Best Practices for Securing Printers

By default, any device connected to our wired network (including printers) are placed on a Internet-accessible IP space. This can lead to that printer experiencing a number of problems, the most common of which is the printer printing spam or gibberish wasting a large amount of paper and preventing legitimate use. The frequency of these attacks has been increasing since 2015 and continue to be a concern. In March 2016 we blocked the most common printing port at our campus border, and we will soon add additional common printing ports to the border block. Protect your printers from these and other attacks by following these best practices for securing your printer.

Limit Internet Connectivity / Configure Access Control Lists

Disable Unnecessary Services

Most printers support a number of different services, many of which are legacy and rarely used. Many services can weaken the overall security of the printer, as they can be identified and exploited by attackers. Disable any services that you do not use. This can often be done by a management web interface enabled on the printer or the physical printer menu.

To ensure consistency and completeness in securing your printers, download a copy of the file Printer Security Checklist by clicking the file in the Attachments section below.