- Departments often do not cooperate when buying new printers risk buying defective equipment
- Nor do they patch on time or enough – and leave the doors open
- DECLOCKING OFFICE HARDWARE IS A TRUBLY ALSO
Hackers could use your business printer as a light back door in your corporate network and all devices associated with it, experts have warned.
A new report from HP Wolf Security outlines how most companies neglect their printers throughout the unit’s life cycle, where they find only a third (36%) of the respondents use firmware updates as soon as they are available.
Firmware updates are important as they often address newly discovered vulnerabilities and if not used, cyber criminals do not have to blindly search for deficiencies – they know exactly where and how to strike and move in.
Four phases (of the printer’s apocalypse)
But firmware update programs are just in the ongoing steering step, as the report notes that a printer’s life cycle has four phases, including supplier choices and onboarding, remediation and shutdown and second life.
In all these stages, printers are exposed to various risks, including the lack of purchasing cooperation, RFPs that are not controlled, and inability to verify the printer’s integrity.
The report also found that most companies see data security as a barrier to printer recycling, resale or recycling, and only a third (35%) said they were uncertain whether printers can be fully and secured.
At the same time, a neighborhood believes it is necessary to physically destroy printer storage drives, while a tenth insists on destroying both the unit and its storage drives.
“Printers are no longer just harmless office fixtures – they are smart, connected devices that store sensitive data,” warns Steve Inch, Global Senior Print Security Strategist at HP Inc.
“With perennial update cycles creates unsecured printers long -term vulnerabilities. If compromised, attacking harvesting confidential information for extortion or sale can leave. The wrong choice can leave organizations blind to firmware attacks, manipulation or intrusion, which effectively adds the welcome to attack to access the wider network.”
