Over half of UK SMBs risk serious financial loss through printer hacks

More than half of UK small and medium sized businesses (SMBs) are exposing themselves to a serious data breach because they are not protecting their office printers, according to research from Sharp. Obviously it has an interest here.

Despite latest analyst reports suggesting that print-related data loss costs larger businesses an average of £313,000 a year, the threat posed to a network by connected printers and MFPs is still being overlooked by businesses across the UK.

The new research provides a snapshot of office printing behaviour across Europe and revealed that UK office workers are oblivious to the potential risks posed by printers and multifunctional printers (MFPs) in their workplace, with 95 per cent not considering these devices as an IT security risk.

In contrast, a third of office workers did associate physical printouts left in the paper tray with a potential data security risk.

And although high-profile print hacks such as those connected to YouTube star PewDiePie have made headlines, only 18 percent of office workers were aware that printers could be hacked – but didn’t see this as a risk to their company. 54 percent said that their printers didn’t require any user authentication, anyone could use the devices freely.

Sharp has launched a free data security guide for SMBs, developed with ethical hacker, Jens Müller. The free ‘Simple printer security for small businesses’ guide can be downloaded here and includes “easy to follow tips” for those responsible for office technology.

Müller explains the risk, “Printers are everywhere. Every company has one, and today they are usually connected to your company’s network which means they become an easy target for hackers if they are not secure.

“Not only can printers and MFPs provide access to sensitive printed, scanned and faxed documents, there is also the risk of more sophisticated attacks which can escalate into the company-wide network. Hackers only need to find one way in and they will look for the weakest link. Make sure it’s not your printer.”

The issue is more pronounced for smaller companies – those with less than 50 employees were least likely to have security features in place. 66 percent allow anyone to use their printer freely, compared to 43 percent of larger organisations (151-250 employees). Industries typically handling sensitive or confidential information, including HR and legal, were also less likely to have basic security features in place with 62 percent allowing anyone to use their devices freely.

Peter Plested, Director of Information Systems at Sharp, said: “The impact of data breaches, both financially and regulatory, can be devastating for companies of all sizes. As our research highlights, smaller companies have less resource and less ability to tackle cybersecurity, and that’s why educating employees on these risks is so important.”