IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Unsecure print services equals unsecure IT, expert says
Thu, 18th Aug 2016
FYI, this story is more than a year old

Information leaks from inside an organisation remains an inherent risk despite most businesses spending millions to ensure the security and privacy of sensitive information.

Adam O'Neill, managing director, Australia, Y Soft, says that while most businesses know that securing data in the enterprise is important, there are some risks businesses may not have considered.

“Every day organisations are at risk of a potential document security risk that they may not have even thought of – the multifunction printer,” O'Neill states.

“It prints, scans and copies an organisation's most sensitive information, and may be the place where all previous security efforts are rendered useless because confidential data is going undetected,” he explains.

“Ultimately unsecure print services equals unsecure IT,” says O'Neill.

“Unintentionally, employees in the office send documents to the printer but forget to pick them up. Or, the print job is picked up right away, but with a few pages from someone else's print job.”  O'Neill says the same attention to security that is afforded to other IT and tools is needed for document handling.

“By using a print management solution, organisations can enforce safe print governance policies, which can increase document security,” he says.

Three steps to increase document security

1. Secure access to multifunction and networked printers. 

As with any valuable company property, access to print, copy and scan services should be limited to authorised employees. Set up access through a card reader or entry of username/password, PIN or any combination depending on the level of security you require. When employees send a job to the printer from their workstation or a mobile device it won't print out until they get there, which means it is only collected by the rightful owner.

2. Ensure your print governance includes documenting a print, copy and scan audit trail.

An audit trail identifies who handled which documents and, in the case of scans, where they were sent. Print administrators can create reports from their print management system to identify individuals, groups or cost centres and the print services behaviours of each. In case a sensitive document is at the centre of a security breach, an audit trail will be crucial to track the source.

3. Control where scans are distributed. 

Pre-program scans to a particular secure file location or into approved third-party applications and disallow scans to unauthorised email addresses or personal folders.

“Using an enterprise print management and document capture solution provides a security layer to address human behaviour and habits, and the physical security of documents to ensure that sensitive information is protected,” O'Neill says.