Enterprise printer security fails at every stage

Printer platform security is often overlooked in enterprise security strategies, creating security gaps, according to HP Wolf Security.

By addressing security at every stage, organizations can strengthen their defenses and ensure their print infrastructure remains a trusted part of their IT ecosystem.

The report reveals that during the ongoing management stage, just 36% of IT and security decision-makers (ITSDMs) apply firmware updates promptly. This is despite IT teams spending 3.5 hours per printer per month managing hardware and firmware security issues.

Failure to promptly apply firmware updates to printers unnecessarily exposes organizations to threats that could lead to damaging impacts, such as cybercriminals exfiltrating critical data or hijacking devices.

Supplier selection and onboarding stage

Only 38% of IT and security decision-makers say procurement, IT, and security collaborate to define printer security standards, with 60% warning that this lack of collaboration puts their organization at risk.

42% fail to involve IT/security teams in vendor presentations; 54% fail to request technical documentation to validate security claims; and 55% fail to submit vendor responses to security teams for review.

Once the printer arrives 51% cannot confirm if the printer has been tampered with in the factory or in transit.

Remediation stage

Many organizations are struggling to keep on top of patching devices. Only 35% of IT and security decision-makers are able to identify vulnerable printers based on newly published hardware or firmware vulnerabilities, not to mention zero-day threats that are unknown to the vendor or the public.

Only 34% can track unauthorized hardware changes made by users or support teams, and only 32% can detect security events linked to hardware-level attacks.

70% are worried about offline threats, such as employees printing and mishandling sensitive company information.

Decommissioning and second life stage

86% say data security is a barrier to printer reuse, resale or recycling, a big problem, given that on average IT and security decision-makers report having approximately 80 printers that are redundant or are in the process of being decommissioned within their organizations.

IT and security decision-makers lack confidence in current sanitization solutions, with 35% saying they are uncertain whether printers can be fully and safely wiped. Meanwhile, 1 in 4 believe it’s necessary to physically destroy printer storage drives, and 1 in 10 insist on destroying both the device and its storage drives to ensure data security.

“Printers are no longer just harmless office fixtures – they’re smart, connected devices storing sensitive data,” warns Steve Inch, Global Senior Print Security Strategist at HP. “With multi-year refresh cycles, unsecured printers create long-term vulnerabilities. If compromised, attackers can harvest confidential information for extortion or sale. The wrong choice can leave organizations blind to firmware attacks, tampering or intrusions, effectively laying out the welcome mat for attackers to access the wider network.”

How to tackle security risks across the printer lifecycle

• Ensure IT, security, and procurement teams collaborate to define security and resilience requirements for new printers.
• Require and leverage manufacturer-provided security certificates for products and/or for supply chain processes
• Apply firmware updates promptly to minimize exposure to security threats.
• Leverage security tools to streamline printer policy-based configuration compliance.
• Deploy printers that can continuously monitor for zero-day threats and malware with the ability to prevent, detect, isolate, and recover from low-level attacks.
• Select printers with built-in secure erasure of hardware, firmware, and stored device data to enable safe second life and recycling.

“By considering security at each stage of a printer’s lifecycle, organizations will not only improve the security and resilience of their endpoint infrastructure, but also benefit from better reliability, performance, and cost-efficiency over the lifetime of their fleets,” comments Boris Balacheff, Chief Technologist for Security Research and Innovation at HP.