Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
7 Ways to Lock Down Enterprise Printers
Following the PrintNightmare case, printer security has become a hot issue for security teams. Here are seven ways to keep printers secure on enterprise networks.
Enterprise printers have long been an afterthought in IT security, but all that changed earlier this year with PrintNightmare, a flaw in Microsoft's Windows Print Spooler Service that could be exploited in remote code execution attacks.
As a result, Microsoft has issued a series of patches – and enterprise security teams are beginning to assess the security of printers on their networks. This is especially critical given most companies will continue to operate as a hybrid workplace, with workers using their personal printers at home in addition to remotely connecting to the printers at work.
Nasser Fattah, North American steering committee chair for Shared Assessments, says printers have not been viewed as a security concern in the past, despite the fact they print some of our most sensitive data and are connected to our networks all day, every day. He points out that printers come with many applications, including Web servers – which, like any other application, can have default passwords and vulnerabilities – and considerable storage size to hold a significant amount of sensitive information.
“Also, office printers are connected to a company's identity repository so that users authenticate to print and the email system provides print status to users,” Fattah says. “Consequently, printers introduce serious security problems that can enable adversaries to access a company network, sensitive information, and resources. For example, adversaries, via the print default password, can redirect prints to an unauthorized location. Also, a vulnerable printer on a network presents an entry point for adversaries.”
Given these realities, we asked industry experts for tips on how to help security teams lock down printers on enterprise networks. After this year’s experience, security pros can’t say they weren’t warned about printer vulnerabilities.
About the Author
You May Also Like