Five Warning Signs Your Security Policy Is Lacking
Warning signs of a weak security policy from SunGard Availability Services.
Tell me the truth - could you live without your printer? I know I couldn't. I like being able to read things on paper rather than on a screen, so I tend to print out notes and email messages when I'm pulling together a story or trying to understand something complex.
I'm not the only one who has bucked the "paperless" trend. As my colleague Paul Mah wrote:
Despite efforts to shift towards a paperless office over the last decade, the humble printer continues to retain an important role in the offices of today. With larger businesses likely to purchase high-end printer models that incorporate built-in Ethernet ports or even wireless capabilities, SMBs are left with the unique challenge of sharing their USB-based printers in a convenient, yet power-efficient, manner.
In most offices, the printers we depend on are interconnected through a network. And yet, they tend to slip under the wire when it comes to the network-connected devices that need to be protected. That might be because no one thinks about the printer until they have to print out a document or fix a paper jam. (I worked in an office once where half of the staff had no idea how to turn the machine off and on, let alone find the right paper tray.) But the printer is indeed a threat to office security.
Right now, the hot printer security story (perhaps literally) is one that points out that millions of printers could be open to a devastating hack. According to msnbc.com, researchers from Columbia University claim they discovered a "new class of computer security flaws" that could allow printers to be controlled over the Internet by criminals. One of the flaws allegedly targets Hewlett-Packard laser-jet printers, but maybe other printer lines as well:
The flaw involves firmware that runs so-called "embedded systems" such as computer printers, which increasingly are packed with functions that make them operate more like full-fledged computers. They also are commonly connected to the Internet.
One demonstration by the researchers showed how, through a hijacked computer, a printer's fuser, which dries the ink as it prints, could be overheated. This has led to more articles than I can count with titles crying out that this hack could cause your printer to catch fire. We have no idea if that's true, and ZDNet posted HP's response to this story and how to make sure your printer is safe.
A hacked printer is probably the lesser security concern in most offices, but it is the "printer bursting into flames" story that will get all the headlines.