Welcome to part 5 of 5 in my series, Danger in Plain Sight. In the last article, we shared some of the solutions that plague one of the most vulnerable parts of your network: your printers, copiers, and MFP's. Here, in our closing article, I will share some recommended next steps you should take to protect your devices better, regardless of which manufacturer created them.
1) Update Your Firmware
Patches! While they can be the bane of our existence for many of us, they are an essential component to operating a safe and secure device. Having an effective patch management strategy could save you hours of heartache and thousands of dollars in both financial and productive loss.
Why is patching so urgent?
If you’re like most people, there is a pretty good chance you've ignored a patch a two in your time. I don't blame you. They always seem to appear at the worst possible moment, and they can quickly be forgotten. However, continuing to forget to make that update would be a big mistake.
Before we get any further, let’s take a quick look at what purpose a patch serves. Technically we all know what a patch is— it's a bit of code to supplement an existing piece of software. It usually applies a fix to a bug or adds some functionality. What more could there be? Well, dear reader, there is something more to a patch, and it's far more insidious.
A patch is a giant roadmap to every two-bit Hacker who didn't know that a vulnerability exists. It doesn’t just tell them there is a hole, but often it tells them precisely where the issues are and, worst yet, HOW TO EXPLOIT IT!!! Can you believe it? I don't know you last read a patch's release notes, but they often lay out what the issues are, where it is, and how it's been exploited and what the patch is doing to prevent it. You see, every time you ignore, forget, or delay a patch, an imaginary starter pistol goes off and the race is on. The race is between you and the hackers; either you will get to the hole first and patch it or they will and exploit it. The Wanna cry ransomware attack taught us that.
2) Perform an audit
While patching is critical, patching alone won't protect you from something nearly as scary, if not more so: Government Regulators. In today’s world of heavy regulatory burdens, fines are being served like pancakes on a Sunday morning. A quick Google search for a regulation plus the word "fines" will quickly reveal companies big and small getting hit with severe fines for not following the laws that govern them. Here’s the problem: these regulations can be a real bear to understand. Searching for information about them online can quickly become a challenge as well, since the internet is filled with some much misinformation from false experts.
Performing a professional audit based on either a top security standard such as NIST, ISO 27001 or one tied to a significant piece of regulation such as HIPPA or SOX will not only make you safer but could save you thousands of dollars. No one ever said an audit was fun, but getting fined for missing something you didn't think mattered is a lot worse.
3) Call me
Here’s my final recommendation to you. If all of this feels overwhelming, call me. While this may come across as a bit self-serving, the truth is you’re incredibly busy as it stands. Like most I.T. and Print professionals, you’re probably overworked, overstressed, and over the idea of adding yet another thing to your plate. At Total Print USA, my team and I specialize in handling Printer\MFP security. We service clients across North America, and we can get started with a simple no-cost, no-obligation telephone conversation. We can discuss your concerns, answer your questions, and provided tailored consulting to overcome some the unique issues in your environment. If you would like to know if your endpoints are secure and you’re as safe as you can be, reach out to me via firstname.lastname@example.org e-mail and I'd be happy to schedule a time for a conversation.
About the Author
Bruce Rushton is a Solutions Architect and Printer Security Specialist with over 30 years’ experience in the I.T. space for the last nine years dedicated to providing Managed Print Solutions. At Total Print (TotalprintUSA.com) he helps companies across the United States by providing them with tailored, affordable, cost-cutting, secure printer, copier, and MFP solutions. If you have questions about your print environment or the security of your devices, you can request a free consultation with Bruce at email@example.com