Printers, Copiers And Other Unexpected Vulnerabilities - InformationWeek
IoT
IoT
Mobile // Mobile Applications
Commentary
6/22/2010
10:40 AM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%
RELATED EVENTS
Threat Intelligence Overload?
Aug 23, 2017
A wide range of threat intelligence feeds and services have cropped up keep IT organizations up to ...Read More>>

Printers, Copiers And Other Unexpected Vulnerabilities

When's the last time you updated and patched your printer's firmware -- if you ever have. Yet networked printers, copiers and other common workplace devices, including UPS backups and security cameras, can contain vulnerabilities that can put your business at risk.

When's the last time you updated and patched your printer's firmware -- if you ever have. Yet networked printers, copiers and other common workplace devices, including UPS backups and security cameras, can contain vulnerabilities that can put your business at risk.When's the last time you updated and patched your printer's firmware -- if you ever have. Yet networked printers, copiers and other common workplace devices, including UPS backups and security cameras, can contain vulnerabilities that can put your business at risk.

It's all too easy to overlook business support devices -- printers, fax machines, copiers and so on -- when assessing your business's vulnerability profile.

But in the course of a recent piece on vulnerabilities hiding in plain sight that I did for Dark Reading, I had it pointed out to me again and again just how dangerous an oversight that can be.

The chief culprits:

  • Any networked device that doesn't have thorough and up-to-date security procedures and tools in place.
  • Devices that contain hard disks and other storage capability, in which persistent copies of sensitive information can reside, ready to be viewed or stolen
  • Default passwords left in-place on business equipment; some devices have "hidden" default passwords for service technicians
  • Unexpected vulnerability sources such as TCP/IP connected security cameras or networked UPS backup power supplies

Add to those the old familiar workplace vulnerabilities such as personnel badges and swipe cards left on desks, unsecured paper notebooks containing passwords, log-ins and access codes as well as generally unsafe computing practices by ostensibly "tech-sophisticated" workers and you have a pretty good array vulnerabilities that you may have never considered before.

That oversight is itself a vulnerability -- one that it's time to eliminate.

Even a brief walk-through of your workplace with both your eyes and your mind open can reveal vulnerabilities that need to be fixed. (Here's another one to look for: Ask your employees to turn over their keyboards. Odds are you'll find at least one password taped to the bottom of a supposedly secure worker's keyboard.)

When assessing your company's vulnerabilities, be sure to address -- and repair -- all of them.

Don't Miss: Printer Security? Yep: Printer Security!

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll