The common-or-garden printer, as soon as a buzzing hive of enterprise exercise, was largely eclipsed by digital doc administration years in the past. But the oft-overlooked workplace workhorse retains a foothold within the fashionable IT property, posing potential safety dangers for lax organizations.
“Printers are not simply innocent workplace fixtures – they’re good, linked gadgets storing delicate knowledge,” Steve Inch, world senior print safety strategist at HP Inc., stated in a press launch accompanying a report published by the vendor final month. “The improper alternative can go away organizations blind to firmware assaults, tampering or intrusions, successfully laying out the welcome mat for attackers to entry the broader community.”
Many organizations are leaving the door vast open for malicious actors, in accordance with HP’s survey of greater than 800 enterprise IT and safety decision-makers. Regardless of devoting a mean of three.5 hours per 30 days to printer administration, solely 36% of respondents stated their organizations set up firmware updates promptly.
Failure to remediate identified machine vulnerabilities can be a rampant downside, HP discovered. Simply over one-third of respondents stated they will monitor unauthorized printer {hardware} modifications or determine machine vulnerabilities primarily based on printed safety suggestions.
In 2023, the FBI and Cybersecurity and Infrastructure Safety Company warned PaperCut customers that unhealthy actors have been exploiting a vulnerability in the print management software. The exploits started after the seller launched a patch.
“You can’t ignore the print infrastructure and anticipate that malicious unhealthy actors are going to disregard it as effectively,” Boris Balacheff, chief technologist for safety analysis and innovation at HP, advised CIO Dive. “If you wish to have an honest enterprise safety posture, you need to have an honest print infrastructure safety posture, too.”
A part of the issue is a scarcity of visibility. Enterprise printers usually elude centralized administration, which makes it troublesome for IT and safety leaders to maintain monitor of each unit, in accordance with Balacheff. When mergers and acquisitions add to an already dispersed fleet, the challenges multiply.
“We discover corporations the place printers are nonetheless managed by services or actual property — nowhere close to IT,” Balacheff stated. “You’ve acquired doorways, you’ve acquired lights and also you’ve acquired printers.”
Shadow IT poses pointless safety dangers, no matter whether or not it’s an utility or a networked machine.
“You would not dream of exposing knowledge to a pc that wasn’t managed correctly,” stated Balacheff. “The printer is rather like a pc you should shield on the community — it is an IoT machine and it’s all the time on.”
The persistence of print
Whereas demand for printers has flagged as legacy fleets are retired in favor of paperless alternate options, reliance persists in specific verticals, together with finance, healthcare, authorities, authorized and retail.
Expectations that the enterprise printer will quickly be relegated to the IT scrapheap are, at finest, untimely, Keith Kmetz, program VP for imaging, printing and doc options at IDC, stated in an e-mail.
“Many organizations try to chop again on their print infrastructure, however this can be a discount, not an elimination,” Kmetz stated.
Producers shipped practically 79 million printers and multifunction peripherals that carry out printing, scanning and copying duties final 12 months, in accordance with IDC analysis. The agency expects the market to regularly contract by 10% within the subsequent 5 years. But the trade will nonetheless ship an estimated 70 million models in 2029.
Print’s endurance displays a mixture of human preferences, regulatory necessities and IT capabilities. Some organizations lack the technical infrastructure to shift completely to digital processes. Others favor print for aesthetic worth and different causes.
“Bodily paper-based paperwork are tougher to disregard than the bombardment of digitally primarily based content material we obtain on daily basis,” Kmetz stated. “The paper doc is a name to motion.”
Nonetheless, printers have fallen off the C-suite radar in lots of organizations — and out of safety oversight.
“Let’s face it, print isn’t the sexiest factor to promote on a regular basis to a CIO,” John Bruno, president and COO at Xerox, stated throughout a Q1 2025 earnings call in May, for the three months ending March 31. The corporate noticed income in its print division drop 8.6% year over year to $1.4 billion in Q2 and has been pivoting to IT and digital companies since initiating an organizational overhaul in January 2024.
HP skilled a much less extreme decline of 4% in printer revenue to $4.2 billion through the second quarter of its 2025 fiscal 12 months, which ended April 30. The corporate expects income for its printer division to proceed to say no via the tip of the 12 months however has nonetheless invested within the rollout of its first quantum-resilient enterprise printer, President and CEO Enrique Lores stated throughout HP’s Q2 earnings call in May.
“Safety budgets usually are not spent on shopping for tools, however IT goes to need to cope with any points that exist in the way forward for the community,” Balacheff stated. “The problems you need to handle via the lifetime of the printer usually are not issues that have been essentially thought of forward of time.”
Many enterprises procure printers below lease or managed service contracts that final between three and 5 years and dictate refresh cycles, in accordance with Kmetz. Unserviced legacy models can spend far longer churning out pages in corners of the enterprise the place IT doesn’t journey.
“For gadgets not below a contract, there’s most likely a extra ‘if it’s not broke, don’t repair it’ mentality,” Kmetz stated. “In such situations, it’s widespread to search out printers and MFPs which are 10-plus years outdated.”
