Web Analytics

FireOak Strategies Blog

Insights and articles related to knowledge management, information security, technology, data and analytics, business process automation, platform management, and other related topics, from our experienced team of consultants.

< Back to FireOak Blog

Printers: Your InfoSec Achilles Heel?

Best practices for preventing printers from exposing your organization’s network.

Abby Clobridge is the founder of FireOak Strategies. She works with organizations around the world to support knowledge sharing -- including open access, open data, information security -- to connect people to the data, information, and knowledge they need. You can reach Abby at [email protected]

InfoSec Best Practices for Printers: use firewall rules and segment your network

The internet continues to remain abuzz over last week’s incidents in which wide-open network printers were used to remotely print malicious flyers, highlighting how and why many organizations’ printers are their cybersecurity Achilles heel.

But the problem is much wider than just a college/university phenomenon — way too many companies and other organizations are exposing their printers and leaving their networks vulnerable.

As we noted yesterday in our blog post, “Are your printers ruining your security?”:

A quick Shodan search identifies over 78,000 US-based printers with their TCP port 9100 directly connected to the internet. Port 9100, sometimes referred to as the “jetdirect” port, is typically used to receive print jobs and perform other management functions. In addition, many of these devices have TCP port 515 (the older “lpd” printing protocol) exposed as well, suggesting that there are no firewalls, packet-filtering routers, or intrusion prevention systems in place at the local network where the printers reside.

The bottom line: use firewall rules and segment your network. Only properly hardened servers that have a business need to accept incoming connections — such as your email and web servers — should be directly connected to the internet.

Read our technical write-up about why enterprise networks should be segmented.

FireOak Strategies is a boutique consulting firm that helps organizations manage, secure, and share their knowledge. We bring clarity to complexity, look for elegant and simple solutions, and make sure that organizations are focused on solving the right problems. Learn more…

Manage, secure, and share your organizational knowledge

Browse articles by topic:

Read more articles:

More from the FireOak team about managing, securing, and sharing knowledge