Product Notes: Multi-function Device Security
Important note: this document is designed for Local Support Providers (LSPs). This page was last modified on Tuesday, 14-May-2013 14:02:30 EDT.
Modern multi-function devices such as network-attached copiers and multi-function printers have many of the same components and thus many of the same potential vulnerabilities that personal computers and network servers have.
A major issue with multi-function devices at the University is mis-configuration or non-configuration of the device's services or features. Many multi-function devices are deployed with little more than an appropriate IP address. Having a standardized checklist for secure deployment is a good idea. In addition, making certain that options are fine-tuned (such as email settings not allowing the device to be an open relay) is very important.
This document includes a set of basic recommendations for reducing School, Center, and departmental vulnerabilities in this area. It is not intended to be all-inclusive.
Vulnerabilities and Mitigation
It's important to note that not all multi-function devices support all of the mitigation steps described below. This is especially true of older or lower-end devices.
Physical access to data
Anyone who has physical access to the multi-function device theoretically can extract data from the device, so take precautions to secure the data.
Ensure that documents are deleted from the multi-function device after the job is completed. One of the big vulnerabilities from physical access to data can be addressed to a degree by encrypting hard drives on devices that are capable. Also, many of these devices have a "secure delete" function that can be enabled.
Remote access to data
At an absolute minimum, the multi-function device's various administrative and network interfaces (such as SNMP and HTML) should be password-protected. Limit or turn off unneeded services — for example, the device's mail relay features should be configured appropriately for your network, or even disabled if they are not going to be used. Other examples include old or little used protocols like PJL, PML, and IPX/SPX.
Proper disposal of hard drives
Make sure that multi-function devices that are retired from service have their internal hard disk drives securely wiped clean and/or destroyed for disposal. Some vendors also offer disk sanitization services.
LaserJet printers and multi-function devices
University-specific Hewlett-Packard configuration advice (PennKey protected)
University-specific Provider Wiki article on Basic Steps for Securing HP MFDs
HP's Secure printing solutions jump page
Ricoh and Canon copiers and multi-function devices
Ricoh jump page on Security
June 2010 ISC presentation on Securing Printers and Multi-Function Devices (PennKey protected 2.8 MB PDF)
NIST checklists for multi-function devices
2005 Gartner article on How to Secure Your Printers and MFPs
Information Systems and Computing
University of Pennsylvania
Comments & Questions