Recognizing Print Security Risks
The first step is to recognize the print security risk, then take steps to address it. But how? Fortunately, printer manufacturers understand the issues and have implemented many functions in their devices to minimize or eliminate potential threats. For example, modern network printers support security features such as HTTPS, certificate management, IPsec, port filtering, digitally-signed firmware updates, secure password reset, and more.
They have also developed software tools to define and manage security controls and procedures across a fleet of devices, including scanning the devices on a regular basis for viruses and malware. These tools can ensure that all data residing on device hard drives is encrypted, and they can wipe clean hard drives before disposal. Finally, the tools can gather information (metrics) from the devices to ensure compliance with defined policies.
Simple Network Management Protocol (SNMP) is a network management protocol that is used for collecting information from and configuring network devices, including printers. SNMP has been around a long time, and it has evolved to address changing market requirements. SNMPv3 is the current standard defined by the Internet Engineering Task Force (IETF), and it provides user authentication and data encryption of information exchanged between “SNMP managers” (e.g., print/output management software) and “SNMP agents” (printers).
Most modern print devices and device configuration/management software tools support SNMPv3. All major print/output management solutions use SNMP to gather information from print devices (e.g., status); however, support for SNMPv3 varies by vendor. Ideally, SNMPv3 should be used when possible to improve security of the remote management of print devices; however, some solutions are less critical than others. For example, there is less risk associated with print/output management solutions that simply retrieve information from devices (e.g., status), compared with device management tools that remotely configure (set/change) print device settings.