Ch. 1: The Importance of a Proactive Approach to Secure Printing

The world of data security is a constantly evolving cycle. As we develop new approaches to protecting our networks, hackers become more sophisticated in their methods of breaking in. Then, we take our security to the next level with the latest software and hardware technology, which presents the next “nut” for hackers to crack.

It’s a constant battle, which is why it’s so important to be proactive when building a secure printing strategy. If you’re not, then the bad guys will always be one step ahead of you.

Data breaches cost time, money, damage to your reputation, and most importantly, valuable information becomes exposed. Whether it’s something as sophisticated as a hacker in your system or a document on your printer tray that falls into the wrong hands, the damage is far-reaching.

Printers are often a company’s most vulnerable pieces of technological equipment, and oftentimes, they get less protection and security attention than other areas. Ask yourself this:

  1. When’s the last time you got new printers?
  2. How often do they get serviced?
  3. Are you up to date with your security patches?
  4. And the big one: can you honestly say that your printers are under the same security scrutiny as your computers?

Most security breaches happen at an endpoint device on a network. If you don’t feel confident in saying yes to question #4, then you may be more vulnerable to a security breach than you think.

Ultimately, there’s no better solution than working with an experienced managed print services (MPS) partner. These providers will stay on top of the latest security trends and ensure that you’re up to date with the software and hardware solutions that will keep your system secured. They’ll also build strategies that address your specific industry and company needs because no two situations are identical.

For more, check out our blog post, 4 Step Guide to Building a Secure Printing Strategy.

 

Security Checklist Graphic-01

 

 

Ch. 2: Why Copier Security Is So Important

The terms “printer” and “copier” are used pretty interchangeably in an office setting. However, copier machines are really made to do just that--copy--and maybe scan a document to your printer. Multi-function printers (MFPs), however, have far greater capabilities: printing, scanning, and faxing. Modern devices are connected to your network and can create automated workflows that increase productivity in the office.

Whether you’re using the term “copier” to describe your sophisticated MFP or just a basic copier, network security is paramount to protecting your data. Does your device:

  1. Connect to your network?
  2. Have a hard drive?
  3.  Have scanning and emailing capabilities?

If yes, then you need to make sure you have a proper security strategy in place. If you use your copier to scan documents to your email, for example, then that means it’s connected to your network and could be an entry point for would-be hackers. So, you can see why copier security is so important.

 

 

 

 

 

 

 

 

 

 

Fortunately, the understanding of printers as security vulnerabilities and the subsequent action taken to protect them has grown in recent years. However, there is still an overwhelming amount of companies and IT leaders who still don’t have the right security in place.

Hackers know this and they are always looking for different ways to get into your network and access your data. If you're not treating your copiers, MFPs, and other devices on your network with the same importance as your computers, then you might be giving them a way in.

What is Shoulder Surfing?

The ways that attackers are looking to gain access to a company’s data these days are becoming more clever. Sometimes, they will literally gain entrance to your building and walk around, looking for an opportunity to physically get onto your network or steal data. If it’s a big enough office with a high volume of employees and nobody knows every employee, it’s easy for someone to slip by unnoticed.

That’s where the term “shoulder surfing” comes in. Shoulder surfing is an observation technique that usually involves looking over somebody's shoulder and inspecting any of the information on their computer screen. Creepy, right? For these kinds of threats, it’s important for you to be conscious of who's around you.

Furthermore, once a security threat is in the building they can walk up to a printer and take copies that are sitting there, gaining access to sensitive information like employee forms, customer data, tax records, and more. 

The cost of a data breach is probably more than you want to think about. That’s why it’s so important to have strong copier and printer security in place. And, there’s no better alternative than working with a reliable, trusted managed print partner.

 

Ch. 3: Are Your Employees Sending Documents Securely?

Take a minute and think about how much paperwork is printed, scanned, stored, and shared at your office. It’s probably a lot, right? If your company is like most, almost all of your employees are using printers and sending documents on a daily basis.

That’s why it’s so critical to have a proper document security strategy in place. If your employees aren’t trained and equipped to send documents securely, it’s only a matter of time before sensitive data ends up in the wrong hands.

Outbound transmissions—sending to an email account or shared folder—are the most common form of transmission. To ensure that the information is being sent to the intended recipients, there should be some form of authentication, along with a tracking mechanism that identifies who took that action, whether it was electronic or converted to paper, and whether the document was sent outbound or inbound within the organization. 

Fortunately, many modern multi-function printers (MFPs) have security measures built into them so that individuals are required to authenticate their credentials in order to print. This helps to ensure that there is tracking for any items that are printed and/or sent electronically, leaving an imprint of who sent the document, who received the document, and whether it was sent internally or outside of the organization. That way, if there was a breach, you have the data to find out what happened.

 

 

 

 

 

 

 

 

 

 

Automated security protocols and proper staff training need to be put in place to ensure printer security. Setting up a security strategy is one thing, but ensuring that your employees follow it weeks, months, and years later is another entirely. We recommend that PaperCut be installed in all MFPs and scanners to help employees follow security protocols. 

Training your team to send documents securely, as well as keeping MFPs’ security features up-to-date, will help ensure that your information is transmitted safely and doesn’t end up in the wrong hands! 

Ch. 4: The Cost of a Data Breach

If you’re like most IT leaders, simply hearing the words “data breach” is enough to keep you up at night. It’s every CIO’s worst nightmare and something that happens to even the biggest and seemingly most secure companies.

The cost of a data breach probably isn’t something you want to think about, but it’s important to be aware of what could go wrong so you know what’s at stake. And more importantly, what you can do to prevent it.

Here’s a startling statistic: the average cost of a data breach in the United States is $8.19 million!

On top of that, there’s the headache of dealing with regulators, the PR nightmare, and the trust with your customers that can be very difficult--if not impossible--to recover. There’s also the potential that the attackers hold your data for ransom. Far too often, corporations spend a substantial amount of money to recover that data. 

Why You Need a Vulnerability Assessment

Performing vulnerability assessments is vital to ensuring your organization is protected from data breaches. Vulnerability assessments are essential for any organization, but too often printers on a network are overlooked. 

There are different levels of vulnerability assessments. A large assessment—such as a 400 point assessment—will come with a big price tag, but that cost can pale in comparison to the cost of a data breach. Some companies could opt for a smaller assessment—such as a 20 point assessment—and see if they pass that one. Regardless, if your company hasn’t performed any type of vulnerability assessment, it’s recommended that one be performed immediately. 

Keeping your hardware up to date and maintained is an ongoing process to secure your network in a continuously changing environment. With continued assessments (at least once a year), you’ll be able to be sure that your network is protected from data breaches.  

Across all Industries

Regulations fall under different guidelines in security standards, depending on which industry you’re in. Financial institutions, for example, have a different set of requirements they have to meet, compared to healthcare organizations. If you’re not sure what your industry’s regulations are, you can search Google or check with a governing body.

Without protection, the impact of a data breach could be a heavyweight on your corporation. Your company’s data—and your customer’s data—could be stolen. 

Having printing security in place, and continuously maintained, can help ensure that you won’t face the costly impact of a data breach. For more, read out blog post, Printer Security Tips to Avoid the Cost of a Data Breach.  

 

Security Checklist Graphic-01

 

Ch. 5: How to Secure Print at the Office

Something we hear quite often from IT leaders is that the challenge in building a secure printing environment isn’t the environment itself, but in making sure that all employees follow protocol. In the busy day-to-day hustle of an office, it can be tempting for people to take shortcuts. For people in customer service or accounting who don’t place the same emphasis on security that IT does, this can be a challenge many organizations struggle with.

 

 

 

 

 

 

 

 

 

 

There are two ways of thinking about printer security. The first is in the printing devices themselves, in the sense that you want to make sure that you’re using secure printers that are equipped to protect your network against modern security threats. 

The second piece of security is in making sure that you’ve taken precautions to protect those printers once they're on your network and deployed into your environment. These days, the majority of hacks are happening through what we call the Internet of Things (IoT). For example, hackers are getting into networks through smart devices like thermostats, cameras, and of course, printers.

Your IT team already has a lot on their plate, and security is obviously a big priority. However, the emphasis is usually placed on servers, firewalls, computers, etc., and printers often get forgotten. Hackers know this, and they’re always looking for the path of least resistance.

How Phishing Impacts Your Printers

Another recurring problem we see companies dealing with are phishing emails. Most companies have dealt with them and you've probably already done some employee training on dealing with those.

But what do phishing emails have to do with print? 

Let’s say for example a hacker sends out a phishing email to a company with 1,000 employees. They’ve designed the email to make it look like it’s coming to someone inside the company and it will have a generic, blanket statement like: “Happy Birthday” or “Congrats on Your New Role” or something like that. 

That email may not make sense for 90% of the people who get it, but for the other 10% that have an upcoming birthday or just recently got promoted, this may seem legitimate. And there's a link in that says, "Hey, we just wanted to say happy birthday. Here's a link for a $30 gift card to your favorite restaurant.” So all they have to do is click on that link to open it and it appears to be a gift card or a coupon. If they go to print it, what they've done is they've actually sent this link that’s embedded with malware to the printer. And now it’s on their network!

If you’re using modern printers and have a strong printer security strategy in place, this situation is very containable. However, many companies still use printers that are still 10-15 years old! 

Looking Forward

We’re starting to see a shift where companies are taking this more seriously and buckling down on printer security. It varies by company and industry, but the data breaches in the news are enough to make anyone leery. 

If you’re looking to optimize your secure printing strategy, check out our blog post, If You're Wondering How to Secure Print, Here's Where You Should Start.

 

Schedule a Discovery Call