Reply to post: File names

Web doc iCliniq plugs leaky S3 bucket stuffed full of medical records

Anonymous Coward
Anonymous Coward

File names

Some organisations are remarkably ignorant about this. Doing an audit once on a government-related site we noticed that SNMP was turned on for printers with no security. We drew the attention of the management to the fact that anybody in IT with a simple monitor could read the files printed by most of the larger machines - so allowing people in HR to print files with titles like "Proposed headcount reduction 20xx" was probably not a clever idea.

Another organisation was set up so that documents printed in London went through print servers in the Midlands managed by IT workers in the North. Again simple inspection of print server records revealed interesting stuff.

There's a number of printers that need to have SNMPV3 as the only SNMP port, and a number of companies that really should think hard about not putting sensitive stuff through print servers.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon