PRINT SECURITY
12
PRINT.IT
01732 759725
Even behind
a firewall, an
MFP could
potentially
be a target
for cyber
criminals
looking to
compromise
corporate
or customer
data
The far-reaching financial, legal
and reputational implications of a
data loss mean that information
security is a business imperative.
Safeguarding the ever increasing
volumes of valuable corporate data
against unauthorised access has
become integral to maintaining
business operations and adhering
to increasingly rigorous data
privacy compliance requirements.
The cyber-attack surface area is
increasing for many organisations
as connected Internet of Things
(IoT) endpoints proliferate. This
threatens their resilience both
from a business continuity
perspective and from the potential
ramifications of a data breach,
which include financial loss, brand
and reputational damage and loss
of credibility in the market place.
Weak link
Printers and multifunctional printers
are not immune to the security threat
and are vulnerable to the same risks
as any other device on the network.
With advanced connectivity and the
capacity to collect, process and
store large volumes of data, the
MFP has long been a weak link in
the IT infrastructure – and one that
businesses can no longer afford to
ignore.
The continued high level
of print-related data breaches
demonstrates that businesses
need to do more to protect their
devices, network and data. After
all, an organisation’s information
security strategy is only as strong
as its weakest link. The expanding
IoT security threat landscape
means that the challenge of
print security is moving beyond
protecting the printed page.
Despite the move to digital
communications, many businesses
still rely on printing to support key
business processes. MFPs are
prevalent across companies of all
sizes and as such they are a critical
network endpoint that must also be
secured. Even behind a firewall, an
MFP is a potential target for cyber
criminals looking to compromise
corporate or customer data.
Manufacturers must embed
security into the architecture and
interfaces of their products, in order
to protect the lifecycle of devices,
from inception to retirement. This
means future-proofing devices
as they become more powerful,
store more data and increase in
functionality. MFPs should have the
ability to run automatic security
Quocirca’s latest report,
Print security: An imperative in the IoT era
, explores
the many points of vulnerability around print and highlights key solutions from
print manufacturers and independent software vendors (ISVs), including HP,
Konica Minolta, Lexmark, Ricoh, Xerox, Nuance, Ringdale, NT-Ware and Y Soft.
Here, Louella Fernandes, Associate Director for Print Services and Solutions
at Quocirca, discusses the risks of an unsecured print infrastructure and
recommends best practices for integrating print into an overall information
security strategy.
Print Security in the IoT Era
updates, validate new software and
lock features where appropriate.
Devices should have the
intelligence to identify a security
event and communicate such
events and remediate as
appropriate. This means that print
management functionality must be
integrated in broader IT security
management tools to provide
remote warning notifications for
errors or unusual activity.
In addition, businesses must
take a proactive approach to print
security, as left unsecured, these
smart, connected devices can
provide an open door to corporate
networks. This requires a full
security evaluation of the print
environment, to identify appropriate
technology (including hardware
and software security), as well as
end-user education on responsible
and secure printing practices.
By taking steps to analyse the
potential vulnerabilities of print
environments, businesses can
mitigate risks without compromising
productivity.
Driver for MPS adoption
After cost, security is the second
most important reason to adopt
a managed print service, cited by
81% of respondents in Quocirca’s
recent MPS survey, with many
taking up security assessments
as part of the MPS process.
Amongst organisations using
MPS, the majority have either
started or already completed a
security assessment of their print
infrastructure. This is most prevalent
in the professional services sector
where over half of organisations
have completed a security
assessment compared to just 20%
of public sector respondents.
Currently, security assessments
are usually offered as an optional
extension to traditional document
assessments. However, Quocirca
believes that these should become
a standard part of the assessment
process and MPS providers should
develop KPI security metrics to
ensure the effectiveness of security
controls.
of large enterprises admitted suffering at least
one data breach through insecure printing
of respondents indicated an insecure print
infrastructure is a major concern
of the professional services sector reported
the highest level of concern
(source: Print security: An imperative in the IoT, Quocirca 2017)
Insecure print
61%
72%
88%
Continued...
Louella
Fernandes,
Associate Director
for Print Services
and Solutions,
Quocirca
