Printers teem with security woes
Encryption, access controls help to prevent breaches
Sometimes the biggest threats to data are fairly low-tech, as when former National Security Adviser Sandy Berger walked out of the National Archives with classified documents stuffed into his clothes. There was no hacking of networks or decrypting documents. Instead, taking the information was as simple as carrying out hard copy.
Despite billions of dollars being spent on securing federal information technology systems, it's still possible for the wrong eyes to see sensitive data at unsecured print stations.
Vendors are responding to the problem, but the challenge is assessing the proposed solutions. "We see more vendors advertising secure printing, which leaves people wondering what they should do," said Ken Weilerstein, research vice president of Gartner Inc. of Stamford, Conn.
Although most printer manufacturers have some type of secure printing offering, a full solution requires more than putting a keypad on the printer. Data needs to be protected in transit, and printers should be protected against hacks.
"The biggest mistake is to view secure printing as a separate, stand-alone application. It is one element of security and has to be looked at in that context," said Steve Reynolds, senior analyst at Lyra Research Inc., a consulting group in Newton, Mass. "The best way to do it is to take advantage of the security infrastructure you are putting in place for all kinds of things."Threat diversity
An obvious low-tech security risk comes from the wrong person getting a sensitive document from a shared printer.
"Sometimes you print a document and get a phone call before you pick it up," said Chuck Jarrow, vice president and deputy general manager of the IT Services Group at government contractor L-3 Communi- cations Corp. "You might have some very sensitive data sitting out there."
Last spring, International Data Corp., a Massachusetts consulting firm, released a survey showing that more than half of respondents had found other people's documents on their shared printer. E-mails were the most commonly found item, but 24 percent reported finding financial data and 18 percent found personnel records.
The most common security strategy is to control access to printer output with a keypad, card reader or biometric device attached to the printer. When a user sends the document to the printer, a dialog box appears offering the option of using either secure or standard printing.
If users choose secure printing, they enter a code at their workstations. The job then goes into a print queue, either on a print server or on the printer itself. The job sits there until a user goes to the printer and ? if a keypad device is being employed ? enters the password to release the job for printing.
Other security choices include smart cards and biometric devices. L-3 Communications, for example, has started using fingerprint readers for some of its own internal printing needs, as well as for some of its customers.
L-3 has employees to provide tech-support employees stationed at the offices of some of its customer agencies. Adding keypad security to printers would have been one way to enhance security, but Jarrow prefers a biometric approach.
"There was a group we worked with that had printers with a keypad release mechanism, and they got rid of them because they were more trouble than they were worth," he said. "You need to look at your people, and if they can't remember their ZIP code, they won't remember their printer code."
Instead, Jarrow bought a fingerprint system from Silex Technology America Inc. With that system, a fingerprint reader is plugged into a USB port on users' workstations to register a fingerprint. Then, if users opt for a secure print job, they use a fingerprint reader at the printer to release the document.Wire worries
Also, the interconnectivity of modern printing equipment creates additional holes in security.
"It wasn't that long ago where we had separate printers, and the copier was only connected to the power supply," Weilerstein said. "Today they have an increasing number of functions, are connected to the network and might also be connected to the phone line."
Although it's more common for hackers to try to access databases or document storage systems, printer files have two distinct attractions for them. The first is that the files show what documents are currently in play in an organization, and the other is that print documents are easy to read.
Bob Forte, senior systems engineer at Levi, Ray and Shoup Inc. of Springfield, Ill., advises encrypting all printer files and only decrypting them at the printer. This is critical if the printer file is being transmitted to a remote location. LRS has print encryption software, and some printer vendors, including Hewlett-Packard Co. (Capella) and Lexmark International Inc. (Printcryption), have decryption options on their printers.
Then there are remote workers who are physically outside the network but need to print documents inside the office. "Printing can take advantage of the security and encryption that is already there, a VPN tunnel or 128-bit encryption that is available with the Web," Reynolds said.Taking control
Controlling who is printing what is another factor to consider. "The most common problem is not knowing what users are printing," said Bill Feeley, CEO of Software Shelf International Inc. of Clearwater, Fla. "If management has no way to run reports on who is printing, what is being printed [and] where jobs are being printed, they have no way to implement any kind of security."
Software Shelf sells the Print Management Plus software that is used by the General Services Administration, NASA and other agencies. Although the software is most commonly used to set quotas or restrict who can print in color as a way to cut costs, it also provides an audit trail to see who is accessing and printing what documents.
In addition, the software can block users from printing documents from specific applications, or from documents that have designated key words in the title. For example, anyone not on the human resources staff would be blocked from printing anything from the HR Management System.Don't fear the feature
Printer makers keep adding features, and because additional features can mean additional vulnerabilities, the first reaction of some IT managers could be to disconnect the fax line and disable any other features that aren't absolutely essential.
But vendors are also adding extensive security features. In addition, Lexmark, Sharp Corp. and Xerox Corp. have received National Security Agency Common Criteria certifications and some HP LaserJet models are undergoing evaluation. However, even this type of certification doesn't provide a complete solution.
Agencies also will want to check to see what features their existing security vendors can provide in relation to printing.
"The whole subject of secure printing is being increasingly rolled into the general elements of security that people are enabling on their networks," Reynolds said. "It is less a stand-alone application these days as it is just another application in a suite of things that people are enabling."Drew Robb is a freelance writer in Los Angeles.