Today’s corporate printers run much like a computer and are often multifunctional; they can not only print, but also copy, scan, email, and fax. These printers contain hard drives that help manage large print jobs and store forms, fonts, macros, and images. It’s the last part that should be somewhat alarming. If an organization owns a printer with a hard drive, it may currently be saving sensitive and confidential images to its memory. The printer hard drive has the ability to store images on a continuous loop and depending on the capacity, could be indefinitely, or until the memory is physically erased. Fax machines and personal home printers don’t usually have hard drives, so the security risk is virtually non-existent.
The three most common solutions to eliminating the risk of a printer hard drive security breach are1) set the printer setting to not use the hard drive at all; 2) use encryption software or an overwriting program; or 3) remove the hard drive and wipe it clean or destroy it. By not using the hard drive at all, the printer only uses temporary files that disappear after each task is completed.
Encryption software scrambles the images so that if the hard drive is stolen, the information on the hard drive cannot be retrieved. Overwriting software replaces existing data with random characters, again rendering the information on the hard drive useless. It’s important to note that encryption software and overwriting programs can be installed at any time during the printer’s lifecycle.
If you plan on wiping the hard drive clean, be sure to securely erase ALL the information. Personally, smashing a hard drive with a hammer sounds fun or perhaps you can host your own episode of “Will it Blend?” Business consumers also have the option to specify hard drive removal terms into the service contract or lease agreement. One viable option is to purchase the hard drive from the Original Equipment Manufacturer (OEM) at the end of the lease. Another is to have the OEM provide a certificate of destruction, guaranteeing that the hard drive has been properly destroyed. If you own the printer and plan on selling or donating it, consult your IT Department or the OEM first before removing the hard drive.
A printer hard drive security breach is 100% preventable and should not be taken lightly, particularly in the healthcare, education, and financial market segments. If a patient’s medical records, or employee’s bank account information and social security numbers fall into the wrong hands, it could be detrimental to all parties involved. It’s always better to be safe than sorry, especially in this day and age where security breaches are no longer the exception, but the norm.
Do you have any security tips to share with our readers? Feel free to leave a comment.