Most IT teams slow to update printer firmware, raising risks

A recent report has revealed that only 33% of IT teams are prompt in applying printer firmware updates, leaving organisations vulnerable to security threats.

The findings, released by HP Wolf Security in the report "Securing the Print Estate: A Proactive Lifecycle Approach to Cyber Resilience," are based on a global survey of 803 IT and security decision-makers across multiple countries, including Canada, the US, the UK, Japan, Germany and France.

Security oversight in printer lifecycle

The report explores four key stages in the lifecycle of printers: Supplier Selection & Onboarding, Ongoing Management, Remediation, and Decommissioning and Second Life. The research indicates that critical gaps exist throughout these stages, exposing organisations to risks from both cyber and physical threats.

During the Ongoing Management stage, just 33% of respondents indicated that their organisations apply printer firmware updates in a timely manner. This is despite IT teams often dedicating as much as three hours per printer every month to manage hardware and firmware security. Delays in applying these updates create unnecessary exposure to threats, including the risk of cybercriminals exfiltrating sensitive data or taking over devices.

Collaboration issues at procurement

The report found that only 37% of IT and security decision-makers reported effective collaboration between procurement, IT, and security teams to define printer security standards. Sixty percent warned that this lack of collaboration increases organisational risk. Additionally, 44% said that IT or security teams are not involved in vendor presentations, 52% do not request technical documentation from vendors to validate security claims, and 53% fail to submit vendor responses for appropriate security review. Once printers arrive on site, 41% of respondents cannot confirm if these devices have been tampered with during transit or at the factory.

Remediation and offline concerns

In the Remediation stage, only 38% of those surveyed can identify vulnerable printers when new hardware or firmware vulnerabilities are published. Tracking of unauthorised hardware changes made by users or support teams is also limited, with just 38% able to do so, and only 34% are equipped to detect security events linked to hardware-level attacks. Physical security is also highlighted, as 75% of respondents are increasingly concerned about offline threats, such as employees mishandling printed sensitive information.

Challenges at end-of-life

The report addresses concerns associated with the decommissioning or reuse of printers. It found that 81% regard data security as a significant barrier to printer reuse, resale or recycling. On average, each organisation has approximately 58 printers that are either redundant or being decommissioned. A lack of confidence in current sanitisation solutions persists, with 23% uncertain about the efficacy of fully wiping devices. Eighteen percent believe that physical destruction of printer storage drives is necessary, and 5% insist that both the device and its drive must be destroyed to ensure data security.

Printers are no longer just harmless office fixtures – they're smart, connected devices storing sensitive data. With multi-year refresh cycles, unsecured printers create long-term vulnerabilities. If compromised, attackers can harvest confidential information for extortion or sale. The wrong choice can leave organizations blind to firmware attacks, tampering or intrusions, effectively laying out the welcome mat for attackers to access the wider network.

This warning comes from Steve Inch, Global Senior Print Security Strategist at HP, who outlined the emerging risks linked to unattended printer security in today's interconnected environments.

Recommendations outlined

In response to these findings, the report recommends several actions for organisations aiming to strengthen print security across the hardware lifecycle. These include ensuring IT, security, and procurement teams actively collaborate to set robust requirements when purchasing printers, requiring manufacturer-provided security certificates for products and supply chain processes, and applying firmware updates promptly to reduce exposure.

The report further suggests the use of security tools to streamline policy-based configuration compliance, deploying devices capable of continuous monitoring for zero-day and malware threats, and selecting models equipped with secure erasure functions for safe recycling or reuse.

By considering security at each stage of a printer's lifecycle, organizations will not only improve the security and resilience of their endpoint infrastructure, but also benefit from better reliability, performance, and cost-efficiency over the lifetime of their fleets,

stated Boris Balacheff, Chief Technologist for Security Research and Innovation at HP.

The report positions print security as a key component of overall enterprise cyber resilience, recommending a comprehensive approach that includes procurement processes, ongoing management, and secure decommissioning procedures.