sb-nz logo
Story image

Unsecure print services equals unsecure IT, expert says

Information leaks from inside an organisation remains an inherent risk despite most businesses spending millions to ensure the security and privacy of sensitive information.

Adam O’Neill, managing director, Australia, Y Soft, says that while most businesses know that securing data in the enterprise is important, there are some risks businesses may not have considered.

“Every day organisations are at risk of a potential document security risk that they may not have even thought of – the multifunction printer,” O’Neill states.

“It prints, scans and copies an organisation’s most sensitive information, and may be the place where all previous security efforts are rendered useless because confidential data is going undetected,” he explains. 

“Ultimately unsecure print services equals unsecure IT,” says O’Neill.

“Unintentionally, employees in the office send documents to the printer but forget to pick them up. Or, the print job is picked up right away, but with a few pages from someone else’s print job.”  O’Neill says the same attention to security that is afforded to other IT and tools is needed for document handling.

“By using a print management solution, organisations can enforce safe print governance policies, which can increase document security,” he says. 

Three steps to increase document security 

1. Secure access to multifunction and networked printers. 

As with any valuable company property, access to print, copy and scan services should be limited to authorised employees. Set up access through a card reader or entry of username/password, PIN or any combination depending on the level of security you require. When employees send a job to the printer from their workstation or a mobile device it won’t print out until they get there, which means it is only collected by the rightful owner. 

2. Ensure your print governance includes documenting a print, copy and scan audit trail. 

An audit trail identifies who handled which documents and, in the case of scans, where they were sent. Print administrators can create reports from their print management system to identify individuals, groups or cost centres and the print services behaviours of each. In case a sensitive document is at the centre of a security breach, an audit trail will be crucial to track the source. 

3. Control where scans are distributed. 

Pre-program scans to a particular secure file location or into approved third-party applications and disallow scans to unauthorised email addresses or personal folders. 

“Using an enterprise print management and document capture solution provides a security layer to address human behaviour and habits, and the physical security of documents to ensure that sensitive information is protected,” O’Neill says. 

Story image
Lumen launches managed security services for APAC market
The new service is designed to provide enterprise businesses with a proactive, connected security strategy to enhance threat detection and protection across endpoints. More
Story image
The rising threat of human-controlled ransomware
Until recently, most ransomware attacks have been automated affairs. But things are changing, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
Video: 10 Minute IT Jams - SonicWall VP discusses the importance of endpoint security
In this video, Dmitriy discusses the exposure points and new risks that come as a result of widespread flexible working arrangements, how organisations should secure their massively distributed networks, and how SonicWall's Boundless Cybersecurity model can solve these issues.More
Story image
Why organisations should wise up to the DDoS extortion trend
While it is essential to have a DDoS mitigation solution in place, it’s also important to test that it works as expected, writes NCC Group director of technical security consulting for Asia Pacific Tim Dillon.More
Story image
DDoS attacks a wake up call for complacent businesses - Imperva
When distributed denial of service attacks created mayhem around the world in August, they left many organisations scrambling to protect themselves.More