Time
2 hours 52 minutes
Difficulty
Intermediate
CEU/CPE
3

Video Transcription

00:00
Welcome back to Prince Security Intermediate Course and the in previous lessons I have been talking about. How what are the best practices for protection of printing devices?
00:10
And in this one, I'm going to talk about protection again. A specific protection against embedded observer attack.
00:17
So what? What you will learn in this lesson is how to prevent the medical serum in the population on all of your print, the devices.
00:26
And just to mention that incredible server hacking is the most common type of attack. So if the device is not protected if devices visible from the Internet,
00:36
then the first thing that anybody who is savvy in printing print device hacking is that they will go for him. But it server because this is like operating system or settings off operating system awful printing device
00:52
because they're constantly looking for on protective devices because that's the easy way into the network.
00:59
Um,
01:00
and very important thing regarding embedded observer security is to monitor devices after they have bean serviced. Why, Because sometimes
01:11
for uh,
01:11
reasons off being able to perform some service tasks,
01:17
the service technician has to,
01:19
for example, cancel old,
01:23
uh, security protection of invented observer
01:26
or if they have changed the format, they're bored or rendering board of the device.
01:33
Then the new one will come without password now, because they are not your employees, they are external company. You usually don't hire service technicians to repair printers inside the company.
01:45
You will have the situation which in which they are not allowed to know the password for the device so they will return it to you,
01:53
maybe with all the network settings that this device requires. But we doubt the embedded Web server passwords set or all other passwords on the device because they didn't know what to put there.
02:06
So
02:07
this. If you don't have the procedure in which the device coming back from service repair or if the service technician has repaired the device on site,
02:20
you have to have the procedure in which you will check the device and implement these things before this device is connected to the network. This is very important. If you just connected and say, Okay, I'll do it later. This later might be tomorrow or day after tomorrow, and that is already too late.
02:42
Also, all standard defined security measures
02:46
for all printing devices must be implemented in miter, and this is really important thing.
02:52
If, for any reasons you do something with the device and leave it in the non standard set up,
03:00
you should be able to use your fleet management software to set thes things back. And also you should be having some kind of standard checkup off the devices on the network on a regular basis
03:15
that will find the devices that don't have
03:19
the security settings as they should be, and at least warn you, if not correct the these things automatically.
03:29
So these are all that into guarding, embedded observer there simple to implement. But they have to be maintained and looked after carefully
03:38
and with great
03:43
constant attention. Because if it doesn't, if if there is no constant monitoring off all devices
03:53
for very short period of time, somebody can just jump in and install backdoors on the device. And then even if you implement all the security measures after that,
04:01
it's already too late.
04:03
So this was a short
04:05
listen and let's do the short
04:11
No Egypt so wise. Embedded Web server attacks most common
04:15
because people forget to securing the server because embedded Web service and notoriously instead unsecure, or because printing devices and hallways are particularly prone to it. And the correct answer is because people forget to secure, embedded, observed.
04:33
So in this video, in this listen, I have been talking about,
04:39
um, specific methods and practices that are used to protect against attack on printers Embedded observer.
04:46
Um, and in next lesson, I'm going to talk about specifics regarding protecting yourself again Spring job attack.

Up Next

Intermediate Printing Security

The Intermediate Printing Security course is intended for IT and cybersecurity professionals that want to learn how to secure print devices.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor