Technological advancements have turned data and information into a valuable commodity. Unfortunately, the first people to realize this wasn’t the analysts working on Wall Street. They were the hackers and bad actors who exploited networks and held the information hostage for ransom payments from companies. Although academics published scholarly articles on the subject since the 1990s, the reality is now more than ever before businesses rely on information security to protect them in a globally connected economy.
Cybercrime no longer relies on phishing attempts or malware injection. The modern trend is to deploy ransomware into a network, find business-critical data, and exploit the company’s reliance on it for profit. The phenomenon is driving up information security costs for companies, and the criminals regularly target even small businesses. As the software required to carry out these cyberattacks is polymorphic and freely available online, the amount of attacks continues to rise year on year.
Securing Company Information at Every Network Node
Networks drive the modern efficiencies that businesses have come to expect from their operations. With email and instant messaging constantly entering the company’s network, ensuring the communications are pre-screened requires advanced firewalls and real-time quarantine systems. The one node where few companies have until now not been proactive in improving security are the networked printers and copiers distributed around the office.
A modern Multifunction Printer (MFP) runs on sophisticated software, making them just as vulnerable as a computer. Something as simple as a USB or thumb-drive can deliver an exploit directly onto the printer’s firmware, and spread to every node on the network from there. As workstations consider network printers as trusted devices, it’s a short hop from the MFP to a compromised PC.
Modern Printer Security Solutions
To prevent information breaches originating from the printers, companies can employ advanced software solutions (even on older model devices) that ensure the entire fleet remains secure. For instance, HP provides a firmware vault that detects any unauthorized change to the device software. If there is any change to the device drivers, the software either reboots into a safe-mode or automatically reverts to the original firmware. This is by far the highest grade of printer security solutions available, but companies can take additional proactive steps to secure their MFPs.
Some secure printing practices include:
- Encrypting data whenever sending it to the printer or any other part of the network
- Establishing a Pull-to-Print Process where employees provide a PIN or swipe an access card to release print jobs
- Centralize the print administration tasks using a print server
By implementing these practices, businesses can secure every print job within a shared office environment. It’s also crucial to ensure that any elevated privileges on the device will require strong password authentication from admins, and not use the MFPs default settings.
Additional Advantages of Implementing Secure Printing Practices
Information security and confidentiality remain an essential requirement in every office. With employee health records or salary information requiring controlled disclosure, an unsecured printer presents a risk to any business. During the day-to-day activities, a simple uncollected print job can wreak havoc on operations and even lower morale, leading to reduced productivity.
There are also costs associated with non-compliance with the latest legislation. Acts such as HIPAA as well as the Sarbanes-Oxley regulations require companies to safely store and process all information relating to an employee’s health and the organization’s finances, respectively.
HIPAA Compliance Requirements
HIPAA (Health Insurance Portability and Accountability Act) provides provisions for the safeguarding and protection of all personal medical information. Companies need to report any breach of this information and need to demonstrate the established controls to comply. While HIPAA initially only applied to the Health Insurance industry, the Privacy Rule added in 2016 extends the liability to any Business Associates.
Sarbanes-Oxley (SOX) Compliance Requirements
Sarbanes-Oxley requires corporate organizations to secure financial information and protect data from alteration and destruction. Both CEOs and CFOs need to certify the accuracy of financial statements, and while the law applies mostly to public entities, some of the provisions do apply to small businesses.
Regardless of the above, data and information security is a primary concern for customers in today’s age. Any business that fails to take information security seriously risks massive reputational damage from its customers. Additionally, with the rise of ransomware attacks, the fallout could be a lot more costly than an abstract public perception of the company.
Protect your Print Fleet with Cartridge World’s Secure Printing Solutions
With more than fifteen years of experience in helping customers optimize and secure their printers, Cartridge World can provide expert guidance on how to protect your entire fleet. With new threats and exploits arriving almost every day, finding a solution partner that has the necessary expertise is essential for regulatory compliance and reducing the risk of a ransomware attack.
For more details on how to secure your entire networked print infrastructure, get in touch with one of Cartridge World’s consultants today.