Skip to main content
Skip table of contents

Device and Network Security

MyQ X provides comprehensive device and network security controls to protect multifunction devices (MFDs), printers, and network infrastructure from unauthorized access and exploitation.

Multi-Function Device Security Hardening

Organizations deploying MyQ X with MFDs should implement security best practices including:​

Device Access Controls: Restrict physical access to printers to authorized locations and personnel only, reducing exposure to tampering or theft.

Unused Protocol Disabling: Turn off unnecessary device protocols and services that are not required by MyQ X, reducing the attack surface of each device.

Default Credential Management: Change all default administrator passwords on devices to strong, randomly generated credentials. Factory defaults are commonly known to attackers.​

Internal Hard Drive Protection: If devices support internal storage of print jobs for reprinting, implement encryption (AES) and automatic data overwrite features to prevent unauthorized access to stored documents.​

Network Segmentation and VLAN Configuration

MyQ X supports network segmentation strategies to contain potential device compromises:​

VLAN Isolation: Separate printer and device network traffic from general user and administrative networks using virtual LANs, limiting lateral movement if a device becomes compromised.

Subnetting and Access Control Lists: Implement network-level access controls using Access Control Lists (ACLs) to ensure only authorized systems can communicate with print devices and servers.​

Firewall Rules: Block unnecessary inbound and outbound traffic from printer subnets, limiting connectivity to only essential services and preventing infected devices from accessing other network resources.​

FQDN Enforcement: All network communications must use fully qualified domain names (FQDN) rather than IP addresses or short hostnames, preventing DNS-based man-in-the-middle attacks and ensuring proper certificate validation.​

SNMP v3 Security Implementation

MyQ X enforces modern SNMPv3 protocols with strong encryption for device management:​

Insecure SNMPv1 Prohibition: Legacy SNMPv1 communication must be disabled entirely, as it transmits credentials in clear text and lacks encryption.

SNMPv3 Configuration: All SNMP communication must use SNMPv3 with:

  • Strong, randomly generated passwords for authentication

  • SHA1 or stronger hashing algorithms

  • AES encryption for data confidentiality

  • Per-device, unique credentials specific to each MyQ deployment​

Printer Credential Management

MyQ X recognizes that printer credential management is vendor-specific and requires customer-side implementation:​

Strong Password Requirements: All printer administrative credentials must use strong, randomly generated passwords rather than default or simple credentials.

Credential Rotation: Periodically update printer passwords according to organizational security policies to reduce the risk of compromised credentials.

Access Restrictions: Limit printer management access to authorized personnel only through firewall rules, physical access controls, and role-based permissions.

Firmware Security and Update Management

Maintaining current device firmware is critical for security:​

Automatic Updates: Configure devices to automatically receive and apply manufacturer firmware updates that address newly discovered security vulnerabilities.

Vendor Security Advisories: Monitor manufacturer security notifications for critical vulnerabilities affecting deployed devices and apply patches promptly.

Update Testing: Test firmware updates in non-production environments before deploying to production printers to ensure compatibility and functionality.​

USB Port Management and Restrictions

MyQ X supports administrative controls for device USB connectivity:​

USB Port Disabling: Administrators should disable inbound USB ports on MFDs to prevent:

  • Direct printing over USB, bypassing MyQ security controls

  • Direct access to device hard drives and stored data

  • Unauthorized use of device functionality

Secure Direct Print Alternatives: Enable only approved secure printing methods (IPP/S, AirPrint with MyQ integration) while blocking insecure direct USB access.

This comprehensive device and network security framework ensures that print devices remain secure components of the MyQ X infrastructure while maintaining operational efficiency and organizational security posture.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close