Today’s corporate printers run much like a computer and are
often multifunctional; they can not only print, but also copy, scan, email, and
fax. These printers contain hard drives that help manage large print jobs and
store forms, fonts, macros, and images. It’s the last part that should be somewhat
alarming. If an organization owns a printer with a hard drive, it may currently
be saving sensitive and confidential images to its memory. The printer hard
drive has the ability to store images on a continuous loop and depending on the
capacity, could be indefinitely, or until the memory is physically erased. Fax
machines and personal home printers don’t usually have hard drives, so the
security risk is virtually non-existent.
The three most common solutions to eliminating the risk of a printer hard drive security breach are
1) set the printer setting to not use the hard drive at all; 2) use encryption software or an overwriting program; or 3) remove the hard drive and wipe it clean or destroy it. By not using the hard drive at all, the printer only uses temporary files that disappear after each task is completed.
Encryption software scrambles the images so that if the hard
drive is stolen, the information on the hard drive cannot be retrieved.
Overwriting software replaces existing data with random characters, again
rendering the information on the hard drive useless. It’s important to note
that encryption software and overwriting programs can be installed at any time
during the printer’s lifecycle.
If you plan on wiping the hard drive clean, be sure to
securely erase ALL the information. Personally, smashing a hard drive with a
hammer sounds fun or perhaps you can host your own episode of “Will it Blend?” Business
consumers also have the option to specify hard drive removal terms into the
service contract or lease agreement. One viable option is to purchase the hard
drive from the Original Equipment Manufacturer (OEM) at the end of the lease.
Another is to have the OEM provide a certificate of destruction, guaranteeing
that the hard drive has been properly destroyed. If you own the printer and plan
on selling or donating it, consult your IT Department or the OEM first before
removing the hard drive.
A printer hard drive security breach is 100% preventable and
should not be taken lightly, particularly in the healthcare, education, and
financial market segments. If a patient’s medical records, or employee’s bank
account information and social security numbers fall into the wrong hands, it
could be detrimental to all parties involved. It’s always better to be safe
than sorry, especially in this day and age where security breaches are no
longer the exception, but the norm.
Do you have any security tips to share with our readers?
Feel free to leave a comment.
