Multifunction Printers (MFPs) have become an essential part of an organisation's network offering advanced features for storing and transmitting crucial information about a business, its customers, and its employees across multiple locations.

However, when not secured or used correctly, MFPs can be vulnerable to cybersecurity threats and may compromise the security of sensitive data.

The Office of the Australian Information Commissioner (OAIC) emphasises the need for organisations to proactively safeguard data.¹

The OAIC recorded 409 data breaches during the January to June 2023 reporting period. Cybersecurity incidents including ransomware and phishing accounted for 42% of all breaches, with contact, identity, and financial information the most common data compromised through breach. The OAIC stated; ‘Organisations need to be alert to this growing attack surface and have robust controls in place to minimise the risk of data breach’.

As printers are network and cloud-connected, and used by many people, it is necessary to secure them with advanced security measures as a means to limit entry points for cyber-attacks. Canon puts its products through rigorous internal cybersecurity tests to protect systems to ensure the entire product line is compliant with the highest data privacy and endpoint security standards.

Along with this, Canon also recommends implementing the following measures to help further limit potential cybersecurity threats to your MFPs.

1. Control Access to specific individuals or groups

Many people in an organisation use MFPs, including employees who work from home, including authorised contractors and guests. To prevent unauthorised access, regulate MFP usage by limiting the functions and locations where sensitive information can be transferred and configure settings to specify access for individuals or groups.

2. Protect sensitive information

MFPs are designed to store, transmit, and receive data and documents across devices and locations. Ensuring your organisation’s information security is protected from accidental intrusions and malicious attacks is vital. To prevent interception, certain functions can be restricted, and some settings can encrypt data or integrate with email security solutions. These steps will help reduce vulnerability and safeguard data in transit.

3. Protecting your MFPs system

Without advanced cybersecurity measures, such as anti-virus or anti-malware – similar to McAfee embedded control, your MFPs can become an easy target for hackers to gain unauthorised access to sensitive data and your network. Your MFPs need measures that only allow approved firmware and applications to avoid security breaches. Regular updates ensure security functions are up to date; alongside IT staff who consistently monitor these updates to maintain a system's security.

4. Manage and monitor your security settings

Managing multiple MFPs across different locations can be challenging. Configure your MFPs to minimise potential cyber threats. Security settings should be applied consistently and monitored regularly. Integrating security settings with SIEM systems also aids comprehensive management.

5. Data encryption that conforms to minimum security standards

MFPs may have sensitive data passing through them when print and/or scan jobs are sent to them. Without sufficient levels of encryption, the storage could be removed, and residual data could be read from the device. Device storage that is both password protected and leverages a cryptographic module that complies with the FIPS-140-2 security standards, gives you peace of mind that your data is secure.

Canon's latest generation of MFPs, the imageRUNNER ADVANCE DX series, emphasises protection against cybersecurity risks. While no technology can be 100% secure, Canon has identified and closely considered these features to assist you in achieving your printing needs while also helping safeguard your organisation against potential threats to cybersecurity.

¹ https://www.oaic.gov.au/newsroom/ongoing-vigilance-in-data-protection-measures-essential