Upgrading hardware? Consider these five security risks for businesses

10/06/20174 Minute Read

As technology rapidly evolves, upgrading hardware becomes a regular necessity. If you can’t print from your mobile phone, or your laptop could be mistaken for a briefcase, then it’s probably time to start thinking about upgrading.

There are big benefits to upgrading printers and PCs—including better toner efficiency, less maintenance, greater security, and improved energy efficiency. But, before you ditch the old hardware, you’ll need a security plan for end-of-life procedures.

Hardware isn’t lawn furniture

Gone are the days when you could stack old PCs on the curb and hope that someone curious or desperate enough would take them off your hands. Today, every piece of hardware you own has to be carefully disposed of in order to avoid subjecting customers to data theft and exposing your business to steep fines. Even printers and photocopiers store sensitive information that hackers would love to get their hands on—and often do.

CBS News Chief Investigative Correspondent, Armen Keteyian, found that nearly every printer and copier manufactured since 2002 contained a digital hard drive, which stores a record of each document printed in image form. In 2010, Keteyian accompanied a security company on an investigation into old printers and photocopiers that had been sent to a warehouse. After removing the hard drives from the printers, a security researcher discovered that thousands of pages of sensitive documents had been left unprotected by New York crime units, which included the names of both victims and offenders.

On another printer, they found pay stubs, names and social security numbers left behind from a construction company. And the last printer had 300 pages of medical records left behind by a major insurance company. Keteyian’s investigation shows that printers are more than just devices used to reproduce documents—they’re essentially hard drives. If you’re an IT manager or business owner looking to dispose of old hardware, you need to be aware of five security risks.

1. Personal identifying information

Cybercriminals aren’t typically interested in your organisation’s printed emails. What you need to be worried about is digital documents that contain personal identifying information (PII), health data, and other information that can lead to identity theft. Disregarded printers often contain social security numbers, birth certificates, bank records, income tax forms, and similar data that can become a massive payload to professional criminals.

2. Password cracking

Don’t assume that a password-protected administrative control panel on an outdated printer can protect against unwanted access. If your printer falls into the wrong hands, many seasoned cybercriminals and information thieves have the ability to bypass these passwords and gain access. Many newer printers contain card readers that allow only cardholders to access documents in the printer’s hard drive, but this technology is nonexistent in older hardware.

3. Email access

If your old printer falls into the wrong hands, cybercriminals could potentially gain access to email accounts. According to PCMag, some printers contain a direct email function that includes stored password information for user email accounts. Depending on configuration and encryption, your at-risk data could include more than just what’s stored in your printer—it could extend to your email accounts, too.

4. Incomplete data disposal

Depending on the age and manufacturer of your printer, on-board storage configurations can vary. One first step toward hardware disposal is to speak to the manufacturer about whether the device has a drive. In many cases, a third-party program can be one of the best ways to completely wipe local storage or hard drives, helping you to mitigate the risks of incomplete data disposal.

5. Noncompliance

If your organisation is required to comply with any federal regulations for data storage and disposal, failing to address information stored on your printer could put you at risk of noncompliance—not to mention the crushing expense of a data breach.

ICT Compliance highlights the risks associated with disposal laws and covers the requirements for disposing of old tech in an environmentally responsible way. When developing a plan for disposal, it’s crucial to check local and federal regulations to make sure you don’t pollute a landfill with any dangerous chemicals or materials from your hardware, which could put your company at risk of being hit with huge fines.

While upgrading hardware can significantly improve workplace efficiency, as well as save a lot of money, you need to consider security before you leave your old PCs and printers out for hard-rubbish collection.

Nigel Bowen 24/05/2019 4 Minute Read

What you need to know about Australia’s Notifiable Data Breaches

A few months after the rollout of Australia's Notifiable Data Breaches (NDB), it's time to look at the data the scheme has collected so far.

Tektonika Staff 24/05/2019 5 Minute Read

Customise your digital security training to your users

Each department in your business faces different digital security risks. Learn how to tailor security trainings to address what your users need to know.

Anthony Caruana 24/05/2019 4 Minute Read

Don’t forget security when digitising workflows

Can digitising workflows ensure integrity and security in the financial services industry? The answer is yes—if you take some precautions.

Leave a Comment

Your email address will not be published. Required fields are marked *