What Organizations Need to Change When Managing Printers
These articles are AI-generated summaries. Please check the original sources for full details.
What Organizations Need to Change When Managing Printers
The lack of protection for managed printers is a significant concern, with Jim LaRoe, CEO of Smyphion, emphasizing that “managed” does not mean “protected” and that printers are often the softest path to compromise due to the absence of ownership and accountability for their protection. The ownership vacuum, where printer endpoints are not assigned to a specific owner, is a major challenge that precedes the technical challenge of securing printers.
Why This Matters
The reality is that printers are frequently overlooked in terms of security, with a focus on uptime and cost rather than protection, leading to a significant blind spot in the budget and a lack of priority for security. This oversight can have severe consequences, as printers are a vulnerable entry point for attackers, and the cost of a breach can be substantial, with the average cost of a data breach exceeding $3 million.
Key Insights
- 20% to 30% of an organization’s endpoints are printers, which are often unprotected: Jim LaRoe, CEO of Smyphion.
- The ownership vacuum is a major challenge, where no one is accountable for the protection of printer endpoints: Jim LaRoe, CEO of Smyphion.
- Supply chains often seek to include security in managed service provider contracts in requests for proposals (RFPs): Jim LaRoe, CEO of Smyphion.
Working Example
# Example of a plain-language security standard for printer endpoints
## Identity and Access Controls
* Implement multi-factor authentication for all printer endpoints
* Limit access to authorized personnel only
## Change Governance
* Establish a change management process for all printer endpoint configurations
* Require approval for all changes
## Monitoring
* Implement continuous monitoring of all printer endpoints
* Require weekly reporting of any security incidentsPractical Applications
- Use Case: Assign a single “printer endpoint security owner” under the CISO to oversee the protection of all printer endpoints, as recommended by Jim LaRoe, CEO of Smyphion.
- Pitfall: Failing to integrate printer endpoints into the risk register and including them in pen tests, tabletop exercises, and compliance audits, which can lead to a false sense of security and increased vulnerability to attacks.
References:
Continue reading
Next article
Infinite Demand for Code: How AI Drives Developer Jobs
Related Content
Choosing a Cloud Network Security Solution for Enterprises
A 2025 report revealed 97% of organizations experiencing AI security incidents failed to secure access properly, highlighting the need for robust cloud network security.
Challenging Google Play Security: A Technical Proposal for Manifest-Level Verification
Developer Indigotime proposes replacing Google's identity verification with technical declarations of public keys and hardcoded web addresses to stop data interception.
I built a local Rust MCP security proxy for AI agents
Armorer Guard provides local Rust-native security for AI agents, scanning MCP tool calls with 0.0247ms latency to block prompt injection and credential leaks.