Over half (54%) of small and medium-sized businesses (SMBs) in the UK are exposing themselves to a serious data breach because they are not adequately protecting their office printers, according to new research from Sharp.
Despite the latest analyst reports suggesting that print-related data loss costs larger businesses an average of £313,000 a year, the threat posed to a network by connected printers and MFPs is still being overlooked by businesses across the UK.
The new research provides a snapshot of office printing behaviour across Europe and revealed that UK office workers are oblivious to the potential risks posed by printers and multifunctional printers (MFPs) in their workplace, with 95 per cent not considering these devices as an IT security risk. In contrast, a third of office workers did associate physical printouts left in the paper tray with a potential data security risk.
Further to this, only 18 per cent of office workers were aware that printers could be hacked – but didn’t see this as a risk to their company. 54 per cent said that their printers didn’t require any user authentication, anyone could use the devices freely.
In response to the research findings, Sharp has launched a free data security guide for SMBs, developed with ethical hacker, Jens Müller. The free ‘Simple printer security
for small businesses’ guide can be downloaded here.
Jens said, “printers are everywhere. Every company has one, and today they are usually connected to your company’s network which means they become an easy target for hackers if they are not secure.
“Not only can printers and MFPs provide access to sensitive printed, scanned and faxed documents, there is also the risk of more sophisticated attacks which can escalate into the company-wide network. Hackers only need to find one way in and they will look for the weakest link. Make sure it’s not your printer.”
The issue is more pronounced for smaller companies - those with less than 50 employees were least likely to have security features in place. 66 per cent allow anyone to use their printer freely, compared to 43 per cent of larger organisations (151-250 employees). Industries typically handling sensitive or confidential information, including HR and legal, were also less likely to have basic security features in place with 62 per cent allowing anyone to use their devices freely.
Peter Plested, Director of Information Systems at Sharp added, “the impact of data breaches, both financially and regulatory, can be devastating for companies of all sizes. As our research highlights, smaller companies have fewer resources and less ability to tackle cybersecurity, and that’s why educating employees on these risks is so important."