Why slack print security is leaving you wide open for breaches
Thu 6 Sep 2018 | Arron Fu
Whatever the field of business, whether healthcare, finance, insurance, or public sector, protecting data and documents is critical to any organisation’s survival in the modern business world, and securing related print infrastructure should be no exception.
Particularly with the rise of cloud computing and subsequent mobility trends, printing has become even more complex and it has become even more difficult for users to uphold secure print practices.
Recent Quocirca Research has found that 70% of organisations have experienced one or more accidental data breaches through insecure printing activity – yet IT teams still view the management of print infrastructure as a burdensome responsibility.
The reasons behind this lack of enthusiasm can stem from the perception that printing is cumbersome and labour-intensive but the biggest turn-off is often that the problems are driven largely by end users and therefore somewhat out of the control of the IT teams trying to tackle the issue.
The typical end user has no reason to be inclined to take care over their print usage, neither do they have the responsibility to ensure print security – even when documents are tagged as sensitive or confidential.
However, while overlooked in many organisations, printing can be an extremely vulnerable gateway to breaches. The cases which lead to data leaks are typical to the everyday. These can include the likely situation where printing hardware is used without the user intending – for example, where auto standby and sleep modes can cause the user to print extra copies in frustration, meaning that confidential documents can pile up and be discarded in a public domain.
A further incident that happens all too frequently is when an authorised internal user prints a confidential document to a shared printer. By the time that authorised user arrives at the printer to collect the paperwork, it has been picked up by mistake by another user who ordered the previous print job.
Or, with a host of printers available on the network, users can send print jobs to a different printer before requesting again from a machine closer to their desk, causing multiple copies to lie unattended in the out tray in various locations.
Priority should be placed on departments where confidential documents are circulated
This is particularly dangerous when confidential papers get into the hands of disgruntled employees who can take advantage of unintentional print errors. Instances where print security breaches are intentional, are much harder to legislate for, but their consequences can often be widespread. Severe situations could include an unhappy employee using the documentation to progress their case against a company.
Although many firms do take extra precautions around printing from HR and Payroll/Finance departments, outside of these areas find it challenging to effectively secure printing for every member of the management team and their administrative support who also deal with confidential materials.
With a clearer understanding of the print security threats and how these can manifest, businesses should then look at how to plan for these scenarios, creating a secure print framework.
Firstly, firms need to consider what level of print security is necessary and consider how this can best be achieved. Not all print jobs necessitate the same level of protection. Priority should be placed on departments where confidential documents are circulated and are most vulnerable to breaches. Likely areas of misuse including personal printing should also be identified.
These two groups should be targeted and educated on the potential financial impact of breaches on a company. A useful tip here can be to empower users with facts and figures on cost containment.
Print as a whole costs the average business between 1 and 3% of total revenue
Secondly, it should be made clear that it is the IT department’s responsibility (and not the team named on the printer) to meet ongoing compliance requirements for confidential printing and to carefully document results and analyses, from cost-savings to regulatory proof points.
In legal cases, companies will need to provide information that proves they have adopted best practice in order to protect confidential information. An important facet of this consideration will be to understand how new technologies and user trends, including mobile devices and BYOD trends.
Archiving tools are important to consider in order to achieve compliance needs, allowing concrete and traceable references of the names of users who printed specific documents, the document names, the devices used to create and send print jobs, the print job release device details, as well as the timing and date of released print jobs.
Astonishingly, Gartner has estimated that print as a whole costs the average business between 1 and 3% of total revenue. In order to have greater confidence in cost justification, it is also useful to have a detailed knowledge of print overhead, i.e. knowing how much print usage is costing, per person, per department, and per location. Once this information is attained, it is even easier to then cross charge the actual costs of print to users and departments and justify debates about internal print charges.
Tips for cost-saving could include pull printing, which reduces paper volume by 20%, or duplexing which saves 30% by default.
Ultimately, a secure print service should not be a daunting project to undertake, well-managed it can be a relatively simple, automated process and hassle-free for all users and the IT teams overseeing it.
Learn more about securing your print solutions and book a FREE TRIAL with the UniPrint team today