Security: UTK Guidelines for Printer Security

A networked printer or multi-function device (MFD) can be a significant entry point for those interested in sensitive and confidential data.  Often these devices are connected to the network and forgotten until it is time to replace them.  Because they are machines that have operating systems, can interact with the Internet, and are sometimes used to transfer documents on and off-campus, these devices need to be secured and be current and up-to-date with operating system and software patches. If a networked printer or MFD is not secure, all information that is being printed, scanned, and faxed is susceptible to compromise. With the built-in network capabilities, there are many ways that information can be taken and misused. General guidelines to secure your printer are listed below.

Set a strong admin password

Network printers, copiers, or multi-functional devices generally have a web interface that allows the configuration and control of the device.  By default, no password is generally set at the factory so users must be diligent in setting a strong password.  Instructions can be found on the manufacturer's support site or manuals included with the device.  In addition, change any additional passwords or community strings from default settings.  If not necessary, consider disabling the service.

Limit network access to the printer

Utilize security controls to allow access to a printer to authorized users.  A private IP address can help secure the printer from being accessed outside of the department or institution.  However, not all network infrastructure setups can allow this, so in lieu of using a private IP address, utilize other methods to limit access to the printer as possible such as access control lists in the printer configuration.  Some newer network printing devices include an internal firewall.  If possible, utilize the firewall to only allow authorized traffic to the printer. Limit access to the printer to only other devices that need to have access or at least limit access to other addresses here on the campus.

Disable any unnecessary services running

Many printers utilize more than a web interface, many times Simple Network Management Protocol (SNMP) is enabled with no community string.  In addition, maybe there are open file shares on the hard drive in the printer/copier/multi-functional devices.  Disable any services not used.  If the web interface is not absolutely needed, consider disabling it after the initial configuration.

Regularly check for and implement firmware updates

As with patch management with computers, there can be updated firmware that needs to be applied on printers.  The updated firmware can make changes in security settings.  Whenever a printer is cycled through a cold reset, all settings will go back to factory default.  Make sure after any updates or cold resets, security controls are reinstated.

Securely dispose of printers, copiers, multi-functional devices

Many printing or copying devices include the use of a hard drive.  If you lease your printer or copier, some vendors will have concessions in the contract regarding disk drive security.   If you own your printer or copier, before disposing of the equipment, securely erase or remove the disk drive. 

Print Article

Details

Article ID: 138699
Created
Thu 3/24/22 11:06 AM
Modified
Mon 3/27/23 1:29 PM
Environment
Security