PRINTER SECURITY - OVERLOOKED LEAK

10. May 2010, 13:51 | by WD Milner | Full Article |

A much overlooked item when considering information security is the printer. Often these printers contain hard drives that retain data even after printing, or in the case of multifunction devices after scanning documents, FAX options that permit sending to anyone, and completed documents left in out and in trays. There are some basic steps that can be taken to help reduce or eliminate security risks associated with printers.

A common security feature found on many high end printers is what is known as secure printing. In its simplest form, secure printing lets a job be sent to the printer but requires the entry of a password at the printer for the document(s) to actually be printed. This prevents potentially confidential documents from sitting exposed to view or theft (or being inadvertently picked up with someone else’s print job) in the output tray until they can be retrieved.

More secure forms of secure printing require the use of a smart card in place of a password, or some form of biometric authentication system (fingerprint, retinal, venal scanners, etc.). These various options may be combined depending on the level of security required. Ultimately using all three results in the triumverate of something you know (password), something you have (smart card) — the classic two layer authentication — and something you are (biometrics). In the case of multifunction devices, ensure that any needed authentication includes FAX, e-mail, scanning or copying.

From a hardware standpoint, there are also steps that can be taken. If the printer supports it, print confidential material directly from memory rather than a hard drive cache. This ensure no residual data is left behind after the print job.

To protect data immediately, any data cached on the hard drive should be overwritten as soon as the print job is completed. Also look to encrypting the printer hard drive with appropriate level of encryption (eg. AES). When the printer is finally removed from service, its drive should be overwritten at least once or preferably multiple times. There are several excellent utilities available for this.

With a little forethought your printer won't become an overlooked information leak.

Note — the above applies to photocopiers as well.

- 30 -

Categories: ,
Keywords: security,printers,information leak,encryption,authentication

Comments


 



Textile help
 
* Indicates a required field.

As a SPAM prevention measure, comments are moderated and will be posted once vetted.

 

Article & Comments


Comments are not enabled for all articles or documents.

Article Navigation
|

Categories

Business
Communications
Electronics
Entertainment
Environment
Government
Internet and WWW
Miscellany
Music and Audio
News
Photography
Privacy
Psychology
Security
Society and Culture
Stage and Screen
Technology
Theology
Tips and Tricks
Web Design
Web Site


The Birches - Milner.ca Support Child Safety Online

 

 
 
 Help to FIGHT spam!
 • 
  •
•••