Data security is not entirely about digital data. Documents can be dangerous too. The coming GDPR, now just over a year away, covers hard copy records as much as electronic ones. Dave Carthy, Ergo technical solutions manager and heavily involved in the group’s MPS contracts, is adamant that the entire print and scan environment today has become a serious security risk. “That is not to say that it is more dangerous than lots of other things, but it is all too frequently neglected or ignored as a potential threat.
“Think of it this way. A modern MFD is actually as powerful a device as a PC in many ways, with a full operating system and multiple applications. Plus it is always on the network, because that’s how it works. It usually has media input channels as well, USB or SD card ports, and can often take additional or replacement hard drives. That’s a set of open gates to the hacker, the criminal or the curious.”
There is some general awareness of security around documents, said Carthy, and that is where the adoption of pull printing and the use of PINs or other credentials has grown in recent years. “But that is protection from the unauthorised gaining sight of something they should not. It is also often impelled by concerns about uncollected waste print and costs as much as information security.
“We say all MFDs are network endpoints and potentially vulnerable devices and should be hardened and protected exactly like other devices, from PCs and servers to mobile devices. That’s why print security deserves a complete re-think in most organisations. We incorporate security into all of our MPS service contracts and conduct security audits as an annual element of the service. But not all providers do so and organisations which manage their own output devices are all too often oblivious to the dangers.”
“Precisely because MFDs are smart devices they can be digitally hardened against attack and matched with the network security. Intrusion detection or unauthorised access attempts can be prevented and tracked, the integrity of the firmware checked and all users and jobs logged as well as many other precautions. The print function is not an outlier: bring it into the security fold.”
More and more, we have been hearing about companies who are not yet fully compliant with GDPR. In the latest...Read now
Security architecture refers to a unified security design that addresses requirements and potential risks involved in a certain scenario or...Read now