T 2.122 Inappropriate use of all-in-one devices
All-in-one devices are a space-saving and economical solution for providing the users with scanning, printing, copying, and often faxing functions. All-in-one devices also often contain an integrated communication interface for data connections and are connected to the telephone network. There are network-capable devices which are available to a large group of users as well as single workstation solutions, for example with USB interfaces.
Due to the integration of the scanning, printing, and copying functions into a single device, the IT security requirements are higher than when using separate systems since such devices also represent a "Single Point of Failure". For example, when one function fails, the entire device will need to be repaired, meaning the functions not affected will also be unavailable for use during this time.
If a communications interface to the telephone network (e.g. fax modem) or the Internet is integrated into an all-in-one device, then central protection mechanisms such as a security gateway can be bypassed in this manner. This may result in the creation of an unprotected access point to the Internet in the LAN.
Any maintenance access points provided by the manufacturer that are not documented may also permit access to the LAN under certain circumstances.