Russian Market Update

The Russian compatible office printing supplies market is growing. According to the 2017 results, there has been a growth in sales of both new-build and remanufactured compatible cartridges. The sale of toner and parts also increased. It is expected the growth will continue between 2018 and 2020.

A number of Russian companies have organized their own domestic production of compatible cartridges. This means that bidders can now claim the cartridges they offer are “Made in Russia” when submitting large cartridge procurement tenders, which significantly raises their chances of winning the bids.

Russian industry leaders are confident that the creation and development of production in Russia is extremely important, since it gives an all important competitive edge in working with large buyers in the Russian market. Almost all leaders are making the most of the domestically made, “Made in Russia” cartridges.

They talk it up in media interviews. Take CACTUS Russia, the Russian compatible cartridges market leader, for example. CACTUS Director Roman Samoilov’s interview was featured in edition 18 of BUSINESS-INFORM Review. The company is very proud of its “Made in Russia” edge.

Presentations and reports on the topic are expected during the international BUSINESS-INFORM 2018 Expo in Moscow on May 15-17, 2018.

Unfortunately, the problem of counterfeiting has significantly increased in the Russian market. Three or four years ago, this problem was mostly related to OEM cartridges. Today, however, the Russian market has become more and more critical of poor quality compatible cartridges. Buyers are better educated and the quality global brands of compatible materials for office printing, are well known to them. Consequently, quality compatible brands are being counterfeited and are flooding the Russian market. This problem encompasses toners and drums as well as cartridges.

The growth of counterfeits in the Russian market negatively impacts the image of well-known quality brands of the OEM and the compatible supplies segment as a whole. When buyers see the product of well-known brands performing poorly they don’t investigate whether it was counterfeit or not. They simply stop buying it. Further, they advise their friends and colleagues to stop purchasing those products too.

Fighting counterfeits is only possible if the sellers take a proactive position in the marketplace. They must actively demonstrate to buyers the distinguishing features and benefits of their products. Sellers must also establish a connection with the buyer in order to obtain feedback when counterfeit product is detected. The fight against counterfeiting and promotion of quality products on the Russian market is one of the main tasks that Information Agency “Business-Inform” is trying to solve. It will be dealt with at the “SUPPLIER and the LARGE BUYER—the Dialogue Continues” conference at the BUSINESS-INFORM 2018 Expo on May 16, 2018.

I call on all quality office supplies manufacturers and suppliers to take part in this event. RT Media is the co-organizer of the BUSINESS-INFORM 2018.

Modern Office Printing: the Issues of Data Security

A science conference called “Digital Technologies in the Sphere of Transport Services was held at the Russian University of Transport in Moscow on October 11.  During the conference, 24 reports were presented dedicated to various aspects of modern digital technologies usage. Information Agency “Business-Inform” presented two reports at the conference.

The swift development of office printing has given rise to dual concerns of printing quality and informational safety. How to provide consistent, quality printing on a limited budget? Do modern office printing devices pose a threat to corporate data safety, and if yes, how does one identify and protect against the threat?

Modern trends in office printing in the Russian market:

  • Inkjet printing is pushing out laser printing;
  • Compatible supplies are pushing out OEM supplies;
  • The price of a printing device ceases to be the decisive economic factor for purchase, and is re-placed by the cost of ownership (three years as a rule);
  • Printer fleet service is rising. Companies that provide highly professional servicing of a corporation’s printer fleet are emerging and taking an increased share of the market.  (The growth of the printing outsourcing market in Russia is 20-25 percent annually);
  • Imports are declining. Russian startups are producing printing devices (Katusha printers/MFPs), laser cartridges (Cactus), and toner (Rostoner Ltd.)

These trends are quite dynamic. The Russian market changes very quickly, so any decisions to provide quality and information safety require endless monitoring.

Determining print quality in monochrome laser cartridges is a well-established process. The most popular standardized method to assess the quality of prints is the STMC (Standardized Test Methods Committee) guideline method. STMC testing was designed to be easy and affordable.  However, some questions remain unanswered:

  • Which printer service model do you choose to care for your fleet of devices?
  • Should OEM cartridges be used for remanufacturing? Or it is better to use quality, Chinese new-build cartridges instead?
  • Should the focus on testing remanufactured cartridges be on well-known American, European, Chinese, or Russian brands?

Choosing the right service model is a complex task and the decision should be  left with office printing experts.

Outsourcing is growing in the Russian printing market. More companies seeking cost-efficient and quality printing are resorting to the help of a third-party to assess the integrity of their printer fleet.  They undergo an initial fleet assessment and install software on their corporate computers to track the demands placed upon each printer. They assess each printer’s workload in comparison with other available printers. They also monitor the printer cartridge’s lifecycle.

Driven by the desire to achieve cost-efficient, quality printing, these companies allow these managed print service specialists (MPS) onto their premises to access to the company’s precious data. It is at this point new risks for the security of the company’s information emerges. These specialists are able to see the company’s data as they make decisions about incorporating new printers into the fleet. These outsourcers also recommended which cartridges will be used. In most cases these are Aftermarket cartridges containing chips that will remain a mystery for users during the life cycle of the cartridge.

Experts from Quocirca1 independently assessed the leading printing MPS providers in 2017. As a result of a customer survey, the organisation found three major issues were being faced by the customers of MPS providers:

  1. 82 percent of respondents noted that data safety risks are the first priority for them;
  2. Only 25 percent of respondents were sure that their office printing networks were safe;
  3. 60 percent of respondents indicated they had at least one data leak during the last year.

It is evident the issues on the implementation of MPS services are of concern to corporate users. This is especially interesting when reviewed together with information supplied in the InfoTrends2 2017 research report entitled “Office Document Technology Security.” According to InfoTrends, respondents had been spending 25-100 percent more on the security of their computers than on the security of their printers and MFPs.

There are certain risks for corporate data safety inherent in the businesses’ own printing devices. There are still misconceptions regarding printers among users:

  1. The printer is a “typing machine” with limited programs installed. The truth, however, is a modern printer resembles a computer more than a typewriter.
  2. A printer is a peripheral device that doesn’t store any confidential data, so an attack on it would be ineffective and illogical.

The truth is, however, completed tasks can remain within the memory of the printer, sometimes indefinitely. The printer is a very convenient “entrance” or gateway into the corporate computer network. Despite most modern printers having an obligatory delete function in their print settings, the overwhelming majority of users simply neglect the chance to study and activate these settings.

  1. A printer is a low-capacity and low-productivity device.

This is completely untrue. The modern printer is a very powerful system, and according to statistics, 80 percent of the time the printer is idle (in sleep mode). All the resources of the printer are available during this time and can be used with malicious intent.

The manufacturers of printing devices are also far from perfect in terms of providing data security with their printers. They do support their customers by providing data safety measures to thwart external cyber criminals. For instance, modern HP software performs unceasing device monitoring with a settings check (HP JetAdvantage Security Manager), using a program check (Whitelisting technology), and, in the case of a threat, BIOS loading (HP Sure Start). Many modern printers have the ISO/IEC 15408 data security certification.

However, the assessment of cyber-security risks in office printing devices is a very real concern. For instance, in January 2018 it was reported3 “NewSky Security specialists found 1,123 Lexmark printers installed in various companies, administration buildings and universities in the USA would have been quite vulnerable in case of attacks due to the user’s gross negligence. Those printers were incorrectly configured, open to the public Internet and easily accessible to anyone interested in controlling this type of device.” NewSky Security also found that 700 Brother printers were also configured in an unsafe way and open to the Internet access. As in the case with the Lexmark printers, administrative functions were also remotely accessible.

In some cases printer manufacturers overreach their claims of vigilance for security purposes. HP and others have misled consumers by tying the use of an OEM cartridge with the safety of the printer and data. “The printer is intended for use only with cartridges containing an original HP chip,” for example. They use chips as a way to thwart competing aftermarket cartridge functions. Cartridges with chips from other manufacturers may not work, and those working now may cease to work in the future. This way printer manufacturers urge users, for the sake of data security, to work only with original cartridges (expensive and with chips whose algorithms are known and understood by the manufacturer only)! Consumers are also warned not to interfere with the manufacturer’s subsequent firmware upgrades, which often render aftermarket solutions useless.

Press releases regarding the certification of modern Epson inkjet printers state that the versions of firmware, manuals, and other components were evaluated under ISO/IEC 15408 certification criteria. The firmware version in the ordered product may differ from the certificated version; and that the usage of the certified version may impose limitations of some of the functions.  The consumer is caught in competitive crossfire, and is utterly confused.

We shouldn’t forget about the real perpetrators wanting to get into your corporate network through a printer. According to one HP report4, the printer is one of the most vulnerable points through which hackers can get into the IT-structure of a company. In 60 percent of businesses, whose data had been hacked, the intrusion has been committed through the printers. As for serious intrusions, according to IT specialists, 26 percent were made through the printers.

These widespread user mistakes allow hackers to get into corporate computer networks. They are all easily recognized5:

  • Too much trust is given to the devices.

Printing devices have a range of services included by default, which opens a potential entrance to the printing device for hackers, and then into the corporate network as a whole.

  • Default passwords are left unaltered.

Quite often users lazily leave the passwords set to the default setting on the printer. This allows the hacker to manipulate with configurations, to change the tasks for printing and even to install malware on the devices that will further attack the rest of the corporate network threatening sensitive data and the system’s safety.

  • Open remote access.

Many organizations allow their employees to access their network both internally and externally (remotely) from outside the office premises. By doing so, they provide an opportunity for access to hackers.

  • Printing devices vulnerabilities.

As in case of workstations, servers and other network equipment, printing devices also have their vulnerabilities. For example, a recent notice emerged that the HP OfficeJet MFP has a very serious vulnerability. The transmission of a compromised fax message from this HP device can provide hackers with full control over this device, and consequently access to the corporate network.

  • Cloud printing.
  • Performing printing on public infrastructure, such as the Cloud, can open the device to attacks from hackers, and open up further network intrusion.

Be warned: printing devices are major points of vulnerability for corporate computer networks. Take the issues of data security seriously, especially as it pertains to printers. Share this information with your customers so as to not make their corporate network easy prey for both professional infiltrators and rookie computer hooligans alike.

Bibliography:

  1. Quocirica Has Evaluated Main Trends on the MPS Market (Quocirica оценила основные тренды на рынке MPS) – Business-Inform Review (Issue #17, 2017). – p.32
  2. InfoTrends Announces New Document Security Report (InfoTrends выпустило отчет о документационной безопас­ности) – Business-Inform Review (issue #15, 2017) – p.29
  3. Hundreds of Lexmark Printers Vulnerable to Attack (Сотни принтеров Lexmark уязвимы перед атаками) – Business-Inform Review (issue #18, 2018) – p.37
  4. HP Inc Discusses Secure MPS (В компании HP Inc обсуждают безопасность MPS) – Business-Inform Review (issue #14, 2017) – p.31
  5. Bart Barcewicz. Is Your Printer a Gateway to You Being Attacked? (Барт Барцевич. Защищен ли Ваш принтер от атак?) – RT Imaging World (issue #102, 2018) – pp. 35-39

Russian Aftermarket Opportunity Guarantees Success

The market for copier machines supplies has changed in 2016, in Russia. The economic decline and financial crisis has brought about a rapid growth of Aftermarket copier machines between 2015 and 2016.

In my opinion, now a great opportunity for Aftermarket now exists in this field. As a result of the tougher financial climate, many Russian end-users of copiers, who used to only buy genuine supplies, have started to use cheaper compatible supplies. And they’re having a good experience!

As a result, the number of end-users interested in Aftermarket solutions has increased dramatically in 2015-2016.

According to research conducted by “Business-Inform” in 2016, the Russian Aftermarket for copier machines will increase up to 18%. But if the Aftermarket dealers run 2 to 3 advertising campaigns showing Aftermarket solutions can provide end-users good value for money, the Russian Aftermarket could grow by 25%.

The Russian copier machines Aftermarket has a great opportunity for development. The only reason that could slow its growth is a lack of information about the technical and economic benefits of Aftermarket solutions for Russian end-users. That’s why I have reason to believe that advertising campaigns targeting end-users will be very successful.

It’s entirely up to the level of  Aftermarket dealers’ activity in the media environment.