simply to take some of the edge off any widespread concern. HP responded quickly by patching the
            vulnerability of its printing engine, but similar vulnerabilities could exist for other vendors.

            The Faxploit event is an excellent opportunity to bring fax security to the forefront: it is an application that
            IT professionals need to handle with the same level of care as they would their networks and email
            servers. Luckily, fax security is straightforward. Here are a few actionable steps you can take to minimize
            potential risks.

            Patch  your  MFDs:  HP’s  timely  release  of  security  patches  amidst  the  Faxploit  buzz  caused  other
            multifunction device manufacturers to follow suit. Make sure that your MFD firmware is up to date with
            the latest security fixes.

            Unplug  unused  machines:  Fax  machines  aren’t  inherently  secure,  but  up  until  recently  they  had
            escaped most IT departments’ notice. Are there MFDs around your office used strictly for printing or
            scanning? The biggest risk is not the machine itself but the phone line attached to it. Unplugging the
            phone line from machines that aren’t used for fax functionality is a great step towards attack surface
            reduction.


            Segment  your fax devices:  Network segmentation should become a top priority for fax and printer
            devices that are consistently used. These machines have a different security risk profile than the desktop
            environment,  whether  choosing  to  do  this  using  VLAN  controls,  firewalls  or  any  other  means  your
            organizations finds best. In fact, the motto “if a device doesn’t need to talk to anything else on the network,
            segment it” is a good rule of thumb for security policies in general.

            Fax Use Is Not Limited to Fax Machines

            While fax remains a widely used method of transmitting sensitive documents, faxing  itself should no
            longer be synonymous with the use of fax machines. Compliance regulations like HIPAA for healthcare,
            SOX for the finance industry and GDPR for any company who maintains records of EU citizen’s personal
            data, all urge organizations to go digital when it comes to the exchange and storage of sensitive data.

            Over the years, it’s easy to see how mail has evolved from being delivered on horseback to today’s virtual
            inbox – the same can be said for fax. Fax-over-IP technology has taken the throne as a highly secure
            and  user-friendly  way  for  organizations  in  any  sector  to  transmit  their  confidential  information.  FoIP
            servers greatly reduce the area of attack and significantly reduce the efforts necessary to maintain a
            highly secure fax infrastructure.

            Information security is a moving target, and so are the efforts of cybercriminals. Although zero security
            risk cannot be achieved, there are solutions that can be implemented by organizations that relieve much
            of the guesswork, stress and micromanagement involved in building strong information security policies
            – FoIP is one of them.













                                 109