McAfee Focus 2012: Xerox, McAfee partner on embedded security threat

Only around 13% of organisations are aware that printers and multi-function devices represent a threat to information security, says Xerox

Only around 13% of organisations are aware that printers and multi-function devices represent a threat to information security, Xerox has claimed.

“Many organisations do not even realise that these devices are connected to the internet,” said Rick Dastin, president of the office and solutions business business group at Xerox.

But for this reason, they are as vulnerable as PCs to unauthorised network access through attacks such as cross-site scripting (XSS), SQL injection, and firmware vulnerability exploits.

In addition, printers can be infected by embedding malware in print jobs or simply plugging a memory stick into the target device’s USB port.

Once infected, these devices can be used to sniff network traffic, infect other devices on the network, or used as a launchpad for attacks.

Malware is moving rapidly into embedded systems, said Dastin, the problem is relatively few organisations are managing these systems well, making them vulnerable to attack.

“Organisations need to realise that multi-function devices are endpoints on their network with operating systems, and just like any other endpoint, they have to be protected,” he said.

Lessons in printer security

Security filter for multi-function printers

But instead of continually building higher walls around printers, Dastin said Xerox approached McAfee to develop a more proactive approach, which he likened to “putting a barking dog in the house”.

As a result, the companies have formed a partnership and demonstrated an industry-first method for protecting print devices and data from malware at McAfee Focus 2012 in Las Vegas.

The McAfee embedded Control software, developed jointly with Xerox, is a filtering method that allows only approved software to run.

“Because printers and multi-function devices run very specific software, we can run a very tight whitelist approach as well as monitor what is executing without affecting performance,” said Dastin.

It is intrusion detection without being intrusive, he said. The fact that it just runs in the background and does not affect the user’s experience means they will not seek ways around it.

The solution, to be available in the first quarter of 2013, is designed to simplify processes for IT administrators by embedding software in the print device’s computer.

The software, which is designed to scale from simple to complex environments, also provides immediate security alerts and an audit trail to enable organisations to track and investigate the time and origin of security threats and take appropriate action.

McAfee expects huge growth in the embedded security software market. “The world is starting to realise security needs to be built in right from the moment of design,” said Michael DeCesare, McAfee co-president.

“Just as airbags are part of vehicles from design and are built in as a standard part of the production process of cars, we are beginning to see similar moves in security,” he said.

Read more on Privacy and data protection