How do you know if your printer is secure enough?
Connected printers have the potential to present a security risk in your organisation if not properly assessed and configured.
In the last few years we have seen an increase in cases of cybercriminals using printers and multifunction devices as a point of entry to a corporate network. From there, they’ve been able to spread throughout the network and wreak havoc.
Increasing requirements to comply with privacy legislation means it’s important for businesses to prevent information breaches. That means closing off any potential point of access, including printers.
With that in mind, we recently commissioned independent security firm, NTT Data, to conduct security tests on our bizhub multifunction devices.
What they found means our customers can rest easy at night.
After 80 hours, no major security vulnerabilities
We asked NTT Data and NTT Security to try to hack our devices. Specifically, we asked them to conduct thorough penetration tests, including scripted attacks and advanced hacking tactics.
We gave the hacker the device’s source code so the tests could be aggressive and comprehensive.
After a few weeks and a total of 80 hours trying to hack the device, NTT Data found no major security vulnerabilities.
Security features in Konica Minolta multifunction devices
Our devices are up-to-date and certified: we provide the newest security features to protect customer information. Our devices have been awarded ISO 15408 and FIPS1 40-2 certification.
We provide a secure network:
- Devices are equipped with user authentication so only those with permission can access them
- The address book can’t be tampered with without administrator authentication
- Unneeded ports and protocols can be switched off to prevent intrusions
- The fax line supports only fax protocol; if any other communication protocol attempts to use the line, it won’t be supported
- encryption, bidirectional certificate verification, and quarantine network options are also available.
We use a Linux kernel OS, which is updated with all necessary patches to operate safely with Windows devices such as servers. Infected USBs are harmless since there’s no way a run file can be booted.
Data in the device’s internal hard drive is encrypted and can be password-locked. So if the HDD is removed, your data stays safe.
Data stored temporarily is overwritten page by page, so it can’t be reprinted.
Pull-printing features mean documents won’t start printing until the user enters an authentication code on the operation panel. This prevents people from taking printouts from the tray without authorisation.
This security evaluation provides our customers with peace of mind. But we’re not resting on our laurels. We’ll continue to work to ensure our devices are secure, reliable, and right for your business.
To find out more, contact us today.
Read more
