Data is the new currency, making it imperative that your company data be kept secure from hackers, viruses and even accidental disclosure. While there are local laws governing the Protection of Personal Information (POPI), and international legislation such as Sarbanes-Oxley around protecting investor information, it also makes good business sense to make sure the wrong person doesn't get access to the wrong information within your company.
Imagine the contents of someone's salary slip being revealed, or a client list being exposed to the competition. Assets such as image files, stored documents, system audits, and printer configuration data are all vulnerable to attack and must be safeguarded.
When it comes to the ubiquitous multifunctional office printer, there are five main areas that are vulnerable and therefore need to be considered when it comes to data security. These are the users, the data itself, the network, the documents (output) and the management of the device.
In order to have peace of mind around data security, you can implement various methods to safeguard your office device, such as having an encrypted hard drive, print on tap (when printing from mobile devices), PINs and passwords and even access cards or biometrics.
Components of the internal network that are vulnerable to hacking include the user's PC, the Web administrator's PC and servers. Most people don't know that malicious attacks on the internal network can be attempted through a networked multifunctional printer; for this reason the printer must be capable of withstanding such activities.
Any device that is placed on your company network must be evaluated with respect to security. You need to ask yourself the following questions around pretty much any networked device, including printers:
* How does the device protect itself from unauthorised access?
* Does the device expose the network to any form of vulnerability?
* What sort of information does the device process, and what are the security considerations related to that data?
* Can the data that is going through the device be encrypted?
Networked printers operate independently on the network and can be focal points for sensitive information. Securing them is sometimes comparable to securing other conventional networked devices, such as computers. The need for controlled network access and the need for secure remote management are largely the same for printers and workstations.
In other areas, the security considerations around printers are substantially different: they generally don't run conventional operating systems, they don't have network file shares that need to be secured, they probably don't need or support anti-virus software, certain secure ports cannot be opened and non-secure ports closed, etc.
Another primary security feature for any device is access control. You need to differentiate different types of user and the type of access they're given to the system. This can be done via authentication processes that include PIN login, for example. This can govern access to system and network configuration options, to information stored on the printer's hard drive, which should be encrypted and deleted when no longer needed, as well as who has access to the printed pages. The latter can be addressed by requiring a PIN code before printed data is released to the intended recipient when they're physically at the printer.
At the end of the day, printer security is a complex issue, it's about protecting the printers, the network and the data that is sent to - and stored on - the printers. It's advisable to ensure your multifunctional printers are equipped with an array of security features - including those mentioned in the above article - that allow you to secure your business's networked printer devices and their use.
Share