Lexmark: Printers pose security threat

The corporate network will never be fully protected from malicious attacks if businesses overlook the need to secure end-point devices such as printers, according to Lexmark.

Minh Tran, regional product manager for Lexmark Asia-Pacific, declined to cite any known occurrences of security breaches via the use of printers, but said companies need to make sure their printing devices — which are part of their network — are properly protected to eliminate any vulnerability.

"A network is never completely secure; it's never secure enough," Tran said on Friday during a phone interview. He noted that companies should never wait for a security breach to occur before realising the vulnerability exists, as it will be too late by then.

Recognising that security challenges are "always changing", Tran added that Lexmark has equipped its printing devices with additional levels of security to prevent malicious hackers from penetrating the corporate network through these devices.

According to Tran, Lexmark polled 71 delegates — including senior IT decision makers — who attended the Governmentware 2006 conference held in Singapore in November last year, and found out that 87 percent of the respondents rated document and print security as "important" to their organisations.

At a Black Hat security conference held in Las Vegas last year, a security expert warned that printers are a weak link in an organisation's network security.

Brendan O'Connor, a security expert at an unnamed US financial company, demonstrated how he was able to exploit a weakness in the security of a Xerox multi-function device to gain total control of the machine and map an organisation's internal network.