Posted on November 19, 2020
As we roll into 2021, we continue to face a risky cybersecurity landscape. Security firm Risk Based Security reported that four times more records had been exposed in data breaches in the first half of 2020 than in any prior time period. And by April the FBI was reporting between 3,000 and 4,000 cybersecurity complaints per day – four times more than the agency received prior to COVID-19.
While there is an assumption that most cyber breaches are due to hackers and criminals, the root causes of 46% of U.S. data breaches are system glitches and human error – areas that can be managed. Printers and MFPs present significant vulnerabilities in the battle against data breaches and cyberattacks. A 2019 study by Quocirca found that 59% of companies experienced a printer-related data loss in the previous year. Data breaches and cyber-attacks can be costly and, in many instances, preventable. Here are 10 tips any size organization can follow to secure office print technology for 2021.
- Create a data security policy identifying what data is sensitive, the methods and processes in place to secure that information, and how you will keep the security policy current. This is vital not only to protect private data but to comply with regulations such as HIPAA and GDPR.
- Train employees on security policies, processes, and the use of security features on devices. Most breaches occur when an unwitting employee does something like leave unattended prints in an exit tray, open a file from a suspicious or unfamiliar email, or download customer information to a USB drive and inadvertently leave it somewhere.
- Use secure printing, copying, scanning, and faxing from printers or MFPs by enforcing user authentication at the device. Manage permissions on who has access to each device and, if possible, what functions they can use.
- Encrypt print data and all data that remains on the print device’s hard disk drive (HDD).
- Physically shred files that are at the end of their life and no longer needed. Digitally overwrite and shred document data that may be left on the HDD of a printer or MFP – ideally, after the data is printed or via scheduled automatic shredding, but at minimum when the printer or MFP has reached its end of life and is retired.
- Update and patch firmware and software on printers and MFPs as soon as those updates and patches become available. If possible, monitor and automate those tasks.
- Make sure a firewall is present, all network devices are behind that firewall, and anti-virus/anti-malware software is activated in the device.
- Use printers that verify their boot code, operating system, and applications on startup. If they are compromised, the device should issue a warning and not start up.
- Use a printer or MFP that integrates into a SIEM system to manage and stay on top of IT security threat alerts and remediation.
- Have a response plan if a breach does occur. How will you contact those affected, how will you recover the data, and how will you regain customer and employee trust?
McKinsey & Company reports, “With every new device, user, and business that connects to the internet … the threat of cyberattacks increases.” We have the experience and expertise to assist your organization create the best office technology security plan. Contact us for a complimentary assessment and consultation on how to protect your documents, users and devices.