Abstract:
Many office devices have a history of being networked (such as printers) and others without the same past are increasingly becoming networked (such as photocopiers). The ...Show MoreMetadata
Abstract:
Many office devices have a history of being networked (such as printers) and others without the same past are increasingly becoming networked (such as photocopiers). The modern networked versions of previously non-networked devices have much in common with traditional networked servers in terms of features and functions. While an organization may have policies and procedures for securing traditional network servers, securing networked office devices providing similar services can easily be overlooked. In this paper we present an evaluation of privacy and security risks found when examining over 1,800 networked office devices connected to a large university network. We use the STRIDE threat model to categorize threats and vulnerabilities and then we group the devices according to assessed risk from the perspective of the university. We found that while steps had been taken to secure some devices, many were using default or unsecured configurations.
Date of Conference: 27-30 June 2011
Date Added to IEEE Xplore: 18 July 2011
ISBN Information: