"[We're] thinking of you Alan, and write to assure you of our warm support and to add our names to the long list of all your friends. Stay brave and true. Yours Sincerely, Dana Vale MP." So ended an effusive fax of support from the then Minister for Veterans' Affairs, Dana Vale, to controversial Sydney shock jock, Alan Jones.
In April 2004, Jones was embroiled in an Australian Broadcasting Authority investigation for accepting large sums of money to change his opinion on everything from banks to telephony. As such it was a contentious time for a minister to be throwing her support behind a member of the media - let alone one whose ethics had been brought into question.
Vale had never intended for the fax to be made public - yet she'd sent it directly to Jones' office at Sydney radio station, 2UE. Jones had left 2UE in 2002.
If that doesn't send chills down your spine, consider the Federal Police bungle that saw reams of highly sensitive plans for a top-secret police sting faxed not once but twice to a sexual health clinic in Canberra. Names, addresses, details of phone taps, surveillance material, plans to break into suspects' premises, information which could have seen a multimillion dollar investigation derailed, all sent by mistake to a wrong fax number.
At the time an AFP spokeswoman attributed the mistake to the failure of a pre-programmed dial feature. When the auto-dial feature didn't work, someone typed the wrong number into the manual override and the documents ended up in the wrong place. These days, faxing is usually bundled with other services in intelligent, networked multifunction devices [MFDs].
Yet while networked multifunction devices actually offer a range of security features that should help prevent such mistakes, most businesses don't turn them on.
Risky business
Managing director of printing systems integrator Cornerstone TSS, Rod Hogrefe, said manufacturers of IP-enabled multifunction devices had done a good job of integrating security features into their technology. However, it was of little use as most units were plugged in straight out of the box with scant regard for the increased risk a networked intelligent device introduces to the corporate LAN.
"Most businesses do not use the security features offered by multifunction devices," Hogrefe said. "The risk they pose depends on the health of the company network generally, but the print technology vendors have integrated a raft of security features to provide protection even for small organisations who might not have strong security generally."
After 15 years in information security, LogicaCMG's Ajoy Ghosh, said mistakes, such as sending sensitive information to the wrong fax number, were only the beginning when it came to the threats posed by such communications technology.
"There are essentially three very real threats," Ghosh said. "Each has either happened for real or I've proven I can do it."
Perhaps the most common threat identified by Ghosh is user error, where a fax is mistakenly sent to the wrong person, or a document is sent to the wrong printer.
Simple mistakes, as shown by the opening examples, can prove costly if the material misdirected is sensitive enough.
The second risk Ghosh identified is where documents stored locally on the multifunction device can be accessed through the company network.
"These are accessible from the network, so if someone from human resources prints out a salary letter, then someone else on the network can view it, or even change it and re-print the new version," he said.
"To prove it could be done, I've changed the dollar value on a cheque printer at the local real estate agent and re-printed a cheque, because they were silly enough to keep the cheque stock in the paper tray."
Hogrefe also said this local memory opened a security loop hole at the end of the life of a device, as it potentially retained a raft of sensitive information, and should be wiped before the machine was removed. Ghosh said it was theoretically possible to use a multifunction device's phone line connection as a back door into a corporate network.
"Because it's a fax, the MFD answers calls so a hacker can access it through the telephone line," Ghosh said. "Once there, they can view data on the MFD, or use the MFD as an entry point to the rest of the network."
Real or imagined?
But do such threats pose a serious risk to most organisations? Lexmark marketing manager for printing solutions and services division, Stephen Bell, said it was up to the vendors to work closely with the channel to ensure MFDs were configured to reduce risk to the corporate network.
"Any device that is placed on a network must be evaluated with respect to security," Bell said. General manager for printer vendor Oki, Graham Harman, said most MFDs were designed with features to assist with document management and office productivity. Network connectivity via an Ethernet port, lets users scan directly to a locally attached PC, email address, FTP site or to a shared directory on the network without extra software.
Harman conceded network-based security threats were theoretically possible but argued the security threats were "largely internal" and no greater than any other security risk associated with intellectual property of a business.
"Staff working on secret projects or highly sensitive information should have their own device, which is very affordable these days," Harman said.
Similarly, Epson marketing communications director, Mike Pleasants, warned against blowing the risks associated with networked MFDs out of proportion.
"Printers are essentially slave devices and almost all traffic flows one way from the PCs to the printer, so security breaches or threats are unlikely to be introduced via the printer," he said. "For an unsecured wireless network, however, an external device may capture the wireless transmission of a document sent to the printer, or any other part of the traffic on the wireless network. But, again, the security issue is with the network, not with the printer."
Cornerstone's Hogrefe said the risk introduced by a multifunction device was only as great as the risk to the network posed by poor security across the corporate network.
The principal challenge lay in ensuring resellers and users were sufficiently familiar with the technology to actually turn the features on in the first place, he claimed.
Technically speaking
As it turns out, the first line of defence against unwanted intruders, unauthorised internal meddling and plain stupidity has already been built into the technology itself through a process which Lexmark refers to as Device Hardening.
"Hardening a networked device is the process of securing the device's network interfaces," Lexmark's Bell said. "This includes eliminating unneeded or unused features and functions to prevent their abuse, locking down any interfaces that remain and securing the data hosted by the device."
Resellers and system integrators: pay attention. MFDs often sit by themselves, somewhere in the office out of sight. An unauthorised person could potentially circumvent network security by simply plugging a laptop, for example, into the network connection of such a networked MFD.
But Bell said features had been designed specifically to plug network holes created when new devices were connected.
These include the filtering and disabling of individual IP addresses, network ports and protocols as well as encryption of the data stored and actively used by the device.
"Port filtering allows the printer to be configured to meet virtually any policy regarding what protocols are and are not allowed on the network," Bell said. Network protocols solve problems of who can send information where. Bell pointed to hard drive encryption and wiping to protect who can access information. "When hard-drive encryption is enabled, all data written to the hard drive is encrypted and useless on any other device," he said. "This protects not only residual data from completed jobs, but protects data actively being used."
Bell said unauthorised external access could largely be controlled through TCP/IP connection filtering. "This feature allows the IP addresses from which the printer is to accept TCP/IP connections to be specified, and connections from all other addresses will be refused," he said. "Approved systems such as print servers and administrative workstations are allowed to make connections to the printer or MFD, but all other systems are left off the list and are therefore rejected." Other technologies contributing to enhanced security on MFDs, according to Bell, are remote management facilities, covering the devices and print traffic.
He said print protocols could also be hardwired into the network's configuration to serve privacy and confidentiality considerations.
"Printed jobs routinely contain sensitive information, financial data, information that personally identifies customers and employees, account information and so on," Bell said.
"Printers and MFDs are commonly located in high traffic areas with only basic physical security. In this environment, it's very easy for printed information to end up in the wrong hands, either accidentally or intentionally." According to Bell, controlling this risk comes down to deploying features designed to ensure the person receiving the material, or sending the information, is cleared to carry out that task.
These include confidential print, where a document does not print without a password; user authentication, where restrictions are placed on who sends what information and which device they send it to; and printer lockout, where print devices can only be accessed at specific times by specific users.
Educating the channel
Some suggest none of these features will make the slightest bit of difference unless the print channel adds value to their sales by completing a thorough risk assessment before choosing which features to implement. "We generally have a conversation with the clients to find out any special areas of business or their special needs. Often, we will help tailor security for them in a particular way," Cornerstone's Hogrefe said.
"You need to understand that as you increase the level of security on these devices you also generally reduce the level of productivity of the users, so it's important to understand what the client is trying to achieve and which security features they really need."
Hogrefe also claimed security settings should be piloted and tested before being finalised to ensure they suit the customer's requirements.
"Print is generally deemed a boring part of the sector, so while people focus on security everywhere else they won't pay much attention to print devices," he said. "There's lots of security functionality on offer from the manufacturers - it's just a matter of knowing what to turn on."
So although cures for stupidity continue to elude us, measures we can take do mitigate the dangers it poses in business - by restricting who can print what, and where they send it.
