• Insights
  • Recent Posts
  • Popular Posts
  • Popular Tags

  • When I ask clients about their IT security strategy, I am generally surprised at the responses I receive. Most of the time, they give me a list of security program elements currently in play: firewalls, vulnerability management, IDS, anti-virus, etc.

    But just as a shopping list does not constitute a three-course dinner, a list of elements is not the same as an IT security strategy.  Nor is it the most optimal place to begin building one!

    The next most common response I get, is that there is no formal, documented security strategy in place. The company simply “does its best to keep hackers out and protect against breaches”. (more…)

    From Our Experts

    , ,

    As we quickly transition into a new year, I think back on 2017 and the rash of cyber security stories that made national and international news. Ransomware like WannaCry and NotPetya, the Equifax breach, SMBv1 and SSL vulnerabilities, etc. Even a global phishing scam used a fake Konica Minolta C224e scan to email message as bait.

    Most noteworthy in the printer industry were the major campaigns launched by various MFP and print providers. As it turned out, one of the most prolific printer security campaigns actually backfired when it was discovered that the very printer vulnerabilities described in the campaign were actually discovered on their own portfolio of enterprise printers. You couldn’t make it up if you tried. (more…)

    Content Management, From Our Experts, Security, Solutions, Technology

    , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

    Blog-bizhubSecureYou may have heard about recent reports of network hackers gaining access to multifunction printers, causing headaches for IT and cyber security personnel. These stories in the news are creating a lot of noise in the industry, overstating the risks of having a printer or MFP installed within an organization’s network. Although the vulnerabilities could be a cause for concern, multifunction printer hacks are relatively harmless, causing incidents such as an MFP to “lock up” using denial of service and brute force attacks. This type of action would require an exceptional, concerted effort by a person within the firewall of an organization to attack a specific multifunction printer. Typically, a person who wanted to do cyber harm within a corporation wouldn’t spend this type of effort to attack a printing device.

    It is important to understand that these perceived network vulnerabilities can only be taken advantage of from within a company’s network environment. This means that the network hacker would need to be a company or organizational employee with private network access. The devices are not vulnerable from outside the firewall or from the Internet – unless the network is vulnerable to external attacks. If that is the case, the multifunction printer should be the least of an organization’s worries. Obviously, the first course of action must always be to secure the network.

    (more…)

    From Our Experts, Security

    , , , , , , , ,