The security threat lurking at your printing station
In the rush to secure networks and computers, agencies often overlook the risks inherent in multifunction printers.
Data management is a growing challenge for government. Petabytes of information -- including digital documents, consumer data, transactions and photos -- are piling up at all branches and divisions of local, state and federal government. Management and analysis of that data is a top priority, as is security and prevention of data leaks.
But while agencies focus on protecting their data networks, facilities and digital assets, they might be missing an unexpected area of vulnerability: multifunction printers (MFPs) and the hard-copy and digital workflows that surround them.
According to Verizon's 2012 Data Breach Investigations Report, employees contribute to 36 percent of data loss incidents in larger organizations. Furthermore, devices used by employees are generally the first point of entry for a potential security breach, including printers and MFPs.
When considering information security, agencies must carefully evaluate both physical and digital access. Who has access to confidential information printed from your devices? Are sensitive documents with confidential information lying exposed on the output tray where anyone could see them or accidentally take them? Can anyone in your organization walk up and retrieve a document?
The following preventive measures can help agencies minimize and defend against potential MFP data security breaches.
Authenticate users. It is important to remember that the data users send to a networked device can potentially be seen by anyone. Controlling an MFP begins by securing access to the device via user authentication, such as card access, keypad logins or personal identity verification. As an initial component of network hardening, a device-based login is a simple, effective way to control who can access particular features on a given MFP. It also enables an organization to build a detailed record of use that can be reviewed in response to security issues or to monitor overall efficiency.
Manage documents in the cloud. Data is moving to the cloud at an accelerated rate. Security (or lack thereof) is one of the biggest concerns for IT professionals because they must ensure that information is carefully tracked and managed. Consider output management and cost control software for MFP devices. Such tools are designed to provide effective control over your entire print fleet by offering solutions such as secure printing, document output accounting, cloud access management and device management.
Encrypt the devices' hard disks. The data processed and stored on an MFP might be laden with confidential information, especially in the government sector. Disk encryption is intended to protect data by using proprietary software or hardware to make files unreadable to unauthorized parties. Be sure encryption keys are unique to each device; otherwise, hard disks can be moved from one device to another and easily read. Also store the keys separately from the encrypted data.
In addition, it could be fairly simple to extract confidential information from an MFP even after it has been deleted unless the file has been effectively overwritten. To prevent such breaches, organizations should implement a hard-drive data-erase function to ensure that no traces of temporary data or deleted documents remain accessible on the device's disk drive.
Government agencies and the IT professionals who guide them are constantly looking for solutions that simplify and improve critical processes within their infrastructures. Given the risks associated with daily use of today's MFPs, don't leave your critical information exposed. Take a holistic view of security and partner with your office equipment vendor to ensure that you have a comprehensive strategy in place to mitigate risk.