Cybersecurity is high on every organization’s agenda in a world of hybrid working, digital transactions, high profile data breaches, and strict data privacy rules backed by tough penalties. Despite the vast sums of money businesses spend on securing data and systems, one part of the ICT infrastructure needs more attention – namely, printing.
Global research from Quocirca finds that 61% of organizations experienced data losses in 2023 due to unsecure printing practices and 70% of organizations are dependent on print-driven processes.
Yet the organizations responding to the survey almost universally regard employer-owned home printers and the office print environment as relatively low priorities.
This isn’t surprising, given that companies have had their hands full responding to challenges such as social engineering and ransomware attacks. Yet it’s important to take note of the multiplying list of print-related attacks, with print offering an increasingly attractive surface for botnet, ransomware, and denial of surface attacks.
As companies harden other aspects of their endpoint and perimeter security, it is almost inevitable that hackers, rogue employees, malware authors and other bad actors will seek out new vulnerabilities in corporate IT infrastructure. For many organizations, office automation devices risk becoming the soft underbelly of their cybersecurity protection.
 Mind the security gap
 By some estimates, there are as many as 200 vulnerabilities within a typical printing device. The list of security holes has grown in recent years because today’s printers, copiers, and multifunctional peripherals (MFPs) have evolved into computers in their own right, with hard drives, cloud connectivity and the ability to run apps.
Even in that context, some organizations neglect the best practices and policies that apply elsewhere in their IT environments, such as insisting on complex passwords, keeping software such as drivers and firmware up to date to address new vulnerabilities, and conducting regular penetration testing.
In addition, compared to PCs or smartphones, print security offers some unique challenges. Whereas there are only a handful of mobile and personal computer operating systems in common use today, many companies are running heterogenous print environments with each print vendor running its own firmware.
Security for these devices generally is managed separately from the tools and processes used for the rest of the organization’s perimeter and endpoint protection. It also proves difficult to implement a zero-trust (never trust any traffic or user, always authenticate everyone and everything) policy across shared printers without harming productivity.
Accidental leaks can be devastating if they involve personally identifiable information or sensitive data like credit card numbers. In addition, in an unsecure print environment, malicious insiders could steal information by photocopying or printing it when they can’t copy or send it electronically.
 Enhancing customer print security
To address this threat environment, leading companies such as Nashua understand the print, copy, and document management environment. Our solutions help our customers address vulnerabilities in print networking, hardware and software using cutting edge tools, zero trust practices and better policies.
We can also support clients with document security tools. We offer proactive features that include print usage monitoring for insights into printing behavior and print policy enforcement for resource management.
With security threats in the print environment evolving, now is the time for companies to address weaknesses in access control and trust. The right tools and policies can prevent attacks via unauthorized access and leakages of sensitive information.
By Chris Kruger, Managing Director at Nashua Kopano