the network. So, controlling the use of Ports and Protocols is a very important part of maintaining network security. Through sensible configuration, IT administrators can prevent unwanted activities and potential attacks on the infrastructure. The techniques for ensuring secure communication between each device and the network include:
- Use IP filtering to limit the access to specific IP addresses as well as MAC (Media Access Control) filtering. This helps to protect your network and your communication channels by only allowing access through specified IP addresses or ranges.
- Disabling unused ports (so only the required ones’ work) provides an extra security layer and gives you more control over your network, by preventing unauthorised access to all connected assets.
- Ensure that IPSec (the Internet Protocol Security for secure and encrypted data exchange), TLS (the Transport Layer Security for encrypted data transmission) and HTTPS (the Hypertext Transfer Protocol Secure for secure network communication) are configured for the highest protection level you need.
3: Protect your data
There are two ways to ensure that the data stored on the hard disk drives (HDD) of MFPs and printers remains secure:
- Data Encryption is the procedure or functionality that encrypts documents using a complex 256-bit algorithm.
- Data Overwrite is the data erase option for a device’s HDD. It ensures that all data already stored on the drive and any electronic images of printed documents are permanently erased by being over-written up to 10 times.
For added peace of mind, Sharp also offers an end-of-lease/service option that ensures that any digital data left on a device is erased and the physical HDD destroyed.
4: Print confidential information securely
Confidential documents should only be printed using a secure procedure that prevents unauthorised access and copying. Typically, when a print job is submitted it will be held on the device’s HDD and will only be released once the users enters a PIN code or presents a fob or card, which will have been previously configured. Once the document has been printed all data is automatically erased from the HDD.
5: Remote monitoring and control
When introduced correctly, network security tools can give IT administrators total control of all networked devices, directly from their desktops. So, they can control an entire fleet of MFPs and printers and remotely discover, set up and manage most of the potential security threats. The ability to clone devices also streamlines the work of administrators and provides added peace of mind, as any changes to device settings can be easily populated across the entire fleet.
6: Choose the right partner
There are many companies offering professional services related to network security and network peripherals, however, the level of expertise can vary significantly. Sharp takes network security seriously.
As a manufacturer, our information technology equipment is evaluated using guidelines specified for comprehensive Common Criteria certification. As a result, Sharp MFPs and printers with an embedded data security option have been independently assessed by the globally renowned Japan’s IT Security Evaluation and Certification system (JISEC). They have been certified as conforming to the latest Protection Profile for Hardcopy Devices v1.0 (HCD-PP v1.0) standard of the Common Criteria, which means that we can support customers handling the most sensitive data in the world.
Sharp’s comprehensive security offering, combining hardware and software products with our strong heritage in technical consultancy and Managed Print Services (MPS), can help your business meet the growing need for network security, and manage such industry changes as GDPR compliance.
The above tips are presented in our Network Security guide, which you can download for free from our Sharp Information Security page.
European PR Manager