Best Practices - Un-Managed Printers
Understanding the Security Impact of non-Crimson Printers
In the absence of Crimson Print, it is crucial to follow best practices to ensure secure printing operations.
This page outlines the most common threats of non-Crimson Print setups within the Harvard University network and provides practical steps to help you safeguard privacy and protect data.
NEEDS EDITING Common Risks
| Category | Why It Matters |
|---|---|
Weak or Default Passwords | Many IoT devices come with pre-set default passwords that are easy for attackers to guess or find online. |
Unpatched Software and Firmware | Manufacturers may not always provide regular updates, leaving devices open to known vulnerabilities. |
Lack of Encryption | Data transmitted by IoT devices may be unencrypted, making it susceptible to interception. |
Poor Network Segmentation | Connecting IoT devices to the same network as sensitive work or personal devices increases the risk that an attack on one device could compromise others. |
Data Privacy Concerns | IoT devices often collect and share personal data, sometimes without clear user consent or adequate protection. |
Insecure Remote Access | Improperly configured remote access features can allow unauthorized users to gain control over devices. |
Best Practices
Securely Configure
- Devices on Harvard networks or apps must be securely configured with unique credentials and proper registration.
- Printers must be on the Harvard Secure network and require VPN for IP printing.
- Non‑compliant printers must be moved to the Harvard Secure network.
Keep Devices Updated
- Department/printer owners must regularly update printer firmware.
- Monitor printer usage and logs for unusual or suspicious activity.
Control Access
- Users must connect to VPN for IP printing.
- Use PIN/user code release for print jobs when supported.
- Restrict printing to authorized users only.