This Week in Imaging: A Deeper Dive into Today’s Security for Printers and Copier/MFPs
We’ve noted previously that one area that’s become an increasingly important competitive differentiator when selling printers and copier/MFPs is security, as cyber-hacking can expose companies to millions’ of dollars worth of costs and litigation.
In general thus far, hardware vendors’ approach has included:
- User auditing and authentication (PIN cards, user names and passwords, RFID readers, and even biological authentication);
- User confidential print (users must authenticate themselves at the device before their job can be printed);
- User blocking – restrict users only to specified functions and features; for instance, block use of USB ports and scanning, lock the control panel, etc.;
- Firmware whitelisting (only approved, digitally signed firmware upgrades can be downloaded to the device);
- Hard-drive encryption, overwrite, and erasing
- Attack monitoring, and self-healing after attacks;
- Encrypted traffic to and from the device;
- Fax withholding (faxes aren’t printed until the appropriate user authenticates themselves at the device); separation of the fax telephone line from the network connection;
- Removable hard drives; physical locks for securing hard drive and motherboard;
- And of course, there’s the always the oldie-but-goody: make sure customers change and harden the device’s default password when it’s set up. Changing the default password is critical when you consider that a majority of printers today are connected to the Internet whether directly or via a network. (You would be surprised how many small and home-office users don’t do this.)
It should also be noted that dealers and solutions providers’ are increasingly relying on third-party cloud-based workflow and data-storage solutions that feature built-in security guarantees. Consequently, if a breach occurs, the cloud provider cleans up the mess and takes the heat – not the customer, dealer, or solution provider. In fact, it could be argued that the leading cloud service providers feature security that is superior to that of what nearly any customer, business or institution could match on its own.
As for other security solutions, earlier this month, we also saw Xerox introduce one of the most interesting new security solutions, Content Security, which is part of the Xerox Workplace Suite.
Content Security protects intellectual property and information that should remain confidential by monitoring all content that’s printed, copied, or scanned. It automatically notifies content owners or administrators if sensitive information is being printed or shared. Content Security searches all documents that are copied, scanned, or printed through a device for specific user-defined terms or text strings (such as “confidential,” “internal use only,” etc.). If a match is found, an alert, along with job details and content, is sent to an administrator. We can think of lots of other things that customers could set up as trigger words and terms, such as salary, client list, patent, IP, etc.
While not publicized by hardware vendors, there’s also another method for tracking users. Using a process called steganography (the hiding of secret messages within ordinary messages or images), the printer prints information in the form of a grid that, that, once interpreted with special software, indicates when and where the document was printed. The grid is so tiny and unobtrusive that users won’t be aware of it. Various OEMs color laser printers are said to provide this, and the technology is said to have led last year to the arrest of a U.S. National Security Agency contractor who printed and then scanned and sent confidential NSA information to a media outlet. According to the Electronic Frontier Foundation at the time, all major manufacturers of color laser printers have entered into agreements with governments to provide this service, so that printer output is forensically traceable.
This Week in Imaging: