Best Practices for Secure Printing
If you print Level 1 data, the following are guidelines to follow to prevent unauthorized access or breaches:
1. Secure the Printers
Increasing the physical security of printers can help prevent document theft or snooping, unauthorized access to stored documents, and misuse of the printer's Ethernet or USB connections.
Printers should be placed in a restricted watched area to discourage employees or guests from changing the settings. Situating the printer in a restricted but visible area is preferred to placing the printer in a separate room or office where they can’t be monitored. Printers that are used to print Level 1 data should not be used by the entire department. Instead restrict access only to those authorized for Level 1 data.
Physical ports should be disabled to prevent unauthorized use, and there should be controlled access to pre-printed security paper, such as checks and prescriptions, to present theft or unauthorized use.
To help eliminate security breaches and also reduce printing costs, authentication and authorization should be required for access to device settings and functions. Utilize options like PIN authentication, LDAP authentication and smart cards for this purpose. Some printers also have built-in access control software.
If a printer is being retired or returned when a lease is up, data should be removed so it’s not left in the device’s memory. To prevent data breaches, make sure that the device’s hard disk is erased, destroyed or removed before it’s retired.
Finally, hard copies of documents shouldn’t be neglected, and sensitive papers should be shredded when they’re no longer needed.
2. Secure the Data
Sensitive data is vulnerable as it passes through the network to the printer—and when it sits in the printer memory or storage. That’s why print jobs should be encrypted to protect data in transit in case they’re intercepted.
To protect data before it reaches the device tray, users should be required to authenticate themselves to the printers before any pages will print. Then, once the printing is completed, the document—and even data about the completed job—should not be stored on the printer.
3. Protect Printed Documents
It’s all too common in an office to go to pick up a printout and find multiple documents left in the printer tray or sitting near it. These documents can be viewed or carried off by anyone, creating a security risk. There is a way this can be prevented. If a printer has the capability, activate pull or push printing to reduce unclaimed documents. Users print to a secure network, authenticate themselves and then retrieve jobs as necessary.
4. Monitor and Manage Print Environment
There are tools and utilities that can help track and record print jobs to monitor usage and audit printing practices. Information Technology uses Printer Logic to help track and record print jobs to monitor usage.
5. Update and Upgrade Printers
Keep printers’ firmware and drivers up to date. Often updates add new or improved security features, patch known security holes, and fix other problems.
Most common printers on campus and where you can download patches: