The focus of most businesses has traditionally been on how to reduce costs, and improve productivity and profitability. However, device and document security as well as the management of sensitive data, whether in print or digital form, is now firmly in the spotlight.
With the enforcement of the General Data Protection Regulations in 2018, the financial liabilities are becoming greater (for more information see the Kyocera Guide to GDPR). Therefore, the conversation is swinging towards the costs associated with security and it is a concern that affects companies both large and small.
According to data collected by the European Data Protection Board, in the first year of GDPR over 89,000 data breaches were logged by the EEA Supervisory Authorities. Research by Quocirca in 2019 revealed that organisations see printing as one of their top security risks, since data breaches of this type are frequent and costly. In fact, 11% of all security incidents are print related, and 59% of these lead to data losses that cost an average of €363,000 each year to deal with.
It is therefore imperative to secure your printers and MFPs if they are connected to your network, otherwise they could provide an entry point to hackers looking to steal your data. In most attacks, the hacker takes advantage of vulnerabilities that could easily be remedied. These vulnerabilities are the result of inadequate security strategies in workplaces where unclaimed print jobs, unencrypted data and zero access controls are accepted as standard practice. Fortunately, addressing these issues is easier than you might think.
The introduction of secure print management software is one of the first steps to address these top drivers, and can be enabled without requiring significant investment or complex organisational changes. Such software also can provide additional functionality not available as part of the basic applications that come default with the printer or MFP, and offer enhanced ease of use when integrated with scanning and capturing software. Furthermore, with document management solutions, more complex workflow automation and archiving can be supported.
So why is the availability of such solutions still scarce? Despite the assumption that print management software is highly widespread, many businesses still underestimate the need for it. In addition, not all solutions deliver the right balance of productivity and security in all kinds of operating environments. If you are working in an organisation with multiple sites, and not all of them equipped with a server, there remains the requirement to keep print jobs within any branch location in the event the server experiences downtime. Not all solutions will cater for your operating needs or ensure against the possibility of a data breach in the abovementioned scenarios.
While software developed by vendor agnostic software companies may seem attractive due to their independence from hardware production, those that are developed and closely integrated with the device can offer advantages in terms of added performance and functionality.
No matter how far you want to go in securing users’ privacy, a few essential security measures should be taken in all print environments. The basic condition for securing a document is to control access to its printed form. Especially with print cost savings and the replacement of small office devices with central high-performance corridor printing machines, controlling access to printed documents has become all the more critical.
The implementation of a solution such as KYOCERA Net Manager that is based on releasing print jobs only after the printing user reaches the corridor machine and authorises release via an ID card, a PIN or a username and password or a combination of two methods provides enhanced security. This means that the print job is released under full control of the authorised person.
While it is essential for releasing print jobs, user authorisation at the printing device brings benefits also to copying and scanning. Another very important security feature is the automatic log out. No matter how secure the system is, there will always be an element of human error. Even when users know they need to log out of the device after they finish their work, they might accidentally leave their session open. For such cases, the administrator can enable the automatic logout after a set period of time.
To increase device security, it is also possible to enable two level authentication and require the use of either an ID card and PIN, or an ID card and password.
For companies focused on ensuring the highest level of personal data protection, solutions are available that when switched to a special mode, no personal data is displayed that would compromise the company’s data protection policies. In this “Privacy mode”, logged users can see only names of their own jobs and names of all other jobs are not identifiable.
In today’s highly globally distributed economy and mobile workforce, it is important to consider the optimal infrastructure for your whole organisation. With most print management solutions, you can design a Master-Site Server configuration, where the Master server enables license management, user management, and reporting server, while the onsite server acts as the Production server.
Although it is a very effective configuration when you want to distribute the load between multiple servers (each server is located in one branch), this configuration requires the placement of many servers, sometimes hundreds, across all branches. This would be a huge challenge, especially where is no local IT administrator to manage the deployed server.
While much of the administrator’s actions depend on the company’s security policy, the general responsibility is to secure the print server, data and communication against external and internal threats.
Organisations will therefore seek a solution that is highly customisable with security levels that can be adjusted according to their business needs. Such a system will enable businesses the ability to activate the right level of privacy, depending on the requirements, using a modular approach.
The business case for ensuring that printers are part of an overall information security strategy is clear. Implementing a secure print management system is just one of several essential measures to help organisations accurately and actively comply with GDPR, but there are also some basic as well as additional, value-adding solutions that can be readily implemented, as recommended by Quocirca:
Kyocera's server-based application, with the embedded Print&Follow™ function is designed to protect confidential data, manage the overall document output and related printing costs.