Q

Print-management software security starts with a private IP address

Print-management software shouldn’t provide a great risk to a company provided it uses a private IP address, says expert Mike Chapple.

I wanted to ask your opinion about print-management software. I often hear security concerns from our IT managers about

running print management software on the network. I can see no risks while using port 443; the software allows both masking of IP addresses and the host name of the computer/server it is installed on. I think the main concern is that it is a Web-based program and they aren't comfortable with accessing it in that method or having their printer info out on the Web. All versions of this type of software appear to operate similarly.  Do you see any risks to IT?

Ask the expert

Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)

Generally speaking, there is no reason to single out print-management software as a risky service to run using a Web-based protocol.  I don’t think there’s anything particularly sensitive about printer information that would constitute a greater risk to your organization than many of the other services you have already enabled for the Web.

There is one phrase in your question that I’d like to focus on: You said your security managers aren’t comfortable “having their printer info out on the Web.”  If you mean accessible to the world, I agree wholeheartedly.  There’s no reason that a printer should have a public IP address or be visible from the Internet.  Your printers (and most of the devices on your network, for that matter!) should be using private IP addresses that are not routable from the Internet and are shielded by a firewall.  If an administrator needs to remotely access the Web interface of a printer to perform configuration work, they can do so on a virtual private network.

The bottom line is that there’s nothing too concerning about Web-based printer interfaces.  As with anything connected to your network, keep the printer patched and watch for security bulletins that might cover components of the Web interface.  If you’re particularly worried, consider running a Web application vulnerability scanner against the management interface of your printer.  If you find vulnerabilities, report them to the printer manufacturer and hope for the best!

This was first published in May 2012

Dig deeper on Network Device Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close