| rdfs:comment | - Dear Buzz Crew, This is regarding the printers with hard drives storing sensitive documents that were discussed on episode 1210 yesterday. I used to work as a security consultant, performing penetration testing for small to mid-sized financial institutions. I found that not only do these printer/scanner/copiers typically store every document that goes through them on a hard drive, but they can potentially retain them for very long periods of time. Frequently, they just store everything that gets printed or scanned, and only erase old documents when the disk space is needed to make room for new data (think like a DVR). Not only that, but they also tend to run open web servers. This means that anybody on the network can simply type in the IP Address or hostname of the printer in a web browse
|
| abstract | - Dear Buzz Crew, This is regarding the printers with hard drives storing sensitive documents that were discussed on episode 1210 yesterday. I used to work as a security consultant, performing penetration testing for small to mid-sized financial institutions. I found that not only do these printer/scanner/copiers typically store every document that goes through them on a hard drive, but they can potentially retain them for very long periods of time. Frequently, they just store everything that gets printed or scanned, and only erase old documents when the disk space is needed to make room for new data (think like a DVR). Not only that, but they also tend to run open web servers. This means that anybody on the network can simply type in the IP Address or hostname of the printer in a web browser and have access to everything on them. That means configuration settings as well as all of these documents being stored on the hard drive as image files. The good news is that the caching of documents and the web server functionality can almost always be disabled or restricted to administrators. It is my experience however that most network administrators do not think that a printer can be a threat to security and just install them with all of the default services running. Love the show. Hey Ja-Mo-To, at least, for a few more weeks :( , I was just listening to yesterday’s podcast, and there is an important point about copiers and hard drives I thought was missed. Today, the majority of the copiers and multifunction printers are LEASED. I’ve worked in midsize and large IT organizations. and the IT departments aren’t allowed to touch them because they are leased equipment. All they can do is reserve their IP address in DHCP tables and install the print drivers on the desktops and servers. Usually, it’s the guy from ACME Leasing who comes in, services it, and removes it from service and brings it back for resale. The good news is that it is the leasing agents who need to be educated on how to wipe the drives – this is a much smaller and easier to train group, but since they are the service company, they should have known better in the first place. Love the show!
|
