Carlo Longhi explains how to secure your office printers
While the average business underestimates the number of pages it prints by 70%, most are also surprised by the high cost of printing, which can amount to 1 to 3% of annual turnover, according to IDC. Much of this cost is unnecessary – caused by employees who print personal documents or needlessly print work documents. Additionally, an estimated 20% never collect their documents at the printer.
The consequences of printer mismanagement aren’t limited to the financial sphere but extend to what can be a far more serious problem – the security of the company network and the confidentiality of its data.
According to analyst firm Quocirca, more than 60% of organisations believe they experienced at least one printing-related data violation in 2016. If the Ponemon Institute is right and the average cost of a data breach for UK businesses is £2.48 million1, that represents a substantial financial threat.
With each UK business experiencing an average of 231,028 internet-borne cyber attacks during 20172, small and medium-sized businesses (SMEs) have as much to fear as enterprises, partly due to the connections they may have with larger organisations. While bigger corporations typically have several layers of security in place, SMEs may not, allowing access to valuable data through a back door on their network.
For hackers to gain entry into a corporate network and seize data, all it takes is a single, unsecured printer. In some respects, printers present more of a risk than network servers and PCs, and there are numerous ways they can leave organisations vulnerable to attack:
As computing devices in their own right, printers provide a backdoor to the network through which hackers may bypass firewalls and intercept confidential information;
Multifunction Printers (MFPs) are often set up to scan documents, most notably via email protocol, allowing anyone to send confidential information without detection;
Confidential information is often left unclaimed in output trays, allowing unauthorised access to sensitive documents; and
As printed documents are transported to different locations, the risk of those documents being left in public places accidentally or the information being seen by outside sources increases.
The potential for a data breach should drive businesses of all sizes to take a proactive approach to security. Here are six steps companies can take to ensure they’re on the right track:
Step one: Protect printers These can represent a network gateway for hackers. Early detection of malicious attacks and intrusions on these devices can serve as the first guard against a potential breach.
Step two: Authentication Set up all machines with the right level of authentication or access control so that only authorised persons have access to resources.
Step three: Protect the documents themselves Digital rights management capabilities, such as secure watermarking, digital signatures and PDF encryption, are very effective at discouraging unauthorised copying or transmission of sensitive information.
Step four: Strengthen data security Encrypt data, use electronic signatures and apply non-repudiation to messages to authenticate their integrity and origin. To ensure data is erased when an MFP is moved or thrown away, data overwrite kits should be used to remove all scan, print, copy and fax data on the hard disk drive.
Step five: Don’t leave documents in the printer tray Implement user authentication to eliminate the risk of unclaimed output being left in printer trays. Unclaimed documents might contain salary details, financial plans or sensitive employee data – none of which you want falling into the wrong hands.
Step six: Print your own documents
Take control of print security by printing your own work. Remote workers should use mobile printing instead of getting someone else to print their fles, which increases the chances of documents being saved unsafely or left around for someone else to pick up.
Ultimately, print security requires a multi-faceted security strategy that minimises the opportunity for malicious activity by monitoring, managing and reporting on every device regardless of model or age.
The good news is that print solutions are available for businesses of all sizes, the latest of which feature security options, such as convenience authentication, that are flexible, affordable and easily activated. To avoid costly data breaches and secure their valuable data, SMEs just have to implement the option most appropriate for them.
Carlo Longhi is Xerox’s director and general manager, indirect channels UK & Ireland.