Information security is an important part of corporate governance. Print is often overlooked as a critical piece of the security puzzle. This whitepaper serves to help educate companies on the risks inherent to their print infrastructure.
Scanning the Internet for External Cloud Exposures via SSL Certs
Print - Overlooked piece of the security puzzle whitepaper - DRAFT
1. A Compugen White Paper
100 Via Renzo Drive
Richmond Hill, Ontario
www.compugen.com
Print – Overlooked Piece
of the Security Puzzle?
Gerry Skipwith
Vice President, Services - Compugen
Co-Chair, Standards and Best Practices Committee - MPSA
January 7, 2011
2. Introduction
Contents
There has been no shortage of company and government
Introduction 2 security breaches. Stories abound of personal financial
The Issues 3 information, confidential client data, hospital patient
Security Gaps 4 records and government information ending up in the
Industry Response 5 wrong place – sometimes inadvertently, sometimes by
intention.
How Leading Organizations Lead 7
About the Author 9 The costs of these breaches – financial, brand and
Contributors Appreciation 9 corporate credibility – can be dramatic.
Both government and corporations have responded with
formal regulation of security information through acts
such as Health Insurance Portability and Accountability
Act (HIPAA), Personal Information Protection and
Electronic Documents Act (PIPEDA), Federal
Information Processing Standard (FIPS) Publication
140-2and the Ontario Government of Ontario IT
Standard 25.12 (GO-ITS 25.12).
Companies have taken steps to increase network security
through intrusion detection, higher encryption standards,
end user authentication, establishing chief security
officers at the executive level and many others.
One aspect of security that, until recently, has not
appeared on the government, corporate or technology
manufacturer radar screens is print.
Leading organizations are starting to treat their print
environments with the same degree of care and attention
that they give their networks, servers and storage arrays.
Leading organizations understand that overlooking their
print security will – it is only a matter of time – have
dramatic consequences. These organizations are now
taking steps to address the risks by fitting in a final piece
of the puzzle.
January 7, 2011 Print – Overlooked Piece of the Security Puzzle?
Page | 2
3. The Issue
There have been stories of information security breaches originating in the print world.
Government budgets copied and leaked. Sensitive information scanned to external email
addresses. Everyone has a story of a termination letter or other sensitive HR information
inadvertently overseen at network printers.
Print environments have become an integral component of the IT infrastructure through
increased complexity and sophistication. Unfortunately, controls have not kept pace with the
technology advancements, leaving government and corporations open to abuse and
unintentional distribution of proprietary information.
As the product sophistication increased, printers became an extension of the network.
Printers now contain processing capacity to the point they are effectively additional
computing devices that fall under the auspices of IT departments. Finally, as bandwidth
grew and document complexity increased, hard drives became integral to the printer to buffer
large, complex documents and scans.
This was made famous by the CBS report on April 15, 2010 - Digital Photocopiers Loaded
with Secrets. It was clearly shown that with limited sophistication, the footprints of printed
documents could be accessed from copiers and multi-function printers coming off lease or
discarded.
By purchasing 4 used MFP’s for $300 each and using forensic software obtained for free on
the Internet, CBS uncovered;
• tens of thousands of documents in less than 12 hours
• Buffalo Police reports detailing domestic violence complaints and wanted sex
offenders
• Buffalo Police Narcotics Unit targets in major drug raids
• 95 pages of pay stubs with names, addresses and social security numbers; and
$40,000 in copied cheques from a New York construction company
• 300 pages of individual medical records including drug prescriptions, blood test
results and cancer diagnoses from a New York insurance company - a potentially
serious breach of US privacy law
Given that more than 2 billion pages are printed every year in North America, it is easy to see
why leading organizations are starting to address this serious security threat.
January 7, 2011 Print – Overlooked Piece of the Security Puzzle?
Page | 3
4. Security Gaps
To better understand the challenges, it is worthwhile to walk through the architecture of how
documents are printed.
A user creates a new document or accesses an existing one. The individual decides to print –
clicks – and information is transmitted to a print server. The print server holds the document,
prioritizes traffic and ensures the document is presented to the appropriate printer. Once
presented, the printer processes the incoming document using memory and hard drive
capacity to maintain the information until fully printed.
There are 3 key areas that represent security threats in this scenario.
Interception during Network Transmission: through sophisticated means, networks can be
monitored – or ‘sniffed’ to access information flowing across the network. It is feasible that
printed documents sent for printing over the network are intercepted and read prior to
printing. It is also possible that open network ports on the printer become a means to monitor
network traffic or load in harmful programs.
It is also possible that open ports on the printer be a means to monitor network traffic or
institute harmful programs.
Interception of Document Receipt: The user may need to walk some distance to the
network printer, and in that time a document can easily be taken or copied leaving no sign of
information theft.
Further; network printers typically service a pool of people. This creates the potential for
confidential or private information to be seen mistakenly, or intentionally, by unintended
recipients.
Document Footprint: Once a print job has occurred and been picked up, the information can
remain within the print device for some time – stored on the printer’s hard drive. This
creates a form of ‘information echo.’ Data from print outs, scans or copies can remain on the
unit indefinitely. Although, it would take deliberate prying eyes to access the information, it
is not a difficult course of action.
January 7, 2011 Print – The Last Piece of the Security Puzzle
Page | 4
5. Industry Response
Leading print hardware and software vendors are taking steps to increase security across the
print environment. Despite some lofty statements, it is really a nascent area of expertise with
new developments occurring regularly.
To enhance security levels of the various dimensions to a print infrastructure, all existing
safety precautions and measures should be applied. Given the unique aspect of a ‘hard copy
document’ produced outside the network – additional innovation is needed to maintain some
semblance of control on printed matter.
Network Security:
This is the one area of print that a great deal of work has been done. Existing network
security protocols are readily applied to print environments. Common features available
from major print vendors include;
• User authentication
• IP address range designations
• SNMPv3 encrypted communications
• Unused port closure
• Implementing Internet Protocol Security (IPsec)
• Device authentication such as 802.1x access control
All of these steps secure the transmission of documents, while limiting the range of users and
means to access the network. All of these steps would be considered basic practices to
secure print transmission.
Document Security:
Print manufacturers are upgrading device security for each new generation of devices.
Functionality that accompanies new MFP’s, or the accompanying manufacturer print
management software, includes such features as;
• Secure print - password or PIN based printing
• Document timeout – for documents sitting excessively long in queue
• Document rights management
• Device Level Log-in
• Access Management
• User authentication for scan to email and copy functions
• Copy numbering
January 7, 2011 Print – The Last Piece of the Security Puzzle
Page | 5
6. There are a variety of companies that have developed 3rd party printer additions to provide;
• Password or Pin authentication
• Key card authentication
• Bio-metric authentication
• Document accounting and tracking
Device Security
Particularly in the past 2 years, manufacturers have done a great deal to increase the level of
device security for print information. Ricoh, Xerox, HP, Lexmark, Konica Minolta have all
introduced programs, tools and printer features that enhance print security. The programs for
major manufacturers may have different names, but the basic features that are available on
latest generation units include;
• Hard drive encryption
• Hard drive locking / removable Hard drive
• Prioritized use of RAM over Hard Drive
• File erasure capability
• Hard drive wipe capability
• Hard drive destruction program (upon product lease return)
While it takes some integration efforts, hard drive encryption programs intended for
organizations covering desktops, notebooks and servers can be implemented into print
environments. Depending on the software publisher, this can vary dramatically in terms of
complexity.
Encrypting printer data
Applying encryption to data that is sent to the printer ensures that if any interception occurs
or anyone can access the data that is stored in the printer memory (RAM) or the printer hard
drive, it can only be read (decrypted) by the person who printed the document through his
user authentication.
Is AES 256-bit Encryption Necessary?
There is always a debate of how much security is necessary. A good (and paranoid) Chief
Security Officer will say there is no such thing as enough.
There is recent literature documenting that AES 128-bit encryption can be cracked. In
November 2010, a paper was published that described a practical approach to near real time
recovery of keys from AES 128-bit encryption [1]. While the validity of this approach is
debated, the sound practice is to seek the highest security standard available in the
marketplace.
[1] Bern University of Applied Sciences, Cache Games – Bringing Access-Based Cache Attacks on AES to Practice, E. Bangerter, D. Gullasch,
S. Krenn, November 2010
January 7, 2011 Print – The Last Piece of the Security Puzzle
Page | 6
7. Hard drives on printers and copiers have been prevalent since 2002. As products evolved,
reputable vendors have made AES 128-bit encryption available on copier and MFP products
through vendor-specific encryption modules. There is literature available describing this
capability for Canon, HP, Konica Minolta, Kyocera Mita, Lexmark, Oce, Okidata, Ricoh,
and Xerox as an entry point for security.
In the recent past, top print manufacturers have made AES 256- bit encryption available on
products through minor customization of the encryption models.
There is manufacturer documentation available indicating that Okidata, Ricoh, Lexmark and
Xerox all offer AES 256-bit encryption as an option for hard drive security on latest
generation products. In addition, leading service providers are integrating third party hard
drive security solutions to provide the highest currently available security levels, such as
Sophos SafeGuard® RemovableMedia. Given these moves, it will not be long before all
print vendors make AES 256-bit encryption a standard option.
How Leading Organizations Lead
Organizations that have shown leadership in raising levels of print security have been
financial institutions, hospitals and health organizations, and federal and state/provincial
government.
There are 3 keys to success in ensuring corporate information is secure;
• Information storage - knowing what information is critical/confidential, where it is
generated and where it is stored
• Information protection - using the best security solutions available and be paranoid it
isn’t enough
• Continuous improvement and refinement - pushing your organization and your
vendors to do more
Leading organizations recognize print infrastructure is a part of their network and absolutely
requires the level of vigilance given to their networks. They also recognize there is an
additional dimension to print – the need to control how printed documents are accessed.
Network;
Leading organizations extend all the practices of their networks into the print environment.
Specifically, they control end user rights, encrypt communications, close unused ports and
enable device authentication protocols.
January 7, 2011 Print – The Last Piece of the Security Puzzle
Page | 7
8. Document;
Leading organizations are tackling the added dimension of controlling hard copy generation
and distribution. Specifically, leading organizations are known to;
• Implement secure print with passwords
• Timeout the user for delayed print pickup
• Utilize scan encryption
• Implement copy controls
• Implement secure print with cards and biometrics
• Utilize tracking and activity logs for print, scan and copy
Device;
Leading organizations work through the following hierarchy of steps to secure the devices.
The further they are able to proceed through the list, the higher the level of security offered.
The progression of device security is to;
• Activate immediate data overwrite capability
• Maximize print from memory features
• Implement physical hard drive locks
• Encrypt the hard drive with the highest level of protection available
• Overwrite the hard disk at time of device disposal
January 7, 2011 Print – The Last Piece of the Security Puzzle
Page | 8
9. About the Author
Gerry Skipwith has been the Vice President of Services for Compugen since 1998. Gerry is
an industry contributor serving in several technology and business associations. He is also an
invited member of the HP and CompTIA Executive Councils.
Gerry received an undergraduate degree from the University of Waterloo in Mechanical
Engineering. He has also completed a Network Engineering Program at the University of
Toronto, followed with a Master's in Business Administration at the U of T Executive
program. Gerry recently completed a Directors program at York University for non-profit
organizations.
Most recently, Gerry has been the executive sponsor of Compugen’s Print practice. In this
capacity, he has been named as the Co-Chairman of the Standards and Best Practices
Committee in the Managed Print Services Association (MPSA). Further, Gerry is 6 months
away from completing his first (and most likely last) book – "EcoWise Print: Gaining the
Full Value of Printing in a Responsible Manner". The goal of the book is to educate
corporations on the dramatic financial and environmental costs of print, with an approach to
assist both.
Special Thanks to Contributors and Editorial Reviewers
• Brian D. Dawson, Sales and Marketing Director, Print Tracker™
• Jo-Anne Morgante, Print Services Manager, Compugen
• Keith Shumard, Managed Print Services Specialist , Modern Office Methods
• Kevin DeYoung, President & CEO Qualpath, Inc.
• Tyler Markowsky, Practice Lead - Security Services, Compugen
January 7, 2011 Print – The Last Piece of the Security Puzzle
Page | 9