Network Printer Security Policy & Procedures

This page details the policy and procedures to be followed for network printer setup – please contact your Departmental IT person or the SoE Help Desk to ensure your printer is configured properly.

Policy

Networked printers are very useful for offices with many users who want to share a single printer, but without proper configuration they can present security problems. This can range from spam communication resulting in unwanted printing to installation of malicious programs on printers with a built-in operating system. In order to ensure network security, network printers in SoE must meet the following criteria:

  1. All printers must be placed on the printer network.
  2. Local device password must be set and/or changed from the default.
  3. All unnecessary network protocols and ports must be disabled.
  4. Administrative password for Embedded Web Server must be set and/or changed from the default.
  5. For printers with built-in operating systems only:
    1. A (non-default) root password must be set.
    2. Remote access (ssh) as root must be disabled.

Procedures

Below are the procedures that your Departmental IT person or the SoE Help Desk will follow to set up your network printer:

  1. Connect to the Network: We will ensure it is placed on the printer network.
  2. Printer front panel (if these settings are available – see your user manual to determine where these are set):
    1. Set a local password – this cannot be reset through the UConn account system, so you should use something you will remember.
    2. Disable any ports or protocols you do not need. 
  3. Embedded Web Server (again, if available) – Open a browser on a computer (which must be connected to the UConn network) and type your printer’s IP address in the URL bar (outlined in red here).
    1. Change the default password – this cannot be reset through the UConn account system, so you should use something you will remember. If you use a password manager, you should save it there.
    2. Disable any ports or protocols you do not need. 
  4. Printers with Built in Operating System: You may be able to access settings by connecting the printer directly to a computer via USB. If not, you can connect via ssh as root@<your printer’s IP>.
    1. Set a root password.
    2. Create an alternate user for ssh access (be sure the user has permissions for ssh).
    3. Disable ssh for the user root.
  5. After Setup – I forgot my password: If you’ve forgotten your password, you can reset your printer to factory default settings (including the passwords). This is typically done either through the front panel or using a button combination. Check your user manual for instructions.