IT departments struggling to secure printer endpoints
In its research for the Global print security landscape report 2022, the analyst asked IT decision-makers whether they had implemented any of 11 common security measures to protect the print infrastructure.
The study found that few organisations had a comprehensive range of print security measures in place, with 68% of respondents having suffered print-related data losses in the past year, at an average breach cost of almost £632,000.
The research, based on analysis of 531 IT decision-makers from organisations of all sizes across the US and Europe, found that the distributed nature of print infrastructure had expanded the risk environment.
According to Quocirca’s analysis, print volumes are increasing, with employees continuing to rely on print in their day-to-day work. The study found that printing remains “critical” or “very important” for 64% of organisations, with 44% of IT decision-makers expecting office print volumes to increase and 41% expecting home print volumes to rise over the next 12 months.
Over half (53%) of IT decision-makers said they were finding it harder to keep up with print security challenges and demands. This figure was higher among CIOs (61%) than CISOs (44%).
Louella Fernandes, Quocirca
Only 26% of respondents were completely confident that their print infrastructure would be secure when offices fully reopen. Confidence was higher among users of managed print services (37%), who were also more likely than other respondents to say that keeping up with print security challenges has grown easier.
Commenting on the findings, Quocirca research director Louella Fernandes said: “Despite rapid digitisation over the past 18 months, organisations continue to rely on printing. Now, however, printer estates have expanded to include home offices and employee-purchased devices, increasing the risk of accidental data loss and cyber attacks. Organisations are finding it harder to keep up with print security challenges and they are suffering costly breaches as a result.”
Given that several print-related vulnerabilities surfaced in 2021, from a security standpoint, printers need to be treated as any other endpoint device. “As more intelligence is added to even basic printer models, their potential to be weaponised by bad actors increases,” Fernandes warned.
She said businesses also have low visibility and control over home-based devices and document disposal. “Organisations should implement good print security, including revising BYOD [bring-your-own-device] policies to include home print devices, employing content security solutions and conducting formal risk assessments.”
Fernandes said there was an opportunity for organisations to work with printer companies to improve enterprise security. “There is a clear opportunity here for suppliers to support customers in securing their print infrastructure and lower the risk of data loss,” she added. “Our research found that, at present, organisations don’t see the value print suppliers can add on security – they are far more likely to consult a managed security services provider if they have any concerns.”