Best Practice Update

A hand taking some documents off of a large printer. The data protection education logo in blue going down from top to bottom to the right of the printer

The Perils of Paper: The Printing Vulnerability

While visiting organisations during our data walks we will have a conversation with you about how printers are used in your organisation, we will discuss access controls and have a look around the print area and any recycling facilities.  Printing can be expensive as the cost of paper and toner has risen, but it can also be costly to your cyber resilience and your data breach security.
This article covers what vulnerabilities to consider when printing:
  1. Consider whether a document needs to be printed, or why it is being printed: if a document containing personal data is printed then it becomes a potential data breach as soon as it has been taken out of it's secure environment. What happens to that document once it has been printed?  Where is it stored? Who is it shared with (is the access control the same as when it was in an online system?). What happens to that document when it is no longer required?
  2. PIN/Card/Fob controls for printing: if documents fly out of the printer with no access control, there is the potential of a data breach. Anyone by the printer can pick up, move, put other documents on top of the printer.  The access control that once protected that document is now no longer valid.  Consider too who has access to the printer out of hours if there are documents lying around.
  3. Recycling: consider what recycling is near the printer and whether it is valid for the type of printing i.e. if sensitive information is being printed is there a secure disposal method?  If the disposal method is not nearby is the risk of a data breach increased? Regularly check whether there is sensitive or confidential information in the general recycling pile.  Make staff aware of what to do when they find a document in the wrong location with no access control or security.  Consider the benefits of a 'no blame' culture.
  4. Printing Software: if you are using printing software to control how documents are printed then ensure that everyone has their own code, that the admin side has a dedicated admin account specifically for the purpose of the program and doesn't use the main admin account.  Ensure that account only has the admin privileges it needs.  Ensure that the software is regularly updated, using vulnerabilities in programs like this that have an admin account which allow access to an organisation's resource via an external method, is an easy way for a hacker to sneak onto your network unnoticed. 
This article was inspired by regular visits to organisations but also because of a recent vulnerability announced by PaperCut:
PaperCut Security Bulletin March 2024

In the world of digital dominance it is very easy to overlook the seemingly innocuous world of paper, it can be easy to forget that any controls around printing may have vulnerabilities other than a paper document.  Tools like PaperCut are valuable tools allowing document management, helping reduce costs and helping people review what needs to be printed in a planet-friendly way.  These types of tools can help track print jobs, provide quota management, secure print release as well as mobile printing facilities.  Because of the nature of such printing solutions that need to integrate with an organisations network and systems, it expands the attack surface of a cyber attack, it can create a gateway in to other systems and data, can cause system disruptions or can lead to more sophisticated attacks, particularly if your organisation is labelled as vulnerable or easy to target.

Ensure that any systems that give access to external third parties, particularly via an admin account, are part of your cyber resilience program.

If you are interested in having a data walk around your organisation or would like to discuss your cyber resilience, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..

What to do in the event of a Cyber Attack 

Tell someone!  Report to IT. Report to SLT.

Unplug the computer from the internet by removing the ethernet cable or turning the Wi-Fi off. Isolate the infected device and pass to IT 

If you are a victim of a ransomware attack we would recommend reporting this to:
Action Fraud: https://www.actionfraud.police.uk/ as well as your data protection officer so they can advise about the data loss or your local police and ask for the cyber crime team or phone 101 and ask for the cyber crime team.

Most cyber crimes like these will also need to be reported to the ICO by your data protection officer. Our customers should email This email address is being protected from spambots. You need JavaScript enabled to view it..

These incidents should also be reported to the DfE sector cyber team at This email address is being protected from spambots. You need JavaScript enabled to view it..

Academy trusts have to report these attacks to ESFA.

Where the incident causes long term school closure, the closure of more than 1 school or serious financial damage, you should also inform the National Cyber Security Centre.

Always ensure there are backups you can restore from.  Preserving evidence is as important as recovering from the crime.

Forward suspicious emails to This email address is being protected from spambots. You need JavaScript enabled to view it.. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

Little Guide to ACTION FRAUD

Search