With the revelation from the infamous PewDiePie hackers that copycats could soon be infiltrating IoT devices, KYOCERA’s Aaron Anderson has been offering businesses advice on how to protect their printers.
As Anderson explains, “Since the PewDiePie hacks, the number of vulnerable printers globally dropped by almost 50 percent.” However, the hackers responsible have now issued a warning that copycats could be seeking IoT devices to infiltrate.
The “only response” to such a threat, says Anderson, is “an organisation-wide approach to cyber vigilance”, adding that the hacks revealed that “more needs to be done to prevent potential risks becoming reality.”
“Printers need to be encrypted as a means to safeguard against the loss of personal data,” Anderson continues. “Encryption is one of the key technologies highlighted within GDPR, so it is imperative that data stored on printers be encrypted to limit the impact of a breach.
“In any organisation, there are multiple entry and exit points from which data can flow and your printer is one of these. Whether the data is in the form of e-documents or traditional paper formats, it is important to have a clear knowledge of the risks and an understanding of what data is being held in the printer. Something businesses can do right now, to save yourself a lot of time and stress later, is conduct a thorough audit of all existing data practices, policies and equipment within their organisation.”
He goes on to explain that KYOCERA has evaluated 10 key areas of printer security weaknesses which businesses ought to evaluate to ensure they are protected. These areas are:
- Capture – scanning and copying documents to uncontrolled destinations can breach data protection guidelines
- Output tray – documents left on the output tray account for the biggest loss of data
- Machine operating system – an unprotected operating system could allow takeover of the machine
- Ports and protocols – open and unused ports and protocols represent a risk that can be exploited
- Management – without regular device scanning, persistent security holes could be exploited
- Network – data can be intercepted across the network link
- Cloud connection – connecting to offsite locations may leave you open to data breach
- Device storage – content stored in devices could be accessed
- The human factor – employees can leave sensitive information on their desk
- Operation panel – an unlocked panel can allow users to tamper with settings
Anderson concludes that in this technological era there are both “new risks and improved technological solutions” but “organisations must act now to significantly decrease their risk of falling victim.”
