Title :
How secure are networked office devices?
Author :
Condon, Edward ; Cummins, Emily ; Afoulki, Zaina ; Cukier, Michel
Author_Institution :
Center for Risk & Reliability, Univ. of Maryland, College Park, MD, USA
Abstract :
Many office devices have a history of being networked (such as printers) and others without the same past are increasingly becoming networked (such as photocopiers). The modern networked versions of previously non-networked devices have much in common with traditional networked servers in terms of features and functions. While an organization may have policies and procedures for securing traditional network servers, securing networked office devices providing similar services can easily be overlooked. In this paper we present an evaluation of privacy and security risks found when examining over 1,800 networked office devices connected to a large university network. We use the STRIDE threat model to categorize threats and vulnerabilities and then we group the devices according to assessed risk from the perspective of the university. We found that while steps had been taken to secure some devices, many were using default or unsecured configurations.
Keywords :
computer network security; data privacy; risk management; STRIDE threat model; networked office device security; privacy risk assessment; security risk assessment; university network; Educational institutions; Object recognition; Performance evaluation; Printers; Privacy; Security; Servers; network security; networked devices; printers; privacy; risk assessment;
Conference_Titel :
Dependable Systems & Networks (DSN), 2011 IEEE/IFIP 41st International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4244-9232-9
Electronic_ISBN :
1530-0889
DOI :
10.1109/DSN.2011.5958259
