Introduction
It used to be that a printer was connected directly to a computer via a serial or parallel interface, while fax machines and copiers did not connect to a computer at all. You knew where these devices were in your buildings and securing their physical output was your
primary concern. In today's all-in-one world, you can now obtain single devices that are not only printers, but also copiers, scanners, and fax machines. These networked multifunction devices (MFDs) are increasingly common in enterprise environments and are manufactured by vendors such as Canon, HP, Kyocera, Xerox, and many others.

While time and money is spent on securing computer systems, MFDs (also called multifunction printers or all-in-one devices) are often overlooked. Unfortunately, they are computers in-and-of themselves, running an embedded operating system, advertising a variety of network services, and sporting gigabytes of hard drive space. Possible risks include information leakage from logs (e.g. fax numbers, long distance telephone codes, and filenames), SNMP attacks, poorly configured network services, and buffer overflows. Beyond
the network attacks, there is the potential for data recovery from an MFD's internal hard drive. While it might be a standard practice to secure wipe or destroy the hard drives from decommissioned laptops, workstations, and servers, what about MFDs that go in for maintenance or back to a leasing company after an upgrade?

This paper covers how to audit and secure your multifunction devices. It starts by giving an overview of the risks. Then it delves into how to discover MFDs on your network. Finally, it presents a checklist for securing these devices.

Note that the administration and configuration of MFDs varies widely depending on manufacturer, model, and firmware revision. This paper is intended as a starting point for securing MFDs; for specifics on how to implement its recommendations, consult your device's manual or manufacturer's website.

read more



More...