XEROX TARGETS HARD-COPY THEFT

  • ink-direct-banner-902-x-177-v-1-2-big-banner-03-23-2017
  • cartridgewebsite-com-big-banner-02-09-07-2016
  • Print
  • futor_902x177v7-tonernew
  • 05 02 2016 429716a-cig-clearchoice-banner-902x177
  • clover-depot-intl-us-ca-email-signature-05-10-2017-902x1772
  • banner-01-26-17b
  • 4toner4
  • 2toner1-2
  • mse-big-banner-new-03-17-2016-416716a-tonernews-web-banner-mse-212
  • 161213_banner_futorag_902x177px
Share

XEROX TARGETS HARD-COPY THEFT

 user 2005-12-19 at 10:28:00 am Views: 61
  • #13737
    Xerox Targets Hard-Copy Theft

    December  2005

    Multifunction
    devices that combine printing, copying, faxing and other features are a
    major source of data leaks, but few enterprise IT managers recognize
    the threat, according to security experts from Xerox Corp.
    Hackers, malicious insiders and even foreign governments are harvesting
    data from insecure printers and copiers, accounting for as much as 80
    percent of corporate espionage, according to Xerox officials in
    Stamford, Conn.
    Xerox is developing digital rights management technologies that can
    stop unauthorized printing and copying, but companies need to do more
    to lock down their peripherals, according to Dave Drab, a principal in
    Xerox Global Services.
    While IT departments struggle to patch vulnerable software
    applications and operating systems, their biggest exposure is often the
    printers and copiers that sit quietly outside workers’ offices, said
    Drab, a former FBI agent who investigated corporate espionage and
    organized crime.
    “The corporate world is pretty much in the mind-set of [information security] and data protection,” Drab said.
    While multifunction printers and copiers don’t look like PCs or
    servers, they have many of the same features: hard disk drives,
    always-on network connections and the ability to send information out
    via e-mail, Drab said. “They have all the intelligence that a computer
    has, but … the tendency is to look at the device the same way as they
    did 10 years ago: Printers print,” he said.
    Groups such as The SANS Institute recently have warned about holes
    in anti-virus and backup software being exploited. However, skilled
    corporate spies are trained to sniff around printers and copiers, as
    well as paper recycling bins, for their information, Drab said.
    Malicious insiders often target traffic to networked
    printers to harvest sensitive information from corporate networks. For
    example, Drab said these data thieves may spoof the address of a
    printer to collect print jobs or sniff traffic on its way to a printer.
    Misconfigured and inadequately secured printers and copiers are also a
    problem, he said.Most multifunction devices arrive from the factory
    with a host of services—such as FTP, e-mail and communications
    ports—open. Administrators commonly plug those into the network without
    disabling features they don’t need or shutting off ports that won’t be
    used, Drab said.And with large enterprises creating more than 850 million
    “impressions” of their data a year using printers and copiers,
    malicious insiders and corporate spies have plenty of data to choose
    from, said Jim Joyce, a senior vice president for North American Office
    Services at Xerox. Preventing sensitive information from being printed
    and copied at all is more difficult, Drab said.
    Xerox has developed search technology—code-named Categorizer—that
    can find and automatically classify documents on its network based on
    the data’s content.