Having a printer that can reach out to the Web means having a printer that a hacker can reach out to. Should SMBs lose sleep over this?
Having a printer that can reach out to the Web means having a printer that a hacker can reach out to. Should SMBs lose sleep over this?There are reports of hackers using the new remote printing facilities like ePrint to penetrate office LANS. They do three different things.
First, they get access to the printer and use it to penetrate the office network, looking for passwords and files.
The second is that hackers can take control over the printers, pool their resources, and create storage networks. (This would appear to constitute a nuisance rather than a danger.)
Thirdly, multi-function printers can be rigged to purloin images of any documents that were left on the scanner, taking advantage of their scanner's remote control feature.
Surely the answer to the third problem is implement any available security on the printer, and don't leave documents on the scanner bed.
The answer for the first two is a little iffier. Remote printing is new technology and the kinks have not been ironed out yet, and this apparently includes the security. We may have to hearken back to the early days of PC security, when the first and best advice was to turn off the machines when not in use.
With the ePrint machine I have tried, an HP Officejet Pro 8500A, the main security measure seemed to be the use of a randomized e-mail address to suppress incoming spam. And after two months I can say that no spam has arrived.
Also, it continues to work fine with Hotmail, but not at all with Microsoft Outlook 2007, despite official compatibility.
So I assume hackers would have an equal amount of trouble.