Is your office printer putting your company data at risk?
MANILA, Philippines — With the rapid and extensive digital transformation across all industries worldwide, securing a company’s network and endpoints has become an indispensable part of managing business risks. As companies adopt software, multi-cloud and hardware to keep up with the disruption and changing workplace habits, the sophistication and volume of cyberattacks and data breaches has,likewise, grown exponentially.
New security strategies are needed to address networked-connected endpoint devices which can be a source of vulnerability, and it is useful to remember that a network is only as secure as its weakest link. In this context, printing remains a legacy process in most companies and is thus, often overlooked when security strategies are formulated — despite its use for highly confidential documents and access to the network — making it a sitting duck.
While there have been no reported cases of printer attacks yet in the Philippines, there have been instances where cybersecurity has been taken for granted, resulting in genuine alarm for the country.
In April 2018, the website of a popular fast food chain in the Philippines was hacked, leaking an estimated 82,150 records of customers’ personal details including names, contact numbers, email and home addresses, passwords, transaction details, and modes of payment. Following the incident, the National Privacy Commission (NPC) ordered the fast food chain to notify all its affected users as they would be susceptible to further attacks. As a precaution, the NPC also ordered another local fast food chain to shut down its website while vulnerabilities were investigated and addressed.
Both the public and private sectors can learn from such incidents and take necessary precautions. It’s only a matter of time before another hacker comes along and causes an even bigger data breach or network attack. The only way companies and organizations can prevent this is by being mindful of the security measures they implement across all networks and devices – from websites, to PC hardware, to printers.
While we are more inclined to secure what we see on our screens, other possible technical vulnerabilities should also be taken into consideration. IT departments usually apply rigorous security standards to PCs, tablets and other connected devices; they often overlook the printer in the mistaken belief that these devices would be left out by hackers as they are not important enough. There is insufficient awareness of the fact that printers are essentially IoT (Internet of Things) devices which are network connected. Research data shows that less than two percent of printers are secure, and a recent study found that up to 60,000 printer models could be vulnerable to cyber-attacks.
Locally, we are still on our way to stabilizing print security and establishing its importance among various industries. In early 2017, HP Inc. Philippines began generating awareness on this through the local launch of The Wolf web series and publicity stories on print security. HP believes that security is everyone’s responsibility and is not something that should be left to the device end-user to worry about. Businesses need a trusted partner to help them understand risks, deploy right security measures, meet regulation and avoid loss. HP’s goal is not to simply build more protection into its devices, like business printers, but also to incorporate detection and recovery capabilities from the start. This helps customers be more resilient to an ever-evolving and always disruptive world of attacks.
To that end, HP’s Enterprise Printers have layers of security that provide in-depth defenses such as real-time threat detection, automated monitoring, and software validation to stop threats the moment they start. The printers are hardened and self-healing, with embedded features and add-on protecting from threats throughout their lifecycle and this helping organizations defend their printers and networks. HP business printers also protect data through strong encryption with data in transit and at rest, as well as managed services to help ensure systems are deployed securely.
As an endpoint that is used by almost, or all employees in an organization, the printer no longer needs to be a weak-link in the network, susceptible to hacking.