Lexmark: Network is never fully secure

Companies would do well to ensure even their end-point devices, including printers, are secured to prevent intruders from exploiting them.
Written by Lynn Tan @ Redhat, Contributor

The corporate network will never be fully protected from malicious attacks if businesses overlook the need to secure end-point devices such as printers, according to Lexmark.

Minh Tran, regional product manager for Lexmark Asia-Pacific, declined to cite any known occurrences of security breaches via the use of printers, but said companies need to make sure their printing devices--which are part of their network--are properly protected to eliminate any vulnerability.

"A network is never completely secure; it's never secure enough," Tran said Friday during a phone interview with ZDNet Asia. He noted that companies should never wait for a security breach to occur, before realizing the vulnerability exists, as it will be too late by then.

Recognizing that security challenges are "always changing", Tran added that Lexmark has equipped their printing devices with additional levels of security to prevent malicious hackers from penetrating the corporate network through these devices.

According to Tran, Lexmark polled 71 delegates--including senior IT decision makers--who attended the Government Ware 2006 conference held in Singapore in November last year, and found out that 87 percent of the respondents rated document and print security as "important" to their organizations.

At a Black Hat security conference held in Las Vegas, the United States, last year, a security expert warned that printers are a weak link in an organization's network security.

Brendan O'Connor, a security expert at an unnamed U.S. financial company, demonstrated how he was able to exploit a weakness in the security of a Xerox multifunction device to gain total control of the machine and map an organization's internal network.

Editorial standards