The Simple Printer: Innocuous Office Tool or Source of Silent Data Leak?

Not just authorized documents, printers may also be a source of potentially disastrous data leaks. How do you plug the leak?

The simple printer sitting in the corner of your office floor may be doing more than mere printing. It could be leaking vital organizational details – product IP, financial information, employee details or client information – each an invaluable corporate asset if safe or a source of perennial pain if stolen. However, beyond connectivity and maintenance issues, this innocuous device is often overlooked.

Printers, even ‘smart’ ones, have inherent weak points.

Cases in point

Experiments have shown that it is possible to take control of printers and use them for spying on the network and siphon off documents that had been printed, copied or faxed on the device. Despite such scary scenarios, as per an IDC study, not many security managers are interested in their printers. While most companies claim to protect end points such as desktops or even servers with adequate security measures, most printing devices are not ‘secured’. At DEFCON 2018 in Las Vegas, hackers had demonstrated how HP multifunction printers can be handled using a compromised fax file. A hundred HP models could be affected by a simple hack.

Examples are galore

Here is another ‘hypothetical’ scenario. If your printer stops working the technician servicing it could get access to data stored in the cache or even plant a device to eavesdrop on ‘conversation’ in the network potentially even capturing documents that you send from your desktops or laptops to the printer.

Seeing the invisible

There are multiple solutions that offer security through certain angles, such as network security, password, authentication and so on, but In order to effectively protect intellectual property and other sensitive data, companies need a solution that allows them to monitor and control any unauthorized data export. Companies must be able to specify all relevant details of data exports from their systems – who, what, where, when and, if possible, why. For this, granular authorization policies are required, which further refine existing access rights. Automated data classification should also be ensured specifying what information should and what should not be processed further by users and applications. This would help maintain (or even increase!) business processes.

Looking into the void

HALOCORE® is a unique solution for controlling and protecting intellectual property and other sensitive data that are exported from SAP. By integrating directly with SAP, HALOCORE® audits all SAP data exports and streams using an automated classification engine to block unauthorized downloads and to protect authorized exports outside of SAP – even through the humble printer.

HALOCORE’s Data Stream Intelligence feature ensures seamless monitoring of protocol-based data flows between SAP and the connected satellite systems, giving companies necessary insights into ‘invisible’ SAP application activities.

This innovative approach allows enterprises to maintain a high level of control and security over sensitive documents extracted from SAP throughout their lifetime, even if these have been shared via email, downloaded to a recipient’s PC or mobile device, or taken from temporarily saved spool jobs even on the printer.

For more information, you can read about HALOCORE here.

Reference

[1] Netzwerkdrucker noch immer unterschätze Schwachstelle

Related Reading

[1] Is your automated, policy-based machine-to-machine communication secure? Think again!

[2]  How do you secure data against Industrial Espionage?

[3] Four steps to spot and stop data theft in your SAP landscape

[4] SAP and Oracle applications are increasingly being targeted by hackers