If you help keep your network safe from cybercriminals, one area to take a careful look at for your company is your fleet of printers and copiers. Not only are these a potential entryway to your network, but they are one of the most overlooked peripherals when it comes to hardening networks.
Copier Lease Center is here to help draw awareness of this area of your IT infrastructure, and we would also like to offer some common sense tips to help keep your data safe.
In this article, we will cover credentialed printing, port access, and disposal of your devices to help keep your data safe.
Credentialed Printing
If you have a lot of employees, we have seen stacks of paper by printers that could possibly contain secure data. One of the reasons these piles of paper exist is because an individual will print, get interrupted by a call, or realize something is wrong about the print and then do a second print. With credentialed printing, these issues are minimized. In order to print, someone needs a PIN code or a badge. What this means is that a person cannot print without being there to get the output from the printer. This saves money on paper, is more environmentally friendly, and adheres to best practices for data security.
If you are concerned with seeing stacks of paper sitting by printers, you should consider PIN or badge-based printing.
Port Access
Next, we need to talk about port access. Printer ports, like ports on any device, can be a gateway used by hackers to potentially access your network. Keeping your ports secure is another important aspect of IT security when it comes to printers.
Before discussing which port numbers, we would like to remind you of the importance of using data encryption to the printers so the stream of data is not available to a cyber-criminal. Another overlooked task can be updating the firmware which can help protect ports when a vulnerability is discovered by a manufacturer.
As for which ports should be open or closed, it depends on the specific needs of your network and the types of printers you are using. However, there are some general recommendations:
- Port 9100: This is the standard port for networked printing. If you are using networked printers, this port should be open, but only to devices that need to use the printer.
- Ports 515, 721-731, and 9100-9107: These ports are used for Line Printer Daemon (LPD) services for network printing. They should be open if you are using LPD for network printing but closed if you are not.
- Port 631: This is used for the Internet Printing Protocol (IPP). It should be open if you are using IPP, but closed if you are not.
- Ports 137-139 and 445: These ports are used for SMB printing (Windows network printing). They should be open if you are using SMB printing but closed if you are not.
- Port 161: This is used for SNMP, a protocol used for managing devices on IP networks. Printers often use SNMP for status monitoring. If not necessary, this port should be closed as SNMP has known security vulnerabilities.
Remember to always keep your printer firmware up to date, use strong passwords, disable unneeded services, and ideally, printers should be placed on a separate VLAN to isolate them from more sensitive parts of your network. Using a network firewall to block unwanted inbound traffic to your printer can also add an extra layer of security. Also, consider the use of encrypted protocols (like IPPS) to send print jobs whenever possible.
Disposal of Printers
Finally, considering your disposal strategy is imperative to a sound IT security strategy. There are some printers and copiers, especially older ones from before 2014, which would have data on a hard drive that was unencrypted, and this makes it easy to steal data if someone were to get a hold of the printer or copier. Other items to consider are address books and scanning setups within the copier, as many companies use the same data when they set up the new copier.
The more information a hacker has about your network and setup, the more likely it can be penetrated. At the very least, you should wipe all address books and set up configurations before returning a copier.
If you would like to talk more about your printer security, please give Copier Lease Center a call and we can help your team harden your network and help keep you protected.
Articles we think you’ll like:
NEED A QUOTE NOW?
You'll Get a Real Quote in Under 2 Minutes!