Best Practices - Un-Managed Printers

detailed pic of hand on printer

Understanding the Security Impact of non-Crimson Printers

In the absence of Crimson Print, it is crucial to follow best practices to ensure secure printing operations. 

This page outlines the most common threats of non-Crimson Print setups within the Harvard University network and provides practical steps to help you safeguard privacy and protect data.

NEEDS EDITING Common Risks

CategoryWhy It Matters
Weak or Default Passwords
Many IoT devices come with pre-set default passwords that are easy for attackers to guess or find online.
Unpatched Software and Firmware
Manufacturers may not always provide regular updates, leaving devices open to known vulnerabilities.
Lack of Encryption
Data transmitted by IoT devices may be unencrypted, making it susceptible to interception.
Poor Network Segmentation
Connecting IoT devices to the same network as sensitive work or personal devices increases the risk that an attack on one device could compromise others.
Data Privacy Concerns
IoT devices often collect and share personal data, sometimes without clear user consent or adequate protection.
Insecure Remote Access
Improperly configured remote access features can allow unauthorized users to gain control over devices.

Best Practices

Securely Configure

  • Devices on Harvard networks or apps must be securely configured with unique credentials and proper registration.
  • Printers must be on the Harvard Secure network and require VPN for IP printing.
  • Non‑compliant printers must be moved to the Harvard Secure network.

Keep Devices Updated 

  • Department/printer owners must regularly update printer firmware.
  • Monitor printer usage and logs for unusual or suspicious activity.

Control Access 

  • Users must connect to VPN for IP printing.
  • Use PIN/user code release for print jobs when supported.
  • Restrict printing to authorized users only.