welcome back to printing Security Intermediate Course. And in this lesson, I'm going to continue from the previous lesson in which I was talking about the best practices for securing or printing device. So, uh, you have seen in previous lesson that talk about disabling ports and protocols,
I'm here now going to go into more serious stuff. So first thing you should do is unable hardware encryption of devices storage. So if you're using HD or essence dean that device, it's usually HD for
so h d on. And if it's not by default encrypted, you should just make sure that's enabled
positive that any new device you buy today, which is a network printer which has agh today, has the option through the encryption.
Also, if it's possible if it exists, is is setting on a device configure right the SEC. And of course, if you can use it on your
on your network, you should configure it with I P sec in order to protect dating transit from server toe the device,
um, said PG Ellen file system password. So if
remember that PJ Elkan do a lot of settings over the device, and with the P J O. You can change some things. So if you set the PDO password, if there is some command that is not supposed to being in a regular print file,
the printer was simply asked for password so it will not execute these things. Also, you should set the passwords to excels file system. If that is an option,
if you're having an MSB, you should find a way to fix the content of from field on them. If he's why? Because if this field is left open, then somebody can misuse them. FB to send some compromising information or to track in some people
from somebody else's
email address. And that shouldn't happen.
So basically, in that way you are preventing identity spoofing.
And, of course, you should have the permanent fleet monitoring off the devices, using some kind of specialized money during tools.
Now, when it comes to all these passwords, when that I was talking about, you should set them, including embedded Web server password.
You should use random generated password, and you should use the maximum length password that is
possible for that particular passport on each device.
You should use fleet management Salter to set and store the passwords,
and you should use different passport in every device. So that means that if you're
having 100 devices people, usually they have just one password for all. For example, inventive observers.
You shouldn't do that. You should. You should have them entered, generated randomly and entered. Why are the Fleet management software
and you should set password also on the to the excesses of the fleet? Management softer. So in that way, everything is
very, very carefully protected.
And because these passwords are random generated and sometimes quite long, it would be really difficult for somebody to just see what you're typing if you're accidentally dumped typing it.
For example, if you're accessing imbedded observer of the device itself or so on.
So this way you're pretty safe also, Um, if you're storing your passport somewhere else, it should be in very surf surf location. I always recommend you have a notebook, which is stored somewhere in the safe place in the company and some kind of safe,
in which you should have that proved them printed or written down. So that's
that's definitely must, especially if you're using random generated passers, which nobody can remember.
So let's have a short learning check. What passport should be settled? Printers and the answers are emailed. Anybody that part admitted server passwords,
email and p jail passwords or P jail and file system passwords.
And the correct answer is B J l and file system passwords. Email passwords are not to be set on printers.
So in this video you have learned about remainder off general best practices for printing security
in terms of settings
off the device. And next lesson, I'm going to talk about specifics in protection about it. Maybe verbs there were attack.