Information Technology Policy Manual 2022

Printer Secure Configuration Standards City of Greensboro, NC Cyber Security Division

PURPOSE Define secure configuration standards to protect printers and multi-function devices from unauthorized access and disclosure of information being printed, copied, emailed and faxed. SCOPE The standards apply to all City owned and leased printers and multi-function devices.

ROLES AND RESPONSIBILITIES Function

Responsibility

Cyber Security Division

• Work with technology groups to define the standards • Communicate the standards • Run vulnerability scans against printers and multi- function devices to ensure compliance to the standards • Configure printers and multi-function devices according to the defined standards

IT Systems Administrator

STANDARDS 1) Change the default password used for device management. Active Directory authentication should be enabled if the device supports it. 2) Change the default SNMP community string. 3) Disable Wi-Fi and Bluetooth if the device supports it. 4) Disable FTP services.

5) Disable any unused protocols such as IPX and AppleTalk. 6) Secure access to writeable shares used for scanning functions. 7) Ensure the device’s internal hard drive is encrypted. 8) When decommissioning printers, ensure the following is being executed: a. Erasing the hard drive b. Resetting the printer configuration to factory default

6 1 | P a g e

Printer Secure Configuration Standards

2/21/2022