While Xerox (Fuji Xerox in Australai) has been taking various steps to protect its products, Rick Dastin, president of the company's office and solutions business group, said these higher walls were not enough, and suggested "a barking dog" was called for.
So Xerox will add McAfee Embedded Control to its devices, starting with on WorkCentre and ColorQube models in the first quarter of 2013. "The first thing it does is bark - it barks loud," he said.
One issue is that most people don't expect printers to be vulnerable to malware. Embedding the security software into the controller means users and administrators do not need to worry about it.
McAfee Embedded Control works by whitelisting the software that is supposed to run on the device and blocking everything else.
So even if malicious code arrives on the device, it won't be executed, Mr Moore said, making this a very effected way of securing devices.
McAfee Embedded Control reports any unexpected activity to McAfee's ePO, to the Xerox management tools, or (especially relevant to smaller organisations) via email. Potential customers and channels partners had reacted positively to this concept, he added.
There are a variety of malware vectors for printers, including the page description language data stream (ie, a malicious print job), email sent to the device, attacks on the built-in web server (which is intended for device management), replacing the hard drive with one containing malware, or putting the malware onto a USB drive which is subsequently plugged into the computer.
Malware functionality includes exfiltrating copies of print or scan jobs, and using the MFD to launch an attack from inside the organisation (eg, SQL injection attacks).
The most serious threats in this regard are criminal enterprises and state actors, Mr Dastin suggested.
Disclosure: The writer travelled to Las Vegas as the guest of McAfee.