Three essentials to cyber security: People, process, technology

Don't forget to secure your printer and document environment.

---

Did you know small and medium-sized businesses (SMEs) are under significant pressure to ensure IT systems are safe from the ever-evolving threats of cyber criminals? In fact, research from Barracuda Networks shows that “small businesses are three times more likely to be targeted by cyber criminals than larger companies”.

Staying ahead of such threats can be particularly daunting because SMEs tend to lack the resources of larger enterprises. As you work to safeguard IT infrastructure, one aspect of security that you should not overlook is securing your printer and document environment.

“Not securing your printer and document environment while securing all your other IT is like locking the door to your house and leaving the window open,” says Matt Raab, Xerox Director of Global Product Offerings for Workplace Solutions.

After all, critical information frequently passes through printers, Raab notes, whether it is printed out or scanned and sent to other recipients.

Yet Zia Masoom, Xerox Global Product Marketing Manager, Workplace Solutions, notes that many companies ignore this part of the infrastructure and just focus on securing servers, laptops and routers. Printers reside on the same network and have the same challenges as PCs or servers because they have the same type of technology built into them, he says.

That means the security of your print infrastructure should be a central part of your overall cyber security plan, Masoom advises. For more information, read Cyberattacks on Small Businesses Are Big Business.

For small businesses in particular, unsecure actions by employees are often the entry point for cyber attacks, which research shows often stem from e-mail.

From failing to promptly collect printed documents, to exposing confidential data, to opening your systems to malware, team member behaviour can put your data at risk. That’s where Xerox security solutions come in.

Xerox ConnectKey Technology secures your printer and data at every step, including:

• Capabilities that prevent unauthorised access, cyber attacks and malware.
• Firmware verification to ensure that printer software is protected from tampering.
• Safeguards against transmission of critical data to unauthorised parties and ensuring documents are not released to print until the right user is at the device.

In addition, Xerox Workflow Central helps secure data and remove inefficiencies from the workplace. This cloud-based platform streamlines document centric processes and includes tools to help enhance document security and prevent disclosure of critical information. Accessible from Xerox ConnectKey-enabled multi-function printers (and also via your desktop/laptop or PC), it accelerates data protection automatically from any location, including de-risking sensitive documents via a redaction tool, encryption and password protection.

Print and data security solutions should be a central part of your cyber security plan, which should begin with seven assessment components:

• Assign a risk level based on the kinds of data you have and the importance of each system that supports your business.
• Validate each security technology in your IT environment.
• Evaluate the effectiveness of your physical security.
• Include vulnerability scans and penetration testing.
• Test password effectiveness.
• Examine your firewalls and wireless technology.
• Review security policies, procedures and employee training.

You can then begin to set policies to maintain data and device safety, being sure to include your print environment.

Your print security plan should control who has access to your printers by using:

• User authentication.
• Strong password practices.
• Multi-factor authentication to access the most security critical data and documents.
• Role-based access control to define what features each team member can see.

Once your plan is established, be sure to educate your team members. Employees working from home can pose a distinct security risk if not following safety policies.

“To help educate employees, emphasise simple things – ensuring remote workers have a secure password on their device, always use the company VPN and only use company-approved communication and data sharing methods,” says Raab.

Finally, selecting the right vendor for print and data capabilities is key to protecting your IT environment. Ensure the vendor has a track record of top security features, security certifications from third-party evaluators and industry recognitions from accredited bodies.

Xerox is a leader in security design and compliance, as evidenced by being named a leader in Quocirca’s 2023 Print Security Market Landscape Report and our multiple security certifications and awards. These include the International Organization for Standardization (ISO) 27001 for meeting standards to secure information assets via information security management systems and the FedRAMP (Federal Risk and Authorisation Management Program) for security of cloud products and services.

Learn more about the security benefits of Xerox solutions and printers and watch the Xerox ‘Unlockables’ video to help build your cyber security plan.