MFP and Fax Line Network Security
There has been a tremendous amount of press recently regarding network vulnerability regarding multi-functional printers and fax lines. In particular, the Faxploit hack has been a big concern in recent weeks. The danger lies in the header of a JPEG image used for color fax communication. None of the devices supported by NBM use the color fax protocol. There is no direct connection from the analog fax line to the local area network via the MFP.
Sharp, the first manufacturer in our industry to receive the Common Criteria Certification certifying compliance with international network security guidelines, issued a press release in August confirming that the threat would not affect their products. Ricoh, Lexmark, and Konica Minolta issued similar statements shortly thereafter.
There are a variety of other ways that our products lock down to ensure network security. We are able to use MAC and IP address filtering to limit MFP access to only certified PCs. We can lock down ports, limit administrative functionality, disable unused features, enable TLS protocol to secure communication, and enable Active Directory (LDAP) user authentication for added security protection.
The other vulnerability that is discussed quite often has to do with hard drive security. The hard drive is used in the MFP for a variety of functions and many end users think that there is a way to access documents from the hard drive by pressing a series of buttons on the MFP. That is simply not true. The only way to retrieve documents from an MFP hard drive would be to physically remove it and then use hardware and forensic software to retrieve the data. All of our manufacturers have built in data encryption and overwrite functions that would prevent data extraction even if the hard drive were to be removed.
As a Managed IT provider, NBM offers network security assessments that identify any vulnerability, not just those related to MFPs. Once completed, we would furnish a report with recommendations to your IT staff or our internal personnel to further secure the network.
Please contact Brett Boschetti firstname.lastname@example.org if you are interested in learning more.