Posts by kbannan

"The hijacker says he or she wrote a script that scanned for insecure public-facing devices with open RAW, Internet Printing Protocol, and Line Printer Remote services – running on network ports 9100, 631, and 515, respectively – and fired over print jobs."

Yes, it all goes back to user or IT mistakes. As mentioned above -- leaving ports open, not updating firmware, not having good user policies in place, etc. There's a great blog that gives you ideas on how to make sure your printer is protected including reviewing an existing security policy and assessing network vulnerabilities. You can read the rest of the blog here. It's a bitly: /2korB0y

--Karen Bannan for IDG and HP

This is huge news because too few organizations understand the security risks that a printer opens up. From a recent blog I read about getting smarter when it comes to print security: "Most of the time, our meeting is the first time that the print and security teams sit down together at the same table. So, right away, we know that there is a lack of understanding between the priorities and realities in those organizations. It’s important that the print team understands that if a device is going to touch the network, security must be involved." That blog is here. It's a bitly /2fyinZ7

Are they involved? Unfortunately, no. Hoping this will help things move along a little better.

--Karen Bannan for IDG and HP

Any networked device can be used as a weapon online. You have to protect yourself and your network. There's a great article that explains why I say that. From that article: "Research conducted by the Ponemon Institute reported that 60 percent of companies surveyed had a data breach involving printers, requiring an average of 46 days to resolve a cyberattack." The bitly is /2ctpAK9

So how do you fix this problem? I don't think taking a DIY strategy is going to work. Maybe it's time for more vendors and organizations to start working together. The hackers are smart enough to do it. Why shouldn't we?

--Karen Bannan for IDG and HP.

It's also worth pointing out that all of those devices should be protected, too. Even if someone got in they can't do anything if the endpoints are locked down. Are devices configured securely? For instance, are you managing your printers with policy-based print security compliance tools? Are there firewalls in place? Are you monitoring network traffic for anomalies?

Karen Bannan for IDG and HP

I can definitely see this. Just read a blog that details some of the things you can do to mitigate the risk of printers on your network. Here are two items from the blog:

-- Make sure that computing devices use only encrypted communication protocols, and disable unused ports and protocols on the printer.

-- Support at least one form of user authentication (preferably two or three), and consider the implementation of pull printing for print environments with a high volume of confidential information or compliance requirements.

The rest of the article talks about why hackers love printers. There are lots of reasons. :) You can find the article here. It's a bitly so just add this to bitly: /2ctpAK9

Karen Bannan, commenting for IDG and HP

--

It is only going to get worse until people start being more proactive and realizing all the actual threats that are out there. From a white paper:

"Embedded devices such as industrial computers, POS (point of sale) machines, ATM

(automatic teller machines), physical security alarm systems, building automation

controllers, environmental controllers for heating and air conditioning (HVAC) systems,

and printers are often overlooked when it comes to cyber security. These devices do not

operate on a common mature operating system like Microsoft Windows, and each

manufacturer tends to use their own set of security features within these devices, if any

are applied at all. Most IT and Security departments focus most of their time and

resources in maintaining security levels for the corporate network devices and

computers, and solutions to protect embedded devices such as printers and industrial

HVAC controllers are a low priority, if not a nuisance."

Food for thought!

Karen Bannan for IDG and HP

Do you have to choose?

I'm not sure that more people using DaaS necessarily means that VDI is dead or in trouble. There are very specific use cases for both technologies. In addition, there may be organizations that need and use both -- VDI and DaaS.

--KB

Karen J. Bannan, commenting on behalf of IDG and VMware.