2 Critical Printer Security Holes MSPs and IT Services Providers Should NEVER Ignore

printer security

You may not manage the supplies and care and feeding of your customers’ printers, and perhaps you never will, but if you really care about keeping your customers’ networks secure, you should stop ignoring them. Printers, especially those on a network, pose big-time security risks that bad actors can use to compromise your customers’ networks and IP.

But beyond ignoring this serious security threat, you’re also missing out on an opportunity to increase your company’s revenue – an opportunity that doesn’t require you to ever touch a toner cartridge or fix a printer. As one of the world’s leading managed print specialists, I have conducted hundreds of print assessments, including security audits, and I’ve learned how companies can turn these challenges into payoffs.

Read on as I share the 2 biggest security holes with printers and how to fix them, all while getting more customer wallet share for doing it.

#1 Printed pages

On November 23rd, 2021, Reality Winners was released from prison. Her crime? Sharing top secret information from the NSA with a reporter. How did she do it? By sneaking physically printed pages out of her workplace. How was she caught? The NSA was smart enough to have software installed that allowed them to narrow down a range of workers who printed the leaked information. Is this kind of software top secret? No. Are most customers using it to protect their IP? No. Is this a huge opportunity? YES.

Here’s how you can help your customers secure physical printed pages right now:

Device authentication

Multifunction devices and printers can be set up to only produce pages once a user authenticates via HID card, biometric matching (fingerprints and iris scans are common), or pin-code entry. Doing so ensures that every page printed is accounted for by user. If some information is leaked, a forensic audit can be performed to find out who printed the document, and when. More importantly, when users know that their print jobs are being I.D.’d, they’ll be far less likely to print things they shouldn’t, and far less likely to share the pages with people they shouldn’t.

And yes, customers will pay you for this. You can charge by the seat just like you do for many of your other network services. Many providers of such secure-release software have cloud-based solutions which make it easy for remote installation and management.

#2 Unsecured ports and outdated printer firmware

n 2018, a hacker known as “the Giraffe” used an application called Shodan to scan for unsecured printers. He forced a bunch of those printers to print documents asking people to subscribe to PewDiePie. Fast forward to today, and not much has changed. A team of researchers at CyberNews recently ran Shodan, found over 800,000 vulnerable printers, and forced a bunch of them to print PDF documents on printer security. Although both cases were more bothersome than nefarious, it clearly illustrates just how easy network printers are to hack.

Here’s how you can help your customers secure network printers right now:

Secure printer ports and update firmware/software

Modern network printers can be configured to use only IPPS protocol via SSL port 443. Help your customers to shut down any other common ports that don’t use this. Updating printer firmware for your customers is another important security measure as this typically does not happen automatically and most IT departments aren’t very good at manually doing it on a regular basis.

Just like user authentication, this can be performed remotely…and you can charge for it. You can schedule a recurring reminder to update customers’ printer firmware to ensure they always have the latest and most secure version installed.

By providing print security services for your customers, you’ll go a long way to ensure they can enjoy business as usual while making some extra dollars for peace of mind. It’s a huge opportunity for you that has largely been ignored by those providing managed print services and is ripe for the picking.

Tigerpaw is big on helping technology services providers better their craft through great education and learning. You can access more useful learning content by visiting our Resources section at www.tigerpaw.com. You’ll find a variety of blogs, podcasts, and even videos to help you find new ways to grow your business.