Multifunction devices (MFDs) are a boon for small and medium-sized enterprises (SMEs) who benefit from their small footprint and big capabilities. However, some SMEs could unwittingly be creating a security vulnerability in their business by failing to secure their MFDs.
MFDs are increasingly connected to the internet. This means they have the same connectivity as PCs and laptops; and the same vulnerabilities. Yet many SME owners and managers aren’t aware of the potential threat that could be sitting right out into the open.
The connected nature of MFDs means hackers can potentially access your business network by connecting to them. Here’s how it could happen:
Your employees may use their smart phone or tablet to connect to the MFD to print documents for a meeting. An attacker can create a malware app that infects the mobile device without the user knowing. That app can then attach itself to a cloud print job, meaning it gets downloaded to the networked MFD. From there, it can infect the entire enterprise network.
However, it’s also important to remember that MFDs also have a built-in memory, which means they store copies of printed, scanned, and photocopied documents. If someone accesses that memory, they can potentially view all of those documents, some of which may be confidential or commercially sensitive.
This is a risk not just because MFDs can be hacked through their internet connectivity but also because many businesses don’t know where their MFDs end up when they’ve finished with them. If your business donates or recycles its MFDs, or on-sells them, there could be a risk of unauthorised access to the documents in the hard drive.
There’s another, more obvious way that MFDs can present a risk to your small business. Consider the amount of times employees print documents then either forget to retrieve them from the printer (often printing them again, wasting paper), or don’t retrieve them until later in the day. While those documents are sitting in the MFD’s output tray, they’re vulnerable to being picked up and read or copied by anyone passing by.
While this may not seem like a significant risk in some SMEs, in others, the nature of the information you’re working with could make it a real problem. For example, if you print a client list and a departing employee picks it up off the printer and takes it to a competitor, it could put your business at risk.
While these risks are real and significant, it is possible to mitigate them to a large extent. Here’s how:
1. Use your device’s inbuilt security features
Most modern MFDs have security capabilities to protect your data but you’ll need to activate these settings. It’s also important to remember to update usernames and passwords; don’t leave them on their default settings. Create unique usernames and passwords that are hard to guess.
2. Leverage optional security features
You may be able to add security features such as data encryption to further harden the security on your MFD and enhanced document encryption methods to protect your confidential information from getting into the wrong hands. If your organisation regularly sends sensitive or confidential information to the MFD, these could be a good option.
3. Limit access to authorised users
You can eliminate the risk of unclaimed printouts sitting on the printer and creating a security risk by implementing pull printing functionality. This ensures only authorised users can print and collect sensitive documents by requiring them to enter a PIN or swipe a card at the device before the job will be released.
Konica Minolta offers the highest level of security in the industry for its MFD product line. To find out how we can help you secure your MFD, contact us today.
Read more
