Are printers the missing link in your network security?


Are you amongst the 60% of businesses in Europe and the USA that reported suffering a data breach due to insecure printing in 2018? If not, have you seriously considered the security of your MFP’s (Multifunction Printers)? And do you have a print security program in place?

The current scale of security threats

Cybercriminals in the UK alone attempted between 900 to 359,000 hacks per day throughout 2018. Therefore it is imperative that you not only act but are aware of procedures and policies currently in place. Your MFP’s are a direct route to your corporate network if left unsecured. They can easily be utilised by cybercriminals to access your data and information. This includes passwords and confidential documentation. Potentially there are even wider implications in terms of GDPR (General Data Protection Regulation) and compliance.

Read more in our GDPR and data cleansing insights article.

Cyber threats are constantly evolving

Threats to corporate networks are constantly evolving, becoming ever-more advanced and sophisticated. These attacks come in many forms. A computer virus is designed to spread from one computer to another. As a result, it can disable security settings, steal data or even erase all the information on your hard drive. Similarly, unpatched vulnerabilities can leave your network open to attack from hackers directly accessing your corporate network.

Print security

Fundamentally security is about the context and culture within your organisation, not simply a stand-alone topic. It’s important you put the following at the centre of what you’re doing.

What’s in place to protect your data?

Confidentiality

Consider access and sharing restrictions and policies.

This prevents unauthorised modification and falsification. It also acts to protect your organisation from targeted or opportunistic threats within the business. Mobile working adds complexity to any cybersecurity scenario. Additional security measures need to be in place to accommodate file sharing from any location. Those files must be as secure in transit over networks and across devices as they are in storage. Strong encryption technology can effectively follow and protect data throughout its lifecycle. This naturally applies to documents but extends to crucial security elements such as stored passwords, macro setting and address books. With encryption in place, even if hackers were able to access your network, they would struggle to extract any usable information. Helping to preserve its integrity even in the event of a breach.

Integrity

Provide and adhere to guidelines regarding editing and viewing rights on documents and how they flow through the business.

Effective data controls are crucial to helping you maintain data confidentiality and integrity. Your business information is a primary asset and needs to be protected. Limiting employee access to the information travelling through any office Multifunction Printer (MFP) is a crucial best practice step for maintaining document security.

Availability

Providing security without causing inaccessibility is key. 

This means you must have the right process, software, and training for your people. This will help them utilise print and access information/documents as and when needed whilst maintaining confidentiality and availability.

Functionality vs security

Another focus area is the increased functionality of your multifunction printer. Items such as scan-to-email can also bring with it security concerns as personal data is collected. It is important that your organisation considers card authentication to ensure only authorised users can access sensitive documents. A print management system such as Streamline NX or Equitrac can restrict print output to exactly when, and how it is needed.

Your multifunction printer has a memory function, which increases speed and allows for complex printing to take place by utilising programming languages. However this memory function can also mean that images may remain stored on the hard drive following each print, copy, scan or fax, so it’s important for you to know how these can be overwritten.

To find out more about potential places where residual sensitive and personal information may be found on a standard MFP take a look at page 3 of our data cleansing brochure.

Meeting the highest standards

It’s also important to check that your multifunction device complies with the IEEE 2600 security standard, a family of international standards for security functions of hardcopy devices. These address security requirements across different environments from military forces and governments, public environments, large companies, and SOHOs.

End of life is not the end of your responsibility

Lastly, your data lives on in your devices. Therefore it is important to ensure that the end of life process is managed and cleaned of any sensitive data, as failure to do so will mean this information can still be accessible to anyone who obtains the device. Keeping track of where this data is held and how it is disposed of is crucial for businesses to adhere to GDPR guidelines.

Security is an ever-changing need and it’s important that your organisation is prepared; consultancy and comprehensive managed services allow you to monitor, optimise and manage both your document and information security. Keeping you one step ahead of the cybercriminals and safe in the knowledge that you can meet GDPR, compliance and data standards.

Multifunction printers shouldn’t be the missing link, they should complement your network security.

If you’d like to find out more: Download our latest guide – ‘4 steps to secure your MFP’.

If you‘d like to learn more about office printing and security for your multifunction printers, feel free to drop me a line on LinkedIn.


Andrew Levy
Andrew Levy
andrew.levy@ricoh.co.uk

Data Security Service Manager at Ricoh UK

Read all articles by Andrew Levy