Securing Networked Printers

Connecting printers, copiers, and fax machines securely to Rensselaer's network is crucial to maintain the integrity, confidentiality, and availability of sensitive information.  Implementing robust security measures helps mitigate potential risks associated with unauthorized access, data breaches, and network vulnerabilities.  

Any networked device can be a target and leveraged for lateral network movement, backdoor access, and eavesdropping attacks so it is important basic configuration and management is performed to reduce the risk to the campus - even on simple devices such as printers.

Minimum best practices include:

  • Change all default credentials.  Use a strong password.  Do not re-use credentials across devices.
  • Ensure administrative access to the device requires a username and password - some printers out of the box allow unauthenticated access to configuration and storage.
  • Disable any unused service and ports.  Turn off unnecessary services and ports on printers to reduce the attack surface. Disable features that are not required for normal printer functionality to minimize potential entry points for attackers.
  • Regular firmware and software updates are required to patch vulnerabilities and address security issues. 
  • Use Encryption - Enable encryption protocols (e.g., SSL/TLS) for secure data transmission between printers and connected devices. This safeguards sensitive information, preventing unauthorized interception and tampering during data transfer.
     
Back to top