Posts

When it comes to cybersecurity, you probably think of protecting computers, apps, or online databases first and printers last. Precisely because they’re overlooked in, printers can be exploited by hackers and used as a gateway to infiltrate your systems. Secure your networks against intruders by following these steps.

What makes business printers vulnerable to cyberattacks?

When assessing network security threats, companies primarily focus on servers and computers not only because they are the most exposed to external threats, but also because they get the bulk of cyberattacks. Printers are often at the bottom of the list since they are not prime targets. What’s more, their functions seem to be internal at first glance, as they don’t interact with external systems.

But it’s exactly because of their primary functions, namely printing and scanning, that make print devices perfect cybercriminal targets. Businesses run important documents such as tax forms, employee information, medical records, and financial statements through print devices, and hackers would definitely love to get their hands on them.

And they can — easily.

Network printers store previous print jobs in their hard drive, sometimes including those that have been canceled. If anyone accesses the printer — even remotely — they may be able to see those documents by hacking into the printer using a specialized tool.

Files can also be intercepted during wireless transmission, as modern printers can now be connected to the web. Not only can hackers exploit printers’ open network ports to view data, but they can also take over vulnerable printers and transmit their own data through the machine.

What can you do to protect your business printers?

Business printers should not be disregarded when planning a cybersecurity strategy. Keep your print devices secure by following these best practices:

  • Monitor your network continuously and promptly install printer software updates and patches. Printer manufacturers often release software support or updates, so regularly check for those.
  • Change the default password and administrator login credentials of printers with web management capabilities.
  • Only allow company-owned devices to connect to your printers.
  • Always connect to your printers using secure connections. Conversely, avoid accessing your printers through a public internet connection.
  • Restrict printer access by using a firewall.
  • If your wireless printer has the feature that requires users to enter a PIN before they can print documents, enable it to prevent unauthorized access.
  • If you don’t use your printer for fax and email, isolate your printer from your main company network and disable out-of-network printing.
  • If you handle classified data, do not connect your printer to any network. Instead, connect it directly to your computer using data cables, or print from a thumb drive.
  • Secure your printouts by enabling manual feed. This setting requires a user to manually input paper (or any material to be printed on), so there are reduced risks of the printed document getting stolen or being left in the printing area.

Another way to secure your printers is by partnering with an IT company that can take care of your printer-related worries. From thwarting attacks to reducing management costs to keeping your printer at optimal functionality, our experts can help.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

There really is an app for almost everything — including one that cyber-criminals use to hack into businesses’ systems. Cyberattacks have become so advanced that they are now aided by an app, like this one that poses serious threats to Office 365 users. If you’re using Office 365, here’s what you need to know.

A phishing scam that harvests users’ credentials

The latest cyberattack on Microsoft Office 365 involves harvesting users’ credentials. Scammers use this previously unseen tactic by launching a phishing message to users, asking them to click on an embedded link. What makes this scam more insidious than traditional phishing scams is that the URL within the message links to a real Microsoft login page.

How does it work?

The phishing message resembles a legitimate SharePoint and OneDrive file-share that prompts users to click on it. Once they do, they are taken to an Office 365 login page where they will be asked to log in if they haven’t already.

After they’ve logged in, they’ll be prompted to grant permission to an app called “0365 Access.” Users who grant permission effectively give the app — and the hackers behind it — complete access to their Office 365 files, contacts, and inbox.

This technique can easily trick lots of users since the app that requests access is integrated with the Office 365 Add-ins feature. That means that Microsoft essentially generates the request for permission. No, Microsoft is not aiding hackers to breach systems. Rather, the scam is made possible by a feature that allows users to install apps that are not from the official Office Store.

Ways to protect your Office 365 account — and your business

Given their fairly advanced approach, these scammers could effortlessly prey on careless employees. There are ways to make sure that doesn’t happen.

  • Always check the email’s sender account before clicking on any link or granting apps access.
  • Implement a policy that prevents staff from downloading and installing apps that are not from the Office Store.
  • Regularly conduct security awareness training that covers essential cybersecurity topics. Educate employees on how to spot phishing scam red flags (e.g., unknown senders, grammatical and typographical errors, suspicious requests, and the like). Increase their knowledge about more sophisticated attacks and keep everyone informed about current and future cybersecurity risks.

Successful attacks could result in an unimaginable catastrophe to your company. For tips on how to spot this and other nefarious scams and how to plan thorough security practices, contact our experts today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE