Copier, Printer Security Risks Need To Be Addressed

When it comes to securing corporate data, IT administrators may overlook the risks associated with digital copiers and printers, according to a recent survey.

Theft of printers' or copiers' hard drives, containing confidential data, is one threat.

Nearly half of 1,100 IT professionals polled by Sharp Electronics said they did not believe copiers and printers have hard drives. Sixty-five percent said they believe the machines presented little or no risk to data security.

"People have been focusing on antivirus software and firewalls and protecting workstations but not peripherals," said Peter Cybuck, senior manager of product planning, marketing and program management at Sharp's Document & Network Solutions Group.

The most common threats to digital copiers and printers stem from intruders stealing the hard drives containing confidential data, or reprinting documents directly from the machine after the earlier print command was canceled, Sharp said.

Sharp offers a Data Security Kit that protects confidential documents processed by its digital copiers and printers by overwriting the data with random numbers. The kit has been certified by the National Information Assurance Partnership (NIAP), a joint program of the National Security Agency and the National Institute of Standards and Technology.

While copiers have the ability to store print jobs, the amount of storage is limited compared with network storage, said Jim Kelton, president of Software Unlimited, an IT consultant in Irvine, Calif., who warns about the danger of inadvertently disclosing confidential information from discarded equipment.

Sharp's print products include a security feature that requires user authorization to prevent unauthorized viewing of documents sent to shared network printers. Sharp also offers server-based software that stamps digital fingerprints on printed documents to determine the origin of final hard copy.

Xerox also offers several security features on its digital copiers and printers including strong encryption of printer hard drives, said Mark Burris, manager of product marketing for Xerox's document center products. Digital copier hard drives can now be removed, which was a request of government agencies. The company also recently unveiled new software that provides authenticated scanning.