How to secure your network weak links to improve compliance

It has never been more crucial for companies to have multiple layers of protection covering every endpoint in their infrastructure, including the devices that aren’t getting security attention today.

In a 2016 Global State of Information Security Survey, PwC reported that organisations have experienced a 38% increase in detected IT security incidents¹. Attacks are more frequent, more aggressive, more sophisticated and more unpredictable.

And while new regulatory requirements recognise that breaches are inevitable; organisations must prove they haven’t been negligent in their handling of customer data. If negligence is shown, organisations could be penalised with significant fines.

It’s essential for security teams to investigate every corner of their business IT infrastructure and build an extra layer of protection on top of standard network perimeters. Firewalls alone cannot withstand sophisticated attacks. A security policy extending layers of protection to network endpoints is a must-have for businesses to meet regulatory requirements and avoid costly fines.

Printers are often ignored as businesses focus on data centres, the cloud and mobile devices while they move towards digitisation. However, if a printer is connected to the Internet, it’s as vulnerable to an attack as a PC. Take the extensive breach across multiple US colleges in March 2016, where a hacker discovered 29,000 unprotected printers and accessed dozens of them to spew out hate flyers. The breach showed that unsecured endpoints such as printers can be remotely accessed and hacked.

In a recent study by Spiceworks, it was found that 82% of organisations experienced an IT security breach in 2016 yet very few are taking printer security as seriously as they should. Only 16% of organisations perceive printers as a high risk. Although nearly 57% have security practices in place for printers this trails other endpoints with 97% having security practices in place for desktops and laptops.²

"Security breaches are not confined to computers or mobile devices but can also originate from other endpoint devices, such as network printers. Hackers have been known to gain entry to an organization's network via open ports on the network printers. This method allowed Russian hackers to penetrate a Denmark-based company that performs sales, service, and technical solutions for the metal, furniture, and automotive industries. The hackers gained entry to the company's network via one of its label printers. They then demanded a ransom to unlock the company's IT systems, customer information, and other vital data." Evan Hardie, IDC³.

IDC also found that on average, organisations can reduce the frequency of printer security breaches by up to six times if they deploy enterprise printing security solutions⁴.

Organisations surveyed by Ponemon experienced on average 2 attacks per week in 2016, an increase of 23% year on year⁵. Although many IT departments rigorously apply security measures to PCs and the network, printing and imaging devices are often overlooked. But printers can provide an entry to your network and securing them is just as important. Of all significant data breaches reported by IT managers in 2015, 35% involved their printers⁶.