Ignoring Printer Security Could Get You Fired| Podcast Episode #6

Achieve Excellence with Lessons from Stoicism, featuring Massimo Pigliucci

Do you know that most printers retain data that is being copied onto a hard drive?

Should a CIO care about this? Well, possibly not if the printer is outside sales or marketing as a workgroup printer, but what if it is outside legal? Or Human Resources?

It may be time for a bit of printer house keeping……

Can printers be used as a relay? Or a hot spot? Relay points? Can they contribute in a botnet?

 

In this podcast I interviewed a specialist on printer security, Kelley Dempsey, who is a Senior Information Security Specialist Information Technology Laboratory/Computer Security Division with National Institute of Standards and Technology. She just recently co-authored a paper called Risk Management for Replication Devices.

Kelley Dempsey

We discussed:

  1. The Genesis of the paper
  2. Printers
  3. Risks of Embedded Windows 2000 and Embedded XP on printers
  4. Managing printer service contracts
  5. Network takedown risk with DDOS
  6. Patching risk
  7. Monitoring risks
  8. Capabilities of printers like ‘overwriting’
  9. Encryption
  10. Segmentation
  11. What is non volatile storage
  12. Port management
  13. Non-volatile storage – confidentiality
  14. Risk Management – this is not a one size fits all approach. How do you balance your response.
  15. Service Contract/ Lease Agreements section is a good reminder piece from the operations perspective

The key takeaways for your teams are:

  • A link to Kelley’s paper 8023-IR (sections 3.1 and 3.2 are most useful)
  • Appendix B in particular is important because it has a very useful risk assessment for your team to use.

All replication devices as mentioned above are not created equally technically or their use in the business or their functional purpose. 

I hope you enjoy the podcast.

Love this episode? Leave a Review

Share it on your LinkedIn feed.

If you haven’t already, please make sure you leave us a review on iTunes.

About Bill Murphy 

Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader. 

Connect With Us On Social Media

Connect with Bill on LinkedIn.
Instagram
Twitter
Facebook

Join The CIO Innovation Mastermind Community

We invite the top 20% of Business IT Leaders for my CIO Innovation Mastermind Events group to participate in monthly discussions on things like VR, AI, and other disruptive & emerging technologies. If you want to become a member, email Chief of Staff, Jamie Luber Jluber@redzonetech.net for more information.

Subscribe To Bill Murphy’s RedZone Podcast