Is printing the biggest security threat for your business?
Wes Mulligan says organisations are on high alert when it comes to network security, yet they are overlooking the potential risks posed by the many printing devices that are connected directly to their network
Wes Mulligan, CEO, Danwood
According to the Department for Business, Innovation & Skills Information Security Breaches Survey, 90 percent of large organisations reported that they had suffered a security breach in 2015. Cyber-crime, hacking and malware are prominent security concerns, typically linked to networks, the internet and mobile devices. But given the importance that organisations are placing on security, it is surprising that a fundamental component of any data security strategy is so often overlooked – print!
According to research firm Quocirca, 63 percent of businesses surveyed admit to experiencing one or more print-related data breaches. The print environment plays a vital role in keeping an organisation's information safe, yet IT teams often consider this as beyond their remit and the responsibility of someone else.
Employee behaviour and inadequate workplace print policies are creating big security holes for businesses and putting them at risk of data breaches. A recent survey by Danwood of 1,000 office workers reveals, 94 percent of office workers have at least one bad printing habit that is risking security in their organisation. Over a quarter (27 percent) of office workers have thrown away printed documents without shredding, 24 percent have printed documents but left the copies in the printer tray and one in five have picked up someone else's documents from the printer.
It's not just the actions of employees causing a potential security risk either; many companies are guilty of not providing secure printing features or ensuring their print devices are protected from threats. According to the Ponemon Institute, 64 percent of IT managers believe their printers are likely infected with malware. At the same time, 56 percent of enterprise companies ignore printers in their endpoint security strategy. (1)
Organisations are on high alert when it comes to network security, following recent high profile cyber-attacks, yet they are overlooking the potential risks posed by the many printing devices that are connected directly to their network.
To fully protect themselves from security breaches businesses must consider print in the wider threat landscape. It is only when you have full visibility of your print and document infrastructure that you can confidently put in place the right controls to protect your business, employee and customer data.
This can include relatively simple tools, such as follow-me printing, which only prints out documents once a user is present at a device, right through to a full audit trail of everything printed through archived data capture.
By managing and securing the entire print process from user click to print collection, your business critical documents won't end up in the wrong hands.
Five steps to securing your documents
Here are five steps that your business can take to minimise the risk of print-related data breaches:
1. Manage your print devices. Whether you have 400 printers or three, they need to be monitored and managed. Remote management software makes this easier by automatically keeping tabs on all your devices.
2. Protect your documents. Make sure documents are stored on a secure hard drive to minimise the risk of data falling into the wrong hands. Many MFP's can be fitted with hard drive encryption and data erasing software as an optional extra, which will prevent data being stolen directly from the hard drive.
4. Integrate print into your security strategy. Printers and multifunction devices are connected to your network and that makes them as critical to your security as any mobile device or PC. Make sure they are integrated into your strategy and protected in the same way as any other connected device.
5. Conform with data protection mandates. User behaviour makes the ‘insider threat' a critical consideration in securing company data and information. The Information Commissioner has clear data protection mandates and these need to be understood by all members of your organisation. Define a security policy and clear user behaviour guidelines as to how information should be printed and shared.
(1) Source: Ponemon Institute, "Annual Global IT Security Benchmark Tracking Study", March 2015
Contributed by Wes Mulligan, CEO, Danwood