Neglecting printer security is leaving you wide open to cyber attacks
Briefly

Printer security is increasingly recognized as a significant concern, with a study showing that only 36% of IT and security professionals promptly update printer firmware. IT teams invest a substantial amount of time managing security issues related to printers. Printers are no longer merely office devices; they store sensitive data and can create long-term vulnerabilities if left unsecured. Many organizations fail to involve IT during the procurement process, leading to security gaps that can put sensitive information at risk.
A new study from HP Wolf Security reveals that printer security is routinely neglected, with businesses failing to carry out firmware upgrades. Only 36% of IT and security decision-makers apply printer firmware updates promptly, even though IT teams spend an average of 3.5 hours per printer, per month managing security issues.
Steve Inch, global senior print security strategist at HP, said an often overlooked aspect of printer security is the fact they're no longer just 'harmless office fixtures'. 'They're smart, connected devices storing sensitive data,' he said. 'With multi-year refresh cycles, unsecured printers create long-term vulnerabilities.'
If compromised, attackers can harvest confidential information for extortion or sale. The wrong choice can leave organizations blind to firmware attacks, tampering or intrusions, effectively laying out the welcome mat for attackers to access the wider network.
Security gaps are appearing at every stage of the product lifecycle, researchers found, with only 38% of respondents saying procurement, IT, and security teams collaborate to define printer security standards.
Meanwhile, 42% said they don't involve IT or security teams in vendor presentations, with 54% failing to request technical documentation to validate security claims.
Moreover, once the printer does arrive, only 35% of IT decision makers said they could identify whether it was vulnerable based on newly published hardware or firmware vulnerabilities.
Read at IT Pro
[
|
]