We have been keeping a very close eye on the water levels of Lake Ontario, the highest water level recorded at any time of year since 1918 – 75.84 m. As I look across Wellers Bay (Carrying place area) at some of the camping parks flooded it makes me think about how vulnerable these parks are to flood. Fortunately, we listened to recommendations from a few civil engineers (friends and family) about grading and installing water barriers. Unfortunately, the owners at the other parks decided not to take these steps as it was too expensive and they didn’t think it would be a problem. I bet if I asked them today they wished they listened, but its too late now.
The park’s owner remind me of the companies that we deal with every day when it comes to security on their networks. These companies spend significant capital to protect digital assets from threats, yet frequently overlook the office Multi-Function Devices
If you create a list of the most vulnerable network points in your workplace, this list would include your multi-function printers (MFPs). MFPs now have advanced functions and features providing the workplace with a new level of productivity and convenience. Unfortunately, there is a price for this convenience a set of network vulnerabilities.
In a report, entitled Copier Data Security: A Guide for Businesses, it refers to digital copiers as computers. It’s a reasonable comparison, given that digital copiers and MFPs have more in common with computers than ever before. Employees use MFPs as document capture solutions – scanning documents and delivering them to their workstations or directly to their contacts via email. Automated alerts are forwarded to their IT letting them know the machines need service like when the toner is low or needs repair. Some MFPs can even upgrade their software patches via the network which indicates that MFPs have hard drives, embedded firmware, and network connections, just like a PC.
We recommend the following:
- Require user authentication and restrict access: it ensures everyone is accounted for and monitors their activity. No one stays anonymous.
- Centralize the auditing of network activity: In case an issue arises, you can quickly determine which device caused the problem and who the user was.
- Implement print release: When you send a document to print, the MFP settings can be set to release documents at the printer.
- Encrypt data to/from MFPs: Since MFPs have hard drives, information is cached so to protect this security issue, we recommend all memory used to cache data on the device should have a method to encrypt the data while on the hard drive be able to delete data at the end of machine’s life.
- Implement rules-based printing: This begins with your authorized user and you controlling what rights your employees have on the network with regards to printing.
- Securing print processes: Inside of your businesses’ print policy, you may consider the physical protection of the documents too.
Here are a few facts on the cost of a data breach, over one-third of companies experienced a huge 20% loss in revenue following a breach in 2016. Cisco’s 10th annual cybersecurity report found that 50% of breached companies faced public scrutiny after a breach. 22% of breached organizations in 2016 lost customers, with 40% of companies seeing 20% of their customer base abandon them in the wake of a security incident. Security needs to be a top priority for all companies and hopefully, you can see how a pro-active approach is worth the investment. Either you can invest now and feel reassured your data is secure.
Take the reactive approach and roll the dice that your company will not have a data breach. Once there is a data breach and there will be it’s just a matter of time, it will be too late. Your company will lose customers, not to mention the PR disaster, which will lead the loss of revenue. In the end, you will need to add security just to make sure it doesn’t happen again so why not be proactive and take the appropriate steps now. For more information and best practices, on how to protect your sensitive documents at the MFP, ask your ECS digital solution representative at firstname.lastname@example.org.