Print.IT - issue 50

GDPR: Don’t Leave Your Print and Document Management to Chance Less than 30% of organisations have implemented strategies or solutions to secure their network printing environments in preparation for the General Data Protection Regulation (GDPR) deadline, 25th May. After this date, financial and reputational penalties for personal data breaches will increase dramatically. To mitigate these risks, organisations are urged to review and secure their output devices used for printing and scanning, through; intrusion detection, whitelisting, encryption and other tools. While many organisations already make use of Data Loss Prevention (DLP) for digital communications, few apply the same priority and supervision to printed documents. This is despite the fact printed documents often contain personal data and/or confidential information and consequently pose a high security risk. To prevent the loss of personal data within the print environment, organisations need more than just secure printing. They need a means of monitoring the content of print jobs and, where possible, automated policy controls to prevent unauthorised data being printed. 5 key considerations to consider for compliant network printing: n Provide access management for user authentication/authorization to print, copy, and send information electronically from printers and multifunctional products (MFPs) n Protect documents at rest and while in motion through network communications, by using industry-standard data encryption n Forensically inspect and protect content including personally identifiable information (PII) — for example, identify credit card and bank routing numbers, national identification and account numbers n Provide accurate activity tracking for ongoing audits such as data protection impact assessments (DPIAs) n Provide comprehensive reporting while leveraging data anonymization to maintain user privacy 71% of enterprises do not consider print as part of their GDPR strategy* *“Low Investment in Print Security and Increasing Compliance Challenges Leave European Companies at Risk, IDC #EMEA42819617, June 2017” Why FollowMe by Ringdale? n Print Data Privacy by Design, including integrated Government-grade encryption, Data Loss Prevention and compliance tools n Secures devices and manages document workflows across all printer and MFP brands n Compatible with all office and connected mobile platforms – no apps required n Trusted by banks, hospitals, government agencies and services industries globally n It's the original FollowMe solution – invented 21 years ago To ensure your network printing environment is ready for the GDPR, please call the Ringdale team on 01444 871349 1 IDC#EMEA43576218 MeetingDataPrivacyCompliance:Don't LeaveYour PrintandDocumentManagement toChance Technology advancements are transforming business and society, dramatically changing thewaywework.Companies receive and process exponentially growing volumes of data via a variety of differentmedia. This data is increasingly difficult to manage, putting sensitive information at risk of beingmisappropriated.As a result, data privacy legislation isnow beingupdated to consider these changingworking practices.Complyingwith this legislation is amajor challenge for companies. This IDCVendor Spotlight examines the challenges that companies face in ensuring their print and documentmanagement processes are compliantwith latest legislation. DataPrivacyRequirements New and existingdataprivacy legislationhas an impacton thewaydata ishandled across theglobe 1 .Many countrieshavenationalprivacyordata security laws— even legislationby subterritory—whichmay address specific issuesor industries. For example,health and financialdataprivacy is regulated independently in the United States. TheHealth InsurancePortability andAccountabilityAct (HIPAA) regulatesprotectedpatients'health information and theGramm-Leach-BlileyAct (GLBA)— also known as the Financial ServicesModernizationActof 1999— safeguards consumer financialprivacy.Both regulations require thedevelopmentof organizational securitypolicies andplans toprotectdatawithbreachesbeing subject topenalties and fines. The latestdataprivacy regulation at the centerof the EuropeanUnion's (EU) legislation is theGeneralDataProtectionRegulation (GDPR) and is relevant to any company that leverages EU citizens'data—not just EU-based companies and including theU.K. afterBrexit. It replaces theoutdated 1995 EUDataProtection Directive (95/46/EC) andhas a substantial impactondataprocessingoperations acrossorganizations including those related toprint andoutputmanagement. Inmanyways, the levelof complexity to achieveGDPR compliance is 10 timesmore complex thanprevious legislation.Companiesneed tounderstand theydonotown people'sdata and that thepublichas a right to knowhow theirdata isbeing handled andbe informed if it is lost, stolen,or faces anyother kindof risk. The public alsohas the right tobe forgotten. IDCVendor Spotlight Sponsoredby: Ringdale Author: JacquiHendriks March2018 ? IDC has prepared a full report on Print Data Privacy and Compliance. The report is available to download from followme.ringdale.com ADVERTORIAL 4 PRINT.IT 01732 759725