Security Summary

The list below shows both fundamental and advanced printer protections–including those used within your organization. Use it to make sure your business has its multifunction printers secured against attacks.

DEVICE

Encrypted storage with secure erase

Hard drive encryption is highly recommended to prevent the theft of information stored on the printer’s hard drive.

Secure disposal

It is critical to erase or destroy printer hard drive data before the printer is taken for disposal.

Secure printer repair access

Knowing the security practices of printer maintenance vendors will help protect sensitive data.

Disable unused ports and protocols

Reduce the attack surface through device configuration including disabling unused ports and protocols.

Physical security (locks)

Locking input trays help prevent theft of sensitive paper such as prescription or check stock.

Administrator access control for device

It is recommended that only IT staff or other authorized personnel be allowed to set up and configure printer settings.

Whitelisting of firmware code

Whitelist trusted applications (like printer firmware code) to increase security while protecting your fleet from potential malware.

BIOS Integrity

Check printer firmware, validate firmware version and (in the event of malware detection) reboot from last known safe settings.

Intrusion detection

Monitor your network devices for intruders and noncompliance.

Common criteria certification

Use this international standard to check the authenticity of software on the printers on your network.

NETWORK

802.1x or IPsec network standards

Applying these standards allows you to encrypt data in transit to and from printers.

Encrypt data in transit

Encrypt data with a print driver or Internet Print Protocol over TLS (IPPS) to make files nearly impossible to read if intercepted.

Encrypt data at rest

Protect data at rest on printer mass storage.

Firewall protection

Prevent malware and viruses from entering your network by limiting printer access to computing devices in network.

Apply digital certificates to printers

Fleet management tools can allow you to automatically apply digital certificates to network printers and multifunction printers.

ACCESS CONTROL & AUTHENTICATION

PIN/LDAP/Kerberos

User authentication controls are effective ways to prevent sensitive documents from falling into the wrong hands.

Role-based access control

Help reduce costs and security risks through printer feature restrictions, such as limits on who can fax, scan to email, or scan to fax.

Authenticate to use the device via passwords, biometrics, Proximity Cards, etc.

Methods such as passphrase, PIN, LDAP authentication, proximity cards and biometric access controls are effective ways to restrict access to sensitive documents.

User authentication and tracking of printed jobs from all devices, including mobile

User authentication solutions can track all printing activities and help ensure compliance to corporate security standards.

Mobile devices included in network access

Utilize your mobile devices as part of your overall print security policy for printer access control.

MONITORING & MANAGEMENT

Updating devices with latest firmware/OS

A printer fleet security management tool ensures devices are up to date with the latest device protection and security features.

Review printer security event logs

Printer events/notifications configured and reviewed on a syslog server.

SIEM software to detect and document threats

Security intelligence and event management (SIEM) software allows you to detect and resolve printer security alerts.

Auto-configure new print devices when added to the network

Automatically apply and maintain digital certificates to network printers and multifunction printers.

Compliance audit reporting of print fleet security

Proof-of-compliance reports to demonstrate application of security polices to printers and securing of customer data.

Outside security consultation or management

A support team of consultants can show you how to improve the security of your data, devices, and documents.

DOCUMENT

Control access to preprinted forms, including checks, prescriptions, etc.

Restrict certain printer features by user or department.

Option for PIN or Pull printing for sensitive information

Users can opt in to pull printing, reducing both the reliance on personal printers as well as the risk of print jobs falling into the wrong hands.

Required pull print for any print job

Help eliminate unclaimed print jobs in addition to ensuring printed documents are protected.

MICR, watermarks or other features to prevent copying or modification

Multifunction printers can embed fraud protection into documents.