The second PewDiePie printer hack in as many weeks demonstrates that a great many customers don’t really understand the vulnerabilities that poorly managed printers introduce to their IT infrastructure. Truth be told, neither did I until the techies here at my company explained it to me.
The problem is that printer security is just not that interesting. What is interesting is how these security vulnerabilities create opportunities for forward-thinking print providers.
You can’t “solve” security
There will be another hack just around the corner. As a result of this relentless cycle, customers struggle to keep up to date with the plethora of security patches that they need to make. By way of illustration, consider that the malware attack WannaCry, which happened in May 2017, impacted a huge number of businesses and government departments worldwide, despite Microsoft having released a patch for the vulnerability used in the attack two months prior, in March 2017.
The print industry is awash with security solutions that, though valuable, are only ever as good as their design, and often the solution will remain unchanged from the day it was first installed. This is the key issue — cybersecurity, and by extension print security, is not something that you can “solve.” Cybersecurity should be janitorial. There’s always more that you could do, and businesses prioritize resource to take care of the most obvious weaknesses and most relevant threats.
A managed services opportunity
Managed IT services should help to control and constrain these threats, but — and this is the bit I find intriguing — shouldn’t print security be within the remit of a managed print provider? Shouldn’t managed print providers be offering to take over print security for large enterprises and the SMB alike?
Historically, managed print services have focused on just-in-time toner delivery, parts and service for devices, but MPS rarely includes the full management of the underlying print infrastructure. One reason for this may be the scale of the task; managing certificates, access and access controls, server patching, drivers, storage, performance, backups, etc. are difficult tasks, sure. But the more likely reason print providers don’t offer these services is linked to the lack of economies of scale in managing multiple traditional Windows print infrastructures. The necessary tasks need to be performed for each and every customer separately and independently.
Enter the managed print platform
The challenge then for managed print providers is to leverage a platform-based approach, managing security for their customers in aggregate fashion, applying patches once for all customers concerned. Better still, work with one of a number of emerging software providers that offer this sort of next-generation print infrastructure — and will even take responsibility for delivering available SLAs and the required level of customer security. When all this is done right, a platform can be delivered with no service interruptions, utilizing native functions provided by AWS or Azure. The implication here is that managed print partners can focus on selling MPS while adding points of differentiation like high availability, end-to-end encryption, and managed security for print infrastructure.
Who is responsible for closing this gap?
Do customers need to get better informed and start taking security more seriously? Absolutely. But does the print industry have a role to play in providing quality security offerings that are easy to adopt and actively maintained over the longer term? Undoubtedly.
For what it’s worth, I think it is time for managed print to stand up and secure itself — using centralized tools and expertise, driving economies of scale on maintenance tasks while delivering best in class outcomes to our customers.
I’m really interested to hear your views — are you a customer or an MPS provider? How do you look at the challenges and opportunities laid out above?