Presentation is loading. Please wait.

Presentation is loading. Please wait.

Auditing Security Controls of Printers, Scanners, and Multifunction Devices 2010 NSAA IT Workshop and Conference Brian Rue Chris Gohlke Go Noles! Go Gators!

Similar presentations


Presentation on theme: "Auditing Security Controls of Printers, Scanners, and Multifunction Devices 2010 NSAA IT Workshop and Conference Brian Rue Chris Gohlke Go Noles! Go Gators!"— Presentation transcript:

1 Auditing Security Controls of Printers, Scanners, and Multifunction Devices 2010 NSAA IT Workshop and Conference Brian Rue Chris Gohlke Go Noles! Go Gators!

2 Presentation Agenda 1 st Half – MFD Functions/Services & Security Weaknesses 2 nd Half – Preparing a MFD Audit Program 2

3 In the Beginning… Chester Carlson with the first xerographic apparatus 30s Not much to audit 3

4 Manual process – Thermal Paper Transfer Still not much to audit….. 4

5 Xerox 914 was the first plain paper photocopier using the process of Electro-photography No USB/No Tape Drive/No Hard drive/It did come with a fire extinguisher due to heat & ignition issues 5

6 The image above shows the channel-attached version of the 9700, as the tape tower isn't present. Under the LS100 terminal, Xerox had placed a modified DEC PDP- 11/34. An extra cage contained a few proprietary cards to facilitate the page ripping. There was a Control Data 14" hard drive (the removable platter type) on sliders. CPU/ Memory – Tape Drive added.. 6

7 Printer/Copier/Scanner/FAX Wired Network Connectivity Wireless Networking Wi- Fi/Bluetooth Removable Memory Hard Drives Operating System Web Server User Accounts Remote Access Landline Connection Scan to Network Share or PC Integration Web Submission of Print Jobs Web Browser 7

8 The CBS News Story On YouTube 8

9 Understanding the MFD 9

10 MFD>A Server with a Glass Top MFD Hardware Components 1. Central Processing Unit (CPU) 2. Memory (ROM/RAM/FLASH) 3. Hard Drive 4. Network Card 5. ABGN Wireless Radio 6. Bluetooth Radio 7. USB Connection 8. Analog Modem 9.Multicard Memory Reader 10. LCD/LED Screen 10

11 MFD Breakdown 11

12 MFD Software Operating System -GNU/Linux, VxWorksS, Windows NT 4.0 Embedded, Windows XP Embedded, Mac OS X, Sun Solaris, or Vendor Proprietary OS Print Engine/Controllers – May be supported by secondary OS Database (PostGreSQL+) Drive File System (NTFS/FAT) Additional Applications (Document Management -Optical Character Recognition or PDF conversion, Software Development Kits – Sharp OSA, Xerox EIP, HP Open Extensibility Platform, Web Server) 12

13 MFD Software Security Issues Security patches not applied to operating system and services with discovered vulnerabilities – Lack of vendor support for security patches – Software or Operating system vulnerabilities may be used to elevate privileges Lack of change management procedures Memory storage (hard drive, ROM/RAM, flash drive) unencrypted by default – Hard drive stores spooled and processed jobs in clear text – MFD RAM memory stores documents in clear text during and after processing by default – Flash drives usually contain unencrypted jobs 13

14 MFD Services Apache Web Server Remote Access (Telnet,FTP,HTTP,SNMP) Bytecode interpreters or virtual machines for internally hosted third party applications Network service clients for sending of documents to different destinations Network service servers for receiving documents for print or storage Image processing services 14

15 MFD Services Security Issues Unneeded services left on increasing the number of potential attack points into the MFD Services with security vulnerabilities not patched No/limited logging of service activity 15

16 MFD Network Communications Common Open Ports/Protocols – HTTP 80/TCP – SNMP 161/UDP – LPD Printing 515/TCP – PDL Printing 9100/TCP Protocols – AppleTalk – Internet Printing Protocol – PCL – HPPCL Printing Protocol – Telnet – IPX/SPF – FTP – TCP/IP 16

17 MFD Network Communication Security Issues No firewall rule set for ingress (traffic into the MFD) or egress (traffic out of the MFD) filtering MFD does not support entity PKI strategy (no support for CA certificates) Print/fax/scan jobs transmitted over network/Internet in clear text Unneeded protocols and ports left open 17

18 MFD Wireless Access Wi-Fi – WEP – WPA WPA-PSK WPA-Enterprise – WPA2 WPA2-PKS WPA2-Enterprise – No Encryption Bluetooth – Prior to Bluetooth v2.1, encryption is not required and can be turned off at any time. 18

19 MFD Wireless Security Issues Unencrypted wireless connections transmitting documents in clear text (intercepting documents in the air) Potential remote attack access point into the MFD 19

20 Fax Services Fax to memory (disk/disk share) Hardcopy fax printouts PSTN – analog phone modem connection 20

21 MFD Fax Services Security Issues Faxes auto print in an unsecured area – No authorization required to verify recipient before releasing fax Faxes held in unencrypted memory after print Lack of logical separation of analog modem from LAN (Ability to enter LAN from modem connection) 21

22 Drive Shares Network Drive Shares Printer Drive Shares PC/MAC Shares Printer Hard Drive Shares 22

23 MFD Shares Security Issues No auditee procedures for configuring drive shares Undocumented drive shares Shares setup without encryption 23

24 MFD Management 1.Device Console 2.Web Interface 3.Network client/server enterprise management application 24

25 MFD Management Security Issues Physical Consoles on MFDs Setup Without Pass Codes Default Web Interface may not require password Most devices not configured with user or group accounts to authenticate and authorize Limited to no logging of user activity (console logons, patching, administrative functions) 25

26 MFD Repair Procedures 26

27 Physical Security 1. Conduct Risk Assessment to determine if use of MFD and physical location of device provides adequate physical security controls. 2. Processing confidential or sensitive data on a device in a common area creates multiple security issues. 27

28 Surplus Device Procedures 1. Clean Printer Configuration Files 2. Wipe Drives/Memory 3. Ensure no Sensitive Paper Copies on Glass or in Machine (legacy paper jams) 28

29 MFD Certifications/Acts/Contractual Obligations National Security Telecommunications and Information Systems Security Policy (NSTISSP) #11 DOD Directive Common Criteria (EAL1 to EAL4) Gramm–Leach–Bliley Act (GLB) Health Insurance Portability and Accountability (HIPAA) Payment Card Industry – Data Security Standard 29

30 Potential Components of an MFD Audit Program Network/Server Shares Wireless Access Controls Physical Security Encryption Surplus Contracts/Leasing Policies and Procedures 30

31 A Majority of Which Fall Into Your Normal IT Audit Program MFD Audit Program IT Audit Program 31

32 Since you probably wont get a ton of audit hours for MFDs…… 32

33 Obtain an Understanding and Assess the Risk Get an inventory listing Inquire Observe Get manuals Search online for common vulnerabilities 33

34 Physical Security Does the unit have a locking compartment for the hard drive, etc? Is there a physical reset button that will restore the unit to factory default? Is it secured? Is the entire unit secured in place, or could it be wheeled out of the building? Is output secured? 34

35 Device Controls Strong password controls at the console? Settings/administration locked down to authorized individuals? Is the web interface turned on? Does it need to be? Are unneeded network services turned on? Is wireless on? Does it need to be? Is it secure? Logs kept/reviewed of administration functions? Are the logs secured? Are there security patches for the device and if so are they checking for them and applying them in a timely manner? 35

36 Data Controls Does the device have an option for encrypting/automatically wiping copies after a job prints? Did they pay for it? Is it turned on? If not, why? Do they have a compensating control? 36

37 Surplus Did they lease or purchase? If leased, what rights do they have to wipe the drive? Is it user accessible? Are you going to be able to audit it? If purchased, do MFDs fall under their normal PC surplus policies for having devices wiped? What about when the device is serviced or parts replaced? 37

38 Policies and Procedures As always, the above should be covered by a policy and procedure. 38

39 Multifunction Device Resources 39

40 40

41 41

42 42

43 Questions? 43


Download ppt "Auditing Security Controls of Printers, Scanners, and Multifunction Devices 2010 NSAA IT Workshop and Conference Brian Rue Chris Gohlke Go Noles! Go Gators!"

Similar presentations


Ads by Google